SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for ossec-hids-server-2.8.3-2.1.x86_64.rpm :
Mon Aug 1 14:00:00 2016 borisAATTsteki.net
- update to 2.8.3
+ \"This should fix eventchannel and hybrid.\"
+ update to 2.8.2

* Fix for CVE-2015-3222 which allows for root escalation via syscheck

Tue Nov 25 13:00:00 2014 darinAATTdarins.net
- update to 2.8.1

* NOTE: In terms of features this release is the same as OSSEC 2.8,
*EXCEPT
*
it includes a fix for CVE-2014-5284 vulnerability discovered by Jeff
Petersen of Roka Security LLC.
Go to https://github.com/ossec/ossec-hids/releases/tag/2.8.1 for more
information regarding this issue.

* Installation
+ Server
- Avoided a crash of agentd on Solaris (danpop60)
+ Agent
- Fixed manage_agents -f potential infinite loop (awiddersheim)
- Added manage_agents -r to remove an agent (awiddersheim)
- Allow NIX agents to use \"-f\" option and run in forground (awiddersheim)
- Windows agent install/uninstall GUI enhancements (awiddersheim)
- Windows agent_config profile fixed (gaelmuller)
- Added eventchannel support for Windows agent on Vista or later (gaelmuller)
- Many Windows agent bug fixes (awiddersheim)

* Syscheck
+ Extended filesize from an integer to a long integer
+ Make syscheck/analysisd/remoted.debug in internal_options.conf work (awiddersheim)

* ActiveResponse
+ Fix active-response on MAC OS Firewall (jknockaert)

* Log monitoring/analysis
+ Add option to allow the outputing of all alerts to a zeromq PUB socket
in JSON format, using cJSON library (jrossi, justintime32). New Config:


yes|no
tcp://localhost:11111
+ Add TimeGenerated to the output of Windows Event logs (awiddersheim)
+ os_net fixes, and code clean up in general (cgzones)
+ os_regex unit test cases added (cgzones)
+ os_xml review and fixes (cgzones)

* Rules and Decoders
+ Added some additional sshd rules in sshd_rules.xml (joshgarnett)
+ Removed bro-ids rules (ddpbsd)
+ Removed event ID 676, 672 in msauth_rules.xml (mstarks01)

* Contributions
+ zeromq_pubsub.py (jrossi)
+ ossec-eps.sh, a script to calculate events-per-second (mstarks01)
- update ossec-zlib.patch
- fix how {mysql,pg}.ossec-dbd are handled during build
- removed ossec-remoted.patch, fixed upstream
- removed old .spec and .changes

Wed Jan 29 13:00:00 2014 darin.perusichAATTctg.com
- Updated packaging to use /var/lib/ossec as the basedir
- add sysconfig.ossec-hids, replacing /etc/ossec-init.conf,
patched init/systemd scripts accordingly

Wed Jan 15 13:00:00 2014 darin.perusichAATTctg.com
- add %pre for systemd in client and server packages
- moved rids to %files server as it requires the ossecr user
- fixed ossec-hids.service, can\'t use env variables

Tue Jan 14 13:00:00 2014 darin.perusichAATTctg.com
- add support for systemd
- much rpmlint cleanup

Mon Jan 13 13:00:00 2014 darin.perusichAATTctg.com
- Fix %post and %postun to use macro\'s and not call chkconfig, etc
directly
- Add su to logrotate
- Add logrotate depend
- moved update-alt to %post server
- fix license

Wed Dec 4 13:00:00 2013 darin.perusichAATTctg.com
- install proper zlib-devel package for sles

Mon Dec 2 13:00:00 2013 darinAATTdarins.net
- patch for remoted segfault
- set correct ownership of rids directory
- bring back zlib patch

Tue Nov 26 13:00:00 2013 darinAATTdarins.net
- remove the zlib patch, ossec-remoted needs it

Mon Nov 25 13:00:00 2013 darinAATTdarins.net
- update to 2.7.1
- significant reworking of .spec
- add packaging for server-mysql and server-postgresql, using
update-alternatives to switch between them

