SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for sshguard-2.3.1-lp150.39.1.x86_64.rpm :

* Wed Feb 06 2019 joop.boonenAATTopensuse.org- Removed not needed files and service files as sshguard can now parse journal files- /etc/sysconfig/sshguard is not used any more as sshguard uses it\'s own config file
* Mon Feb 04 2019 Jan Engelhardt - Use noun phrase in summary.- Join %service_
* to reduce generated boilerplate.
* Thu Jan 24 2019 liedkeAATTrz.uni-mannheim.de- Build version 2.3.1
* Fix OpenSSH \"Did not receive identification string\"
* Fix syslog banner detection on macOS- Build version 2.3.0
* Add signatures for Courier IMAP/POP and OpenVPN
* Add signatures for TLS failures against Cyrus IMAP
* Match more attacks against SSHD, Cockpit, and Dovecot
* Update SSH invalid user signature for macOS
* Add to and remove from ipfw table quietly
* Reduce \"Connection closed... [preauth]\" score to 2
* Switch ipsets to hash:net
* Don\'t recreate existing ipsets
* Match more log banners (Fix greedy SYSLOG_BANNER)- Build version 2.2.0
* Add \'--disable-maintainer-mode\' in configure for package maintainers
* BusyBox log banner detection
* Match Exim \"auth mechanism not supported\"
* Match Exim \"auth when not advertised\"
* Match Postfix greylist early retry
* OpenSMTPD monitoring support
* Recognize IPv6 addresses with interface name
* Ignore CR in addition to LF
* Only log attacks if not already blocked or whitelisted
* Use correct signal names in driver shell script- Build version 2.1.0
* Add nftables backend
* Add monitoring support for new service: Cockpit, Linux server dashboard
* Match \"maximum authentication attempts\" for SSH
* Match Debian-style \"Failed password for invalid user\" for SSH
* Add monitoring support for new service: Common webserver probes, in Common Log Format
* Match \'Disconnecting invalid user\' for SSH
* Add monitoring support for new service: WordPress, in Common Log Format
* Add monitoring support for new service: SSHGuard
* Firewall backends now support blocking subnets.
* Add new IPV6_SUBNET and IPV4_SUBNET configuration options. Defaults to traditional single-address blocking.
* Add monitoring support for new service: OpenSMTPD
* Log whitelist matches with higher priority
* Match port number in \"invalid user\" attack
* FirewallD backend reloads firewall configuration less often.- Build version 2.0.0
* Add firewalld backend
* Add ipset backend
* Annotate logs using -a flag to sshg-parser
* Match \"no matching cipher\" for SSH
* Preliminary support for Capsicum and pledge()
* Resurrect ipfilter backend
* Support reading from os_log on macOS 10.12 and systemd journal
* Add warning when reading from standard input
* Build and install all backends by default
* Improve log messages and tweak logging priorities
* Runtime flags now configurable in the configuration file
* SSHGuard requires a configuration file to start
* Remove process validation (-f option)
* Fix ipfw backend on FreeBSD 11
* Fix initial block time
* Update Dovecot pattern for macOS
* Use standard score for Sendmail auth attack
* Thu Nov 08 2018 joop.boonenAATTopensuse.org- Corrected the service scripts, start after network.target
* Thu Nov 23 2017 rbrownAATTsuse.com- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
* Wed Mar 01 2017 joop.boonenAATTopensuse.org- Add a systemd journal tail so sshguard can parse this file
* Thu Dec 29 2016 joop.boonenAATTopensuse.org- Build version 1.7.1 - Add sample Mac OS X 10.12 style launchd.plist - Allow multiple forward slashes in process name - Log released addresses only when debugging - Process validation (``-f`` option) is deprecated - Adjust TIMESTAMP_ISO8601 for Mac OS X 10.12 - Fix build error in hosts backend - Fix empty functions in firewall scripts causing errors with Bash - Flush stdout after every line in sshg-parser - Add
