Varnish WAF

ChangeLog

Version 6.0.12r6 (2024-01-31)

Update the vendored ModSecurity library to address vulnerability CVE-2024-1019.

Version 6.0.9r7 (2022-05-20)

Add function to skip rules by id or tag.

Version 6.0.8r4 (2021-08-26)

Update the OWASP CRS install helper script to install a newer version of OWASP CRS by default (CVE-2021-35368). This script is for convenience. The user is responsible for managing the rule set.

Version 6.0.8r2 (2021-06-02)

Fix a crash caused by calling .check_req() with a NULL string.

Version 6.0.6r1 (2019-02-19)

Patch cookie handling in ModSecurity (CVE-2019-19886).

Version 6.0.5r1 (2019-10-21)

Initial Release.

Manuals
Varnish Enterprise
Varnish Cloud
Varnish Controller
Varnish High Availability
Varnish Custom Statistics
Varnish WAF
Varnish Broadcaster
Varnish Helm Chart

News
Varnish Enterprise 6.0.12r8
Varnish Helm Chart 1.3.0
A note on how Varnish handles an HTTP/2 CONTINUATION flood
Varnish Enterprise 6.0.12r7
Varnish Controller 6.0.2
News archive