Prelude OSS 1.2.5 ================= 2014-07-07, libprelude-1.2.5 ---------------------------- - Various improvements - Improved error handling - In high level language, return an empty list if the path is ambiguous - Allow NULL idmef_value_t in list When retrieving value from a path, like alert.source(*).node.address(*).address, we also want to return undefined values, so that the returned list conforms to the number of item/index in the retrieved path. - Improved idmef_path_set() implementation It is now possible to set undefined elements, or override them. Additionally, append and prepend operation is now much faster. - Map idmef_value_type_id_t to a C++ enumeration - Provide __hash__ function for IDMEFValue class This allow Python sets() operation on IDMEFValue instance. - Explicitly activate thread support - Comparison operator support for IDMEFValue() Allow to directly compare two values together, without calling the IDMEFValue.Match() method. Add support of the Python "in" operator (item in valuelist). - New prelude_list_splice() / prelude_list_splice_tail() function - Add missing PRELUDE_SCN* definition - Improve AdditionalData type checking - Prelude-Timer optimisation - Corrections - Various string conversion fixes - Fix leak for all methods returning an idmef_value_type_id_t - Fix float value corruption when writing to a prelude_message - Fix high level bindings ambiguity on IDMEFPath.Set() and IDMEF.Set() methods - NTP timestamps were not correctly printed - Corrected IDMEF Clone() method - Fix idmef-message-helper units tests - Compilation fixes - Various compilation warning fixes - Ruby high level bindings compilation fixes Fixed #513: make the Ruby binding code compatible with Ruby 1.9 - Update to latest GnuTLS API Fix compilation if GnuTLS-Extra is not available - Fix Perl high level bindings compilation - Fixed #386: build failure with libtool 2.4 - Fix configure script generation, and update GnuLib code 2014-07-07, libpreludedb-1.2.5 ------------------------------ - Use new libprelude PRELUDE_SCN* definition - Handle NULL input on preludedb_sql_escape_fast() and preludedb_sql_escape_binary() - Fix AdditionalData insertion/retrieval - Use PQescapeStringConn() in place of PQescapeString() when available - Fix warnings and error on PostgreSQL ByteA insertion Use the E'%s' ByteA insertion method with our own escaping function, since this method is not compatible with PQescapeByteaConn(). - Improve sscanf() error check - Remove rhel6 packaging - Move Python command to a Python specific Makefile, filename fixes - Fix compile warnings - Fix configure script generation, and update GnuLib code Modify configure.in to fit latest autoconf / automake change. Configure script generation and make distcheck now work again. Update GnuLib code. Update various autoconf macros, and gtk-doc build files. 2014-07-07, prelude-correlator-1.2.5 ------------------------------------ - Improved exception handling - Support IDMEF Alert merge, to avoid CorrelationAlert listing the same source multiple times - Allow pluginmanager API to be used with multiple entrypoints A Prelude-Correlator plugin may now use the pluginmanager API with their own entrypoint to load their own sub-plugins. - Allow plugin to specify a list of conflicting plugins Using this interface, a plugin can now provide a list of other plugins that conflict with him, and that shouldn't be loaded. Additionally, provide a way for the user to force loading of a plugin that was disabled because of a conflict (using enable = force in the configuration section for the plugin). - Add autoload attribute to the generic Plugin class This attribute controls whether PluginManager() will directly load a given plugin or only references the plugin class for later loading. Default behavior is to load the plugins. - Various timer improvements - Add an option to read IDMEF input from file, within the given offset / limit - Add a stats() function which can be used by a plugin to provide statistics printing - Implement GetAdditionalDataByMeaning() method - Always retrieve the current time when no argument is supplied - Add --disabledl option to setup.py sdist Downloading Spamhaus database need real user-agent, using Mozilla 5 - Logging fixes, using Python logging API - Add the ability to set debug log level - Updated dshield.dat, spamhaus_drop.dat - Removed rhel6 packaging 2014-07-07, prelude-lml-1.2.5 ----------------------------- - Improve debugging output - Initial TCP/TCP-TLS support * TCP server support has been added and can be activated using the tcp-server option, the default port is 514. * TCP-TLS server support has been added and can be activated using the "tcp-tls-server" option, the defaut port is 6514. The system support anonymous authentication using the (anon-(EC)DH) key exchange protocol as well as x509 authentication, which might be used with or without client certificate verification ("tls-verify option"). Certificate verification may include fingerprint (MD5 or SHA1) and/or name verification with the use of the "tls-trusted-fingerprint" and "tls-trusted-name" option. Multiple TCP(/TLS) server might be configured, listening on different ports with different options. - Removed rhel6 packaging - Fix compilation warning - Update libev Update to latest libev version, some compatibility fixes - Autoconf / Automake fixes, GnuLib code update. Update configure.in to fit latest autoconf and automake changes. Remove obsolete autoconf macro, and update to newer one. Configure script generation and distcheck target are now working again 2014-07-07, prelude-lml-rules-1.2.5 ----------------------------------- - Updated/fixed rules for - Juniper SA - Symantec Antivirus - Removed duplicated freeradius ruleset - Added prelude-lml-rules-check prelude-lml-rules-check : sort rules ids 2014-07-07, prelude-manager-1.2.5 --------------------------------- - Removed rhel6 packaging - Update libev - Warning fixes - Autoconf / Automake fixes, Update GnuLib code Configure script generation and make distcheck work again. Remove deprecated autoconf macro, update obsolete one. - Relaying cleanup 2014-07-07, prewikka-1.2.5 -------------------------- - Better fix for #495 : Request-URI Too Large IDs of linked alerts are no longer sent as parameters when filtering - Correctly displays database schema error - Support (un)folding Source and Target, when there is more than one - Removed rhel6 packaging - Fix problem of character encoding in field classification.reference(x).name