Changelog for
sshguard-2.4.2-bp155.4.7.x86_64.rpm :
* Tue Aug 30 2022 Marcus Meissner
- sshguard-overflow.patch: fixed 1 byte 0x00 overwrite in a memset (bsc#1202944)
* Mon Jan 24 2022 Joop Boonen - Corrected the BACKEND in /etc/sshguard.conf
* Thu Jan 20 2022 Joop Boonen - Deleted the iptables entries from sshguard.service as firewalld is used- Added BACKEND=\"/usr/libexec/sshg-fw-firewalld\" in stead of BACKEND=\"/usr/libexec/sshg-fw-iptables\" as firewalld is used
* Tue Nov 23 2021 Johannes Segitz - Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
* harden_sshguard.service.patch Modified:
* sshguard.service
* Sun May 16 2021 Enrico Belleri - Changed \'BACKEND\' to \"/usr/libexec/sshg-fw-iptables\" from incorrect syntax
* Wed May 12 2021 Ferdinand Thiessen - Update to version 2.4.2
* Recognize rejections from Postfix\'s postscreen daemon
* The parser can now be changed using the \'PARSER\' and \'POST_PARSER\' options
* Remove some false positive attack signatures for SSH and Cyrus
* Adjust log verbosity of some log messages
* The
*firewalld
* backend now uses
*firewall-cmd
* instead of \'iptables\' to flush block lists
* Wed Aug 26 2020 Joop Boonen - Build version 2.4.1
* Recognize RFC 5424 syslog banners
* Recognize busybox syslog -S banners
* Recognize rsyslog banners
* Recognize web services TYPO3, Contao, and Joomla
* Update signatures for Dovecot
* Update signatures for OpenSSH
* Whitelist entire 127.0.0.0/8 and ::1 block
* Whitelist file allows inline comments
* Fix FILES and LOGREADER configuration file options- boo#1124121
* Tue Jun 11 2019 Joop Boonen - Build version 2.4.0
* Match \"Failed authentication attempt\" for Gitea
* Log human-readable service names instead of service code
* Correctly terminate child processes when sshguard is killed
* No longer accept logs given via standard input
* Wed Feb 06 2019 joop.boonenAATTopensuse.org- Removed not needed files and service files as sshguard can now parse journal files- /etc/sysconfig/sshguard is not used any more as sshguard uses it\'s own config file
* Mon Feb 04 2019 Jan Engelhardt - Use noun phrase in summary.- Join %service_
* to reduce generated boilerplate.
* Thu Jan 24 2019 liedkeAATTrz.uni-mannheim.de- Build version 2.3.1
* Fix OpenSSH \"Did not receive identification string\"
* Fix syslog banner detection on macOS- Build version 2.3.0
* Add signatures for Courier IMAP/POP and OpenVPN
* Add signatures for TLS failures against Cyrus IMAP
* Match more attacks against SSHD, Cockpit, and Dovecot
* Update SSH invalid user signature for macOS
* Add to and remove from ipfw table quietly
* Reduce \"Connection closed... [preauth]\" score to 2
* Switch ipsets to hash:net
* Don\'t recreate existing ipsets
* Match more log banners (Fix greedy SYSLOG_BANNER)- Build version 2.2.0
* Add \'--disable-maintainer-mode\' in configure for package maintainers
* BusyBox log banner detection
* Match Exim \"auth mechanism not supported\"
* Match Exim \"auth when not advertised\"
* Match Postfix greylist early retry
* OpenSMTPD monitoring support
* Recognize IPv6 addresses with interface name
* Ignore CR in addition to LF
* Only log attacks if not already blocked or whitelisted
* Use correct signal names in driver shell script- Build version 2.1.0
* Add nftables backend
* Add monitoring support for new service: Cockpit, Linux server dashboard
* Match \"maximum authentication attempts\" for SSH
* Match Debian-style \"Failed password for invalid user\" for SSH
* Add monitoring support for new service: Common webserver probes, in Common Log Format
* Match \'Disconnecting invalid user\' for SSH
* Add monitoring support for new service: WordPress, in Common Log Format
* Add monitoring support for new service: SSHGuard
* Firewall backends now support blocking subnets.
* Add new IPV6_SUBNET and IPV4_SUBNET configuration options. Defaults to traditional single-address blocking.
