Closed
Description
This is the Agenda for the Monthly CRS Chat.
The chat is going to happen on https://owasp.slack.com in the channel #coreruleset on the first Monday of the month (usually), at 20:30 CET (CEST during summer in the Northern Hemisphere). Please note that we have a CRS calendar (maintained by @fzipi).
Archived previous meetings and their decision are here.
What happened in the meantime since the chat last month
Outside development
- There is a bug affecting ModSecurity-nginx latest, so do not use it in production.
- We contacted our friendly cloud provider again, and looks like they will run a test for one of our new rules. 🎉
Inside development
Rules
- No news here.
CRS Sandbox
- Some small downtime observed in the CRS sandbox, need to double check.
Security
- We still have some pending issues to triage.
Plugins
- No news here.
Documentation and Public Relations
- First community call set up, blog post is out
Project Administration and Sponsor relationships
- We asked OWASP HQ about a balance for 2025. Still in the works.
Tools
- New version of
crs-toolchain, updated coreruleset workflows to use the new version
Containers
- New version fixes broken nginx/nginx-alpine images by using the ModSecurity-nginx release version instead of git latest.
Project discussions and decisions
- 922130 Rule blocks multipart requests in JSF application #3989
- There's a long open PR for improving generic plugin testing setup: feat(ci): add lint and integration/regression test wordpress-rule-exclusions-plugin#6
Rules development, key project numbers
PRs that have been merged since the last meeting
- chore: post-release v4.12.0-dev #3987
- chore: release 4.11.0 #3986
- fix: issue 3809 #3983
- chore: update crs-toolchain #3976
- fix: remove sql function names to resolve false positives (942151 PL1) #3973
- chore: remove unused negative lookahead script #3984
- fix: make 932300 actually case-insensitive #3977
We merged 7 PRs since the last monthly project chat.
Open PRs
Open PRs marked DRAFT or work in progress or needs action
- feat: added rule to detect Bash Brace Expansion #3780
- chore: find rules without test #3881
- fix(security): resolve SQL injection protection bypass (942380 PL2) #3720
- chore: add quant as comment #3925
- feat: Add product name tags #3960
- fix(933150): moving printf to 933160 for additional php syntax check (933150 PL-1, 933160 PL-1) #3840
- fix(932130): use lazy regex #3730
- feat: added detection for quote evasion #3813
- fix: prevent invalid commands matches on 5 characters or less (932220 PL-2, 932230 PL-1, 932232 PL-3, 932235 PL-1, 932236 PL-2, 932237 PL-3, 932238 PL-3, 932239 PL-2, 932250 PL-1, 932260 PL-1) #3735
- fix: 932270 FP #3917
- feat: accidental firewall disability prevention #3650
How to get to our slack and join the meeting?
If you are not yet on the OWASP Slack, here is your invite: https://owasp.org/slack/invite .
Everybody is welcome to join our community chat.