*sshg-logtail
* - Add
*sshg-parser
* - Control firewall using
*sshg-fw
* - Match \"no matching key exchange method\" for SSH - Hosts backend is deprecated - Logsuck (``-l`` option) is deprecated, use
*sshg-logtail
* instead - Process validation (``-f`` option) is deprecated - Remove external hooks (``-e`` option) - Remove support for genfilt and ipfilter backends - Accept socklog messages without a timestamp - Fix excessive logging causing endless looping in logsuck - Fix undefined assignment of initial inode number - Match Postfix pre-authentication disconnects - Fix bashisms in iptables backend - Fix size argument in inet_ntop() call - Remove excessive logging when polling from files - Keep looking for unreadable files while polling - Update Dovecot signature for POP3 - Match \"Connection reset\" message for SSH - Resurrect PID file option by popular demand - Adjust default abuse threshold
* Fri Feb 19 2016 joop.boonenAATTopensuse.org- Added a corrected attack treshold value (40 default)
* Thu Feb 18 2016 eshmarnevAATTsuse.com- Build version 1.6.3 - Disable blacklisting by default - Implement logging as wrappers around syslog(2) - Improve log and error messages - Match sendmail authentication failures - Remove PID file option - Remove SIGTSTP and SIGCONT handler - Remove reverse mapping attack signature - Remove safe_fgets() and exit on interrupt - Terminate state entries for hosts blocked with pf - Update and shorten command-line usage - Use \'configure\' to set feature-test macros- Updated patch file for new version of sshguard
* Mon Jan 11 2016 joop.boonenAATTopensuse.org- Added ip6tables support handles via init and service files
* Fri Oct 16 2015 joop.boonenAATTopensuse.org- Corrected a iptables error, that prevented sshguard from functioning correctly
* Thu Oct 15 2015 joop.boonenAATTopensuse.org- Moved blacklist.db to /var/lib/sshguard/db/blacklist.db analog most SUSE packages
* Thu Oct 15 2015 joop.boonenAATTopensuse.org- Corrected the blacklist as it\'s auto generated- Improved sysconfig
* Wed Oct 14 2015 joop.boonenAATTopensuse.org- Build version 1.6.2 + Make \'-w\' option backwards-compatible for iptables (James Harris) + Remove support for ip6fw and \'ipfw-range\' option + Rewrite ipfw backend using command framework- The white and black list now initially reside in files /etc/sshguard/whitelist|blacklist
* Mon Sep 28 2015 joop.boonenAATTopensuse.org- Build version 1.6.1- Added sshguard-gcc5.patch so it also builds via gcc5- Created a sshguard.service file so it\'ll run on systemd systems
* Wed Mar 27 2013 joop.boonenAATTopensuse.org- Reformated the spec file to the openSUSE standard so it can be submitted to Factory
* Sat Feb 19 2011 larsAATTlinux-schulserver.de- update to 1.5: + logsucker: sshguard polls multiple log files at once + recognize syslog\'s \"last message repeated N times\" contextually and per-source + attackers now gauged with attack
*dangerousness
* instead of count (adjust your -a !) + improve IPv6 support + add detection for: Exim, vsftpd, Sendmail, Cucipop + improve logging granularity and descriptiveness + add -i command line option for saving PID file as an aid for startup scripts + update some attack signatures- cleanup specfile via spec-cleaner
* Wed Dec 01 2010 wrAATTrosenauer.org- fix typo in macro- revert a bit of cleanup to make it backwards compatible (%_initddir)
* Tue Nov 02 2010 prusnakAATTopensuse.org- cleanup spec file
* Wed Sep 29 2010 wrAATTrosenauer.org- update to version 1.5rc4
* Sun Apr 04 2010 wrAATTrosenauer.org- update to version 1.5rc1
* Thu Feb 11 2010 wrAATTrosenauer.org- added init script and sysconfig
* Wed Feb 10 2010 wrAATTrosenauer.org- initial openSUSE package
  
ICM