File: ChangeLog

package info (click to toggle)
osiris 4.0.6-1sarge1
  • links: PTS
  • area: main
  • in suites: sarge
  • size: 16,020 kB
  • ctags: 11,910
  • sloc: ansic: 113,119; sh: 14,805; cpp: 2,038; makefile: 1,754; awk: 1,385; perl: 452; tcl: 27; asm: 14
file content (181 lines) | stat: -rw-r--r-- 6,844 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
 

Differences with version 4.0.6
=================================================

FIXED:

: typo in generic osirismd rc script.
: changed verify cert depth to 10, from 4.
: moved 'continue' prompt to beginning of installer, where it should be.
: fixed regular expression filter value bug with parens.

FEATURES:

: added default config for Linksys WRT54G(S).
: changed notification subject lines for easier parsing.

Differences with version 4.0.5
=================================================

FIXED:

- url now not shown in notification emails when auto-accept turned on.
- removed "checking schedules" log from windows builds.
- bug with test-notify message headers, extra crlf.
- fixed timezone problem with scheduler prompt (thanks spike!)
- bug with non-privsep unix platforms unresolve rootpriv_fopen calls.
- configure script, no -Wall option for AIX compiler.
- removed C++ style comments from common code.
- fixed bugs with installer on irix for user/group creation.
- fixed bug with windows installer not properly shutting down existing services.
- windows kmod status field now a word/description, not just a number.
- bug with print-config not always printing config name.
- configuration bug, NoEntry directive on "/" block not working correctly.
- default self-signed cert validity now 10 year, not one.

FEATURES:

- admin email to management config.  when set, this will send ALL mail
  notifications to this address in addition to any other set email addresses.

Differences with version 4.0.3
=================================================

FIXED:

- subject headers, missing CRLF
- log message of type error, should have been type: info.
- notify_flags (scan failed) not being set correctly.
- bogus scan-failure messages from being sent by the scheduler.
- bug where console would not updage schedules after a rm-host.
- install.sh bug not always detecting linux distro correctly.
- plist file for Darwin init script wasn't compatible with older OS X versions.
- solaris install.sh bug with useradd/groupadd calls.

FEATURES:

- added Date header to email notification messages.
- added default config for Windows Server 2003.


Differences with version 4.0.1
=================================================

FEATURES:

- added the ability to edit comparison filters with the CLI.

- added command completion to the CLI, and added a history list
  of commands (up/down arrows).  This is still experimental, enable
  this with the configure option: --enable-fancy-cli=yes

- added more scan database options to host configuration.  Hosts can
  now be configured to archive all databases, archive databases only when
  there are changes, or to not save any databases at all.  In addition, hosts
  can now be configured to auto-accept changes, meaning that changes will only
  be logged (and/or sent out via email notifications) once.

- added support for gentoo install.
- added ability to configure scan agent listen port.

FIXES:

- fixed silly bug with push-config prompts not filtering out beginning or
  trailing whitespaces in the response.

- fixed minor bug in Darwin installer.

- fixed a number of typos in CLI and log messages.

- fixed string format bug with log entry in cert creation code.

- fixed the allow list so regular expressions work properly, and hostnames
  now work properly.  Previously, only IP addresses were valid entries.

- fixed minor formatting bug with notification email when http port
  is not enabled.

- fixed bug with rm-host command on CLI not parsing argument correctly.

- added more log messages to the scheduler module.

- fixed SIGCHLD bug with management console/CLI leaving zombies.

- fixed make distclean target in scan agent modules directory.

- fixed signal handler bug with the scheduler that rendered the scheduling 
  process vulnerable to freezes, or crashes.

Differences with version 4.0.0
=================================================

- Versions 2.x-stable is NOT compatible with version 4.0.

- new modular interface.  This allows for developers to easily extend the
  functionality of the scan agent.  See http://osiris.shmoo.com/modules
  for details.

- support for monitoring user database (module).

- support for monitoring group database (module).

- support for monitoring kernel extensions (module).

- support for AIX (thanks to Duane Dunston).

- support for IRIX (thanks to Karen Wieprecht).

- added reg-ex to the project so that the regular expressions used with
  filters as well as scan config rules will work the same on all supported
  platforms.  Thus windows scan agents and management consoles now support
  regular expressions.

- notification settings are now more configurable.  On a per-host basis,
  notification for the following can now be specified:

    a) scheduler fails to start a scan.
    b) send notification after every scan, even if no changes occured.
    c) send notification when an agent has lost its session key.
    d) changes detected.
  
- filters now can single out specific attribute changes to files.  Previously
  the filters would be all or nothing with respect to showing what changed 
  for a particular file.

- CLI now will dig out the config used for the trusted db and use it if no
  config name is specified for the config related commands.

- all logs generated by the management console now have ID codes to make
  the logs more friendly to log analysis tools.  See the documentation or
  the online docs for logging codes, http://osiris.shmoo.com/logs

- syslog levels: info, warn, and err are now used.  The syslog facility is
  still configurable.  The log_intensity config paramater is no more.

- The name of the osiris user/group created during the installation can now
  now be specified as a configure option.  The default is, "osiris" (Not
  applicable on Windows).

- The osiris root directory can now be specified as a configure option, the
  default is, "/usr/local/osiris" ( Not Applicable on Windows).

- logs now reveal the ID of the scan config used, in addition to the name.

- The CLI now lists hosts in alphabetical order.

- CLI now will make use of the EDITOR environment variable so you can
  choose what editor to use to edit and create scan configs.

- database format made more efficient and the records are printed in 
  alphabetical order in print-db routines as well as in any logs or
  notifications (new version of Berkeley DB: 4.2.52).

- The source now builds under MinGW.  As a result, the build system on 
  Windows is no longer the cumbersome pain that it was.  The Visual Studio
  project files have all been removed, with joy.

- new make targets: "agent" and "console" now create installation packages
  for the scan agent and the management console that can be run from
  read-only media (Not applicable on Windows, use the supplied NSIS script).