Tue Oct 15 14:00:00 2013 ericAATTnixwizard.net
- Updated to OSSEC 2.7 release

Tue Jun 12 14:00:00 2012 ericAATTnixwizard.net
- First OSSEC build hosted on the OpenSUSE build service

Tue Jul 19 14:00:00 2011 frizAATTgodshell.com
- Update to official 2.6.0 release

Thu Jul 7 14:00:00 2011 frizAATTgodshell.com
- Added cmoraes patch
- - Adds config options for enabling/disabling rootkit/syscheck options
- - Add support for agent config profiles

Tue Jul 5 14:00:00 2011 frizAATTgodshell.com
- Update to latest 2.6.0 from Mercurial

Tue Jun 7 14:00:00 2011 frizAATTgodshell.com
- Update to 2.6.0 Beta 1
- - Added IPv6 support
- - Lots of new rules (OpenBSD, Clamav, BRO-ids, active response logs, etc, etc)
- - Added os-authd – Automatically creating and setting up the agent keys
- - Added CEF support to client syslog
- - Improved reporting for file changes
- - Added option to Block repeated offenders with OSSEC

Mon Feb 21 13:00:00 2011 frizAATTgodshell.com
- Rebuild because I\'m an idiot

Wed Oct 13 14:00:00 2010 frizAATTgodshell.com
- Update to 2.5.1 Release
- - Bugfixes

Mon Oct 11 14:00:00 2010 frizAATTgodshell.com
- Inadvertantly removed manage_client. This restores that.

Tue Sep 28 14:00:00 2010 frizAATTgodshell.com
- Update to 2.5 Release
- 1. Added support for “report_changes” on syscheck to show what was
- changed in the file modification alert.
- 2. Added support for cdb lists inside the rules.
- 3. Added support for drop-in rules and decoders directory.
- 4. Added a Rule unit testing framework (in python) and inside logtest
- 5. Added support for a generic multi-line log reader.
- 6. Added granular Windows rules.
- 7. Added option to restrict integrity checking to a set of files.
- 8. Added alias option to the command monitoring.
- 9. Added silent switch for windows installer.
- 10. Added variable expansion in command output monitoring.
- 11. Fixed several windows installer bugs.

Fri Sep 10 14:00:00 2010 frizAATTgodshell.com
- Update to 2.5 beta (100907)

Wed Aug 18 14:00:00 2010 frizAATTgodshell.com
- re-establish client-specific logcollector and syscheckd

Thu Apr 29 14:00:00 2010 scottAATTatomicorp.com
- Updated init and ossec-server scripts to support the new reload feature.

Tue Apr 20 14:00:00 2010 scottAATTatomicrocketturtle.com
- Update to 2.4.1

Fri Apr 9 14:00:00 2010 scottAATTatomicrocketturtle.com
- Added zabbix reporting active response

Thu Apr 1 14:00:00 2010 scottAATTatomicrocketturtle.com
- Update to 2.4 final
- Lowered courier rule 3910 (failures) from 6 over 240 to 10 over 10
- Lowered courier rule 3911 (success) from 10 over 60 to 30 over 20

Tue Mar 23 13:00:00 2010 scottAATTatomicrocketturtle.com
- Rebuilt for atomic repo

Mon Mar 22 13:00:00 2010 scottAATTatomicrocketturtle.com
- Update to CVS 100317

Thu Mar 11 13:00:00 2010 scottAATTatomicrocketturtle.com
- Update to CVS 100311
- Add decoder for denyhosts
- Update asl_rules.xml to include denyhosts rules

Tue Mar 9 13:00:00 2010 scottAATTatomicrocketturtle.com
- Update to CVS 100309

Fri Mar 5 13:00:00 2010 scottAATTatomicrocketturtle.com
- Added new decoder for smtp_auth
- Added rules to detect smtp_auth brute force attempts
- Added rules to detect imap/pop brute force attempts

Mon Dec 7 13:00:00 2009 scottAATTatomicrocketturtle.com
- Updated ossec-server.conf to be in parity with the ASL config
- Added templates dir for generating configs


  
ICM