* Add monitoring support for new service: OpenSMTPD
* Log whitelist matches with higher priority
* Match port number in \"invalid user\" attack
* FirewallD backend reloads firewall configuration less often.- Build version 2.0.0
* Add firewalld backend
* Add ipset backend
* Annotate logs using -a flag to sshg-parser
* Match \"no matching cipher\" for SSH
* Preliminary support for Capsicum and pledge()
* Resurrect ipfilter backend
* Support reading from os_log on macOS 10.12 and systemd journal
* Add warning when reading from standard input
* Build and install all backends by default
* Improve log messages and tweak logging priorities
* Runtime flags now configurable in the configuration file
* SSHGuard requires a configuration file to start
* Remove process validation (-f option)
* Fix ipfw backend on FreeBSD 11
* Fix initial block time
* Update Dovecot pattern for macOS
* Use standard score for Sendmail auth attack
* Thu Nov 08 2018 joop.boonenAATTopensuse.org- Corrected the service scripts, start after network.target
* Thu Nov 23 2017 rbrownAATTsuse.com- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
* Wed Mar 01 2017 joop.boonenAATTopensuse.org- Add a systemd journal tail so sshguard can parse this file
* Thu Dec 29 2016 joop.boonenAATTopensuse.org- Build version 1.7.1 - Add sample Mac OS X 10.12 style launchd.plist - Allow multiple forward slashes in process name - Log released addresses only when debugging - Process validation (``-f`` option) is deprecated - Adjust TIMESTAMP_ISO8601 for Mac OS X 10.12 - Fix build error in hosts backend - Fix empty functions in firewall scripts causing errors with Bash - Flush stdout after every line in sshg-parser - Add
*sshg-logtail
* - Add
*sshg-parser
* - Control firewall using
*sshg-fw
* - Match \"no matching key exchange method\" for SSH - Hosts backend is deprecated - Logsuck (``-l`` option) is deprecated, use
*sshg-logtail
* instead - Process validation (``-f`` option) is deprecated - Remove external hooks (``-e`` option) - Remove support for genfilt and ipfilter backends - Accept socklog messages without a timestamp - Fix excessive logging causing endless looping in logsuck - Fix undefined assignment of initial inode number - Match Postfix pre-authentication disconnects - Fix bashisms in iptables backend - Fix size argument in inet_ntop() call - Remove excessive logging when polling from files - Keep looking for unreadable files while polling - Update Dovecot signature for POP3 - Match \"Connection reset\" message for SSH - Resurrect PID file option by popular demand - Adjust default abuse threshold
* Fri Feb 19 2016 joop.boonenAATTopensuse.org- Added a corrected attack treshold value (40 default)
* Thu Feb 18 2016 eshmarnevAATTsuse.com- Build version 1.6.3 - Disable blacklisting by default - Implement logging as wrappers around syslog(2) - Improve log and error messages - Match sendmail authentication failures - Remove PID file option - Remove SIGTSTP and SIGCONT handler - Remove reverse mapping attack signature - Remove safe_fgets() and exit on interrupt - Terminate state entries for hosts blocked with pf - Update and shorten command-line usage - Use \'configure\' to set feature-test macros- Updated patch file for new version of sshguard
* Mon Jan 11 2016 joop.boonenAATTopensuse.org- Added ip6tables support handles via init and service files
* Fri Oct 16 2015 joop.boonenAATTopensuse.org- Corrected a iptables error, that prevented sshguard from functioning correctly
* Thu Oct 15 2015 joop.boonenAATTopensuse.org- Moved blacklist.db to /var/lib/sshguard/db/blacklist.db analog most SUSE packages
* Thu Oct 15 2015 joop.boonenAATTopensuse.org- Corrected the blacklist as it\'s auto generated- Improved sysconfig
* Wed Oct 14 2015 joop.boonenAATTopensuse.org- Build version 1.6.2 + Make \'-w\' option backwards-compatible for iptables (James Harris) + Remove support for ip6fw and \'ipfw-range\' option + Rewrite ipfw backend using command framework- The white and black list now initially reside in files /etc/sshguard/whitelist|blacklist
* Mon Sep 28 2015 joop.boonenAATTopensuse.org- Build version 1.6.1- Added sshguard-gcc5.patch so it also builds via gcc5- Created a sshguard.service file so it\'ll run on systemd systems
