baidu/openrasp v0.31
Version 0.31

on GitHub

latest releases: v1.3.7, v1.3.6, v1.3.5...

6 years ago

Breaking changes

Java agent

Java package renamed to com.baidu.rasp
- User must manually remove rasp/conf/rasp-log4j.xml prior to software upgrade
Resolve ISSUE #96 - Can't find bundle for base name org.mozilla.javascript.resources.Messages
Replaced ASM with JavaAssist

Rasp Installer

Add support of software uninstallation
Command line arguments changed to the following
- java -jar RaspInstall.jar -install /home/tomcat
- java -jar RaspInstall.jar -uninstall /home/tomcat

Algorithm changes

SQLi algorithm

Detection of constant comparsion is now off by default

Command execution detection algorithm

Detect unusual command execution on Non-HTTP requests
e.g CVE-2018-1270

New features

On startup, Java agent will print an ASCII art
Add SQLi hook for JDBC prepared statement, resolves ISSUE #8
Add support of Resin 3.X & 4.X servers
Optimized jnotify to support exception handling

Bug fixes

PHP
- Fixed a potential memory leak on log module

Check out latest releases or
releases around baidu/openrasp v0.31

Don't miss a new openrasp release

NewReleases is sending notifications on new releases.

Get notifications