Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

internal/appsec: update the recommended security rules to v1.2.3 #1092

Merged
merged 2 commits into from
Dec 16, 2021

Conversation

Julio-Guerra
Copy link
Contributor

Update to security rules to the latest version which inclues the monitoring
of the log4j CVE.

image

Verified

This commit was signed with the committer’s verified signature.
Julio-Guerra Julio Guerra
Update to security rules to the latest version which inclues the monitoring
of the log4j CVE.
@Julio-Guerra Julio-Guerra added this to the 1.35.0 milestone Dec 15, 2021
@Julio-Guerra Julio-Guerra requested a review from Hellzy December 15, 2021 10:52
Copy link
Contributor

@Hellzy Hellzy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM (test-core/test-core-appsec broken ATM, unrelated)

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
@Julio-Guerra Julio-Guerra merged commit 06ac179 into v1 Dec 16, 2021
@Julio-Guerra Julio-Guerra deleted the julio.guerra/appsec-rules-v1.2.3 branch December 16, 2021 10:34
Julio-Guerra added a commit that referenced this pull request Jan 13, 2022

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
…status codes (#1096)

Monitor the http response status code by passing the status code to httpsec, wire
this new address into the WAF - by still calling the WAF only once -, and update
libddwaf to >= v1.0.16 which fixes a bug we found.
Note that the security rule introducing the new HTTP response status code rules
was updated in #1092

Co-authored-by: François Mazeau <francois@datadog.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants