OSSEC latest version

« Changelog History

OSSEC v3.6.0 Release Notes

• OSSEC changelog (3.6.0) [email protected]

  🚀 Release Maintainers

  Dan Parriott

  Scott R. Shinn (http://www.atomicorp.com)

  🚀 Contributors on this release

  • @ddpbsd Dan Parriot - Maintainer
  • @NicolasCARPi - Nocolas Carpi - Community
  • @cpu - Daniel McCarney - Community
  • @jknockaert - Jasper Knockaert - Community
  • @mwidman - Mike Widman - Community
  • @drsjb80 - Steve Beaty - Community

  🚀 Release Notes

  🚑 Its that time of year again, our annual independent security audit! Joining our previous two years auditors, Apple Security and OVH Internet is security researcher Daniel McCarney (@cpu) who performed a very in depth analysis on our IDS engine updates (PCRE2, and more). With a project as critical as OSSEC in securing cloud and enterprise assets its very important to us to have independent assessments of the framework. So again we want to thank all of our auditors, old and new for their contribution to the project.

  ✅ Coder? Tester? Enthusiast? If you're interested in joining our team, or just interacting with the OSSEC community , email us for a slack invite at: [email protected]

  General

  • @ddpbsd - ossec-dbd, Add help output to dbd, #1833
  • ⚡️ @NicolasCARPi - INSTALL, updating depenency list,
    #1832
  • @cpu - PCRE2, refuse to compile empty PCRE2 patterns, fix for Issue #1811, #1826
  • @cpu, analysisd, resolves CVE-2020-8442 Issue #1820, #1825
  • @cpu, analysisd, resolves CVE-2020-8443 Issue #1816, #1824
  • @cpu, analysisd, resolves CVE-2020-8448 Issue #1815, #1823
  • @cpu, Makefile, fix for DEBUGAD, #1822
  • @jknockaert - dropbear rules, limit brute force rule to dropbear, #1803
  • @mwidman, analysisd, Added non-standard Sophos UTM syslog timestamp format to pre-decoding. , #1794
  • 🌲 @drsjb80 - configs, Added authentication log file location for debian-based systems , #1784
  • @ddpbsd - maild, Fix using a program to send mail, #1783

Previous changes from v3.5.0

• OSSEC changelog (3.5.0) [email protected]

  🚀 Release Maintainers

  Dan Parriott
  Scott R. Shinn (http://www.atomicorp.com)
  Dominik Lisiak

  🚀 Contributors on this release

  • (@atomicturtle) Scott Shinn - Maintainer
  • (@ddpbsd) Dan Parriot - Maintainer
  • (@drsjb80) Steve Beaty - Community
  • (@sempervictus) Boris Lukashev - Community

  🚀 Release notes:

  ⚡️ This would have been a minor 3.4.1 update if it wasnt for Boris Lukashev of https://www.sempervictus.com
  ⚡️ contributing a much needed update to multi-line log analysis. Previous usage of multi-line in OSSEC in
  the past was limited in processing events that did not use indentiation, a fairly common modern practice
  ⚡️ for readability. This update adds a new type: multi-line_indented to handle this condition (Example: postgresql).

  🚀 Maintenance fixes in this release also address issue #1781, which affected maild when calling an external program, and add support for Fedora 31

  Whats New:

  • 👍 (@atomicturtle) - Fedora 31 Support
  • 🔊 (@sempervictus) - Implement multi-line collection for indented logs #1780
  • 🌲 (@drsjb80) - Added authentication log file location for debian-based systems #1784

  General

  • (@ddpbsd) - Fix for Issue #1781, corrects issues with program sending mail

• All Versions
• Previous v3.5.0