v2.9.0-rc2

Bug fixes

• OpenSSL dependency was removed on MS Windows builds. ModSecurity is now using
  Curl with WinSSL.
  [Gregg Smith, Steffen and ModSecurity team]
• ModSecurity now informs about external resources loaded/failed while reloading Apache.
  [ModSecurity team]
• Adds missing 'ModSecurity:' prefix in some warnings messages.
  [Walter Hop and ModSecurity team]
• External resources download is now more verbose. Holding the message
  to be displayed when Apache is ready to write on the error_log.
  [ModSecurity team]
• Remote resources loading process is now failing in case of HTTP error.
  [Walter Hop and ModSecurity team]
• Fixed start up crash on Apache with mod_ssl configured. Crash was happening
  during the download of remote resources.
  [Christian Folini, Walter Hop and ModSecurity team]
• Curl is not a mandatory dependency to ModSecurity core anymore.
  [Rainer Jung and ModSecurity team]

Archives also available at:

• Apache/Nginx:
  • https://www.modsecurity.org/tarball/2.9.0-rc2/modsecurity-2.9.0-RC2.tar.gz
  • https://www.modsecurity.org/tarball/2.9.0-rc2/modsecurity-2.9.0-RC2.tar.gz.sha256
• IIS
  • https://www.modsecurity.org/tarball/2.9.0-rc2/ModSecurityIIS_2.9.0-RC2-32b.msi
  • https://www.modsecurity.org/tarball/2.9.0-rc2/ModSecurityIIS_2.9.0-RC2-32b.msi.sha256
  • https://www.modsecurity.org/tarball/2.9.0-rc2/ModSecurityIIS_2.9.0-RC2-64b.msi
  • https://www.modsecurity.org/tarball/2.9.0-rc2/ModSecurityIIS_2.9.0-RC2-64b.msi.sha256