SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for sec-2.9.2-1.13.noarch.rpm :

* Sat Jun 03 2023 malcolmlewisAATTopensuse.org- Updated to version 2.9.2:
* Starting from this version, list of event occurrence times that correspond to event group string tokens is passed to PerlFunc and NPerlFunc event group patterns as an additional parameter.- Add build requires on systemd-rpm-macros.- Removed unused conditionals for old releases as no longer needed.
* Wed May 04 2022 malcolmlewisAATTopensuse.org- Updated to version 2.9.1:
* Added support for \'egtoken
*\' fields in EventGroup rules.
* Starting from this version, list of event group string tokens is passed to PerlFunc and NPerlFunc event group patterns as an additional parameter.
* Mon Nov 29 2021 malcolmlewisAATTopensuse.org- Updated rulesets to version 20211119:
* SecJson.pm updated.- Add full download URL for rulesets.- Remove obsolete version checks.
* Thu May 13 2021 malcolmlewisAATTopensuse.org- Updated to version 2.9.0: + Added support for \'cmdexec\', \'spawnexec\', \'cspawnexec\', \'pipeexec\' and \'reportexec\' actions. + Added support for \'shell\' field in SingleWithScript rules. + Added support for \'egptype\' and \'egpattern\' fields in EventGroup rules. + Added support for %.sp built-in action list variable. + Added ipv6 support for \'tcpsock\' and \'udpsock\' actions. + Bugfixes for \'write\', \'writen\', \'owritecl\', \'udgram\', \'ustream\', \'udpsock\' and \'tcpsock\' actions (exceptions from syswrite() and send() are now handled, and \'ustream\' action no longer blocks on Linux when peer backlog queue is full). + Improved socket handling routines. + Improved error reporting for invalid command line arguments. + Starting from this version, a program provided with - -timeout-script command line option is executed without shell interpretation. + Starting from this version, SEC uses Perl JSON::PP module instead of JSON module (JSON::PP is included in the standard Perl installation).- Update rulesets and drop get from git script as rulesets are now released.
* Sat May 02 2020 malcolmlewisAATTopensuse.org- Updated to version 2.8.3: + Added support for collecting rule performance data and the - -ruleperf and --noruleperf command line options. + Improved dump file generation in JSON format (some numeric fields that were reported as JSON strings are now reported as JSON numbers).- Update copyright year(s) in spec file.
* Sun Jun 02 2019 malcolmlewisAATTopensuse.org- Updated to version 2.8.2: + Added support for \'varset\' action. + Fixed a bug where reference to $:{cacheentry:varname} match variable for non-existing pattern match cache entry would create an empty entry.
* Wed Oct 03 2018 malcolmlewisAATTopensuse.org- Updated to version 2.8.1: + Fixed a bug in dump file creation routine (a perl warning message was written to standard error if --dumpfjson command line option was used without Perl JSON module being present).
* Thu Aug 30 2018 malcolmlewisAATTopensuse.org- Updated to version 2.8.0: + Added support for dynamic input files, and \'addinput\' and \'dropinput\' actions for managing dynamic inputs. + Added support for signal emulation and \'sigemul\' action. + Added support for \'setltime\' action. + Starting from this version, the \'lcall\' action supports the :> operator. + Added support for $+{_intcontext} match variable. + Improved input file rotation handling. + Improved action list parsing. + Bugfixes for \'setwpos\' action. + Added support for creating dump files in JSON format, and the --dumpfjson and --nodumpfjson command line options.- Updated example rulesets.
* Tue Dec 12 2017 malcolmlewisAATTopensuse.org- Updated to version 2.7.12:
* fixed a bug in context expression parsing routine and improved the logging of parsing errors.- Add get_rulesets_from_git.sh to sources to pull direct from git.- Update spec file for compat macro for new _fillupdir macro and spec file clean up.
* Tue Feb 07 2017 malcolmlewisAATTopensuse.org- Updated to version 2.7.11: + Added support for the --user, --group and --umask command line options. + Starting from this version, SIGPIPE signal is ignored globally in all parts of the code. + Improved the handling of SIGTERM signal. + Optimized IO routines, signal handling and exit status collection for child processes. + Improved command line parsing and error reporting. + Changes in rule parsing routines (only ASCII digits are allowed in numeric rule fields). + Starting from this version, the default value for the - -blocksize command line option is 8192. + Fixed a bug in the code which checks the status of TCP sockets.
  
ICM