File sshguard.changes of Package sshguard

Overview Repositories Revisions Requests Users Attributes Meta

File sshguard.changes of Package sshguard

-------------------------------------------------------------------
Mon Oct  2 07:24:19 UTC 2023 - Andrea Manzini <andrea.manzini@suse.com>

- update to version 2.4.3:
  * Add signature for BIND
  * Add signature for Gitea
  * Add signature for Microsoft SQL Server for Linux
  * Add signature for OpenVPN Portshare
  * Add signature for user-defined HTTP attacks
  * Update signatures for Dovecot
  * Update signatures for Postfix
  * Fixed Fix memset off-by-one
  * Fixed Resolve DNS names in capability mode using casper

- removed patch sshguard-overflow.patch as fixed in upstream
- clean up .spec file

-------------------------------------------------------------------
Tue Aug 30 15:19:17 UTC 2022 - Marcus Meissner <meissner@suse.com>

- sshguard-overflow.patch: fixed 1 byte 0x00 overwrite in a memset
  (bsc#1202944)

-------------------------------------------------------------------
Mon Jan 24 21:22:20 UTC 2022 - Joop Boonen <joop.boonen@opensuse.org>

- Corrected the BACKEND in /etc/sshguard.conf

-------------------------------------------------------------------
Thu Jan 20 14:57:19 UTC 2022 - Joop Boonen <joop.boonen@opensuse.org>

- Deleted the iptables entries from sshguard.service as firewalld is used
- Added BACKEND="/usr/libexec/sshg-fw-firewalld" in stead of
  BACKEND="/usr/libexec/sshg-fw-iptables" as firewalld is used

-------------------------------------------------------------------
Tue Nov 23 15:32:07 UTC 2021 - Johannes Segitz <jsegitz@suse.com>

- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
  * harden_sshguard.service.patch
  Modified:
  * sshguard.service

-------------------------------------------------------------------
Sun May 16 12:39:45 UTC 2021 - Enrico Belleri <idesmi@protonmail.com>

- Changed 'BACKEND' to "/usr/libexec/sshg-fw-iptables" from incorrect syntax

-------------------------------------------------------------------
Wed May 12 00:04:22 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>

- Update to version 2.4.2
  * Recognize rejections from Postfix's postscreen daemon
  * The parser can now be changed using the 'PARSER' and
    'POST_PARSER' options
  * Remove some false positive attack signatures for SSH and Cyrus
  * Adjust log verbosity of some log messages
  * The *firewalld* backend now uses *firewall-cmd* instead of
    'iptables' to flush block lists

-------------------------------------------------------------------
Wed Aug 26 18:03:00 UTC 2020 - Joop Boonen <joop.boonen@opensuse.org>

- Build version 2.4.1
  * Recognize RFC 5424 syslog banners
  * Recognize busybox syslog -S banners
  * Recognize rsyslog banners
  * Recognize web services TYPO3, Contao, and Joomla
  * Update signatures for Dovecot
  * Update signatures for OpenSSH
  * Whitelist entire 127.0.0.0/8 and ::1 block
  * Whitelist file allows inline comments
  * Fix FILES and LOGREADER configuration file options
- boo#1124121

-------------------------------------------------------------------
Tue Jun 11 09:27:06 UTC 2019 - Joop Boonen <joop.boonen@opensuse.org>

- Build version 2.4.0
  * Match "Failed authentication attempt" for Gitea
  * Log human-readable service names instead of service code
  * Correctly terminate child processes when sshguard is killed
  * No longer accept logs given via standard input

-------------------------------------------------------------------
Wed Feb  6 11:39:18 UTC 2019 - joop.boonen@opensuse.org

- Removed not needed files and service files
  as sshguard can now parse journal files 
- /etc/sysconfig/sshguard is not used any more
  as sshguard uses it's own config file

-------------------------------------------------------------------
Mon Feb  4 22:47:20 UTC 2019 - Jan Engelhardt <jengelh@inai.de>

- Use noun phrase in summary.
- Join %service_* to reduce generated boilerplate.

-------------------------------------------------------------------
Thu Jan 24 08:19:29 UTC 2019 - liedke@rz.uni-mannheim.de

- Build version 2.3.1
  * Fix OpenSSH "Did not receive identification string"
  * Fix syslog banner detection on macOS

- Build version 2.3.0
  * Add signatures for Courier IMAP/POP and OpenVPN
  * Add signatures for TLS failures against Cyrus IMAP
  * Match more attacks against SSHD, Cockpit, and Dovecot
  * Update SSH invalid user signature for macOS
  * Add to and remove from ipfw table quietly
  * Reduce "Connection closed... [preauth]" score to 2
  * Switch ipsets to hash:net
  * Don't recreate existing ipsets
  * Match more log banners (Fix greedy SYSLOG_BANNER)

- Build version 2.2.0
  * Add '--disable-maintainer-mode' in configure for package maintainers
  * BusyBox log banner detection
  * Match Exim "auth mechanism not supported"
  * Match Exim "auth when not advertised"
  * Match Postfix greylist early retry
  * OpenSMTPD monitoring support
  * Recognize IPv6 addresses with interface name
  * Ignore CR in addition to LF
  * Only log attacks if not already blocked or whitelisted
  * Use correct signal names in driver shell script

- Build version 2.1.0
  * Add nftables backend
  * Add monitoring support for new service: Cockpit, Linux server dashboard
  * Match "maximum authentication attempts" for SSH
  * Match Debian-style "Failed password for invalid user" for SSH
  * Add monitoring support for new service: Common webserver probes, in
    Common Log Format
  * Match 'Disconnecting invalid user' for SSH
  * Add monitoring support for new service: WordPress, in Common Log Format
  * Add monitoring support for new service: SSHGuard
  * Firewall backends now support blocking subnets.
  * Add new IPV6_SUBNET and IPV4_SUBNET configuration options. Defaults
    to traditional single-address blocking.
  * Add monitoring support for new service: OpenSMTPD
  * Log whitelist matches with higher priority
  * Match port number in "invalid user" attack
  * FirewallD backend reloads firewall configuration less often.

- Build version 2.0.0
  * Add firewalld backend
  * Add ipset backend
  * Annotate logs using -a flag to sshg-parser
  * Match "no matching cipher" for SSH
  * Preliminary support for Capsicum and pledge()
  * Resurrect ipfilter backend
  * Support reading from os_log on macOS 10.12 and systemd journal
  * Add warning when reading from standard input
  * Build and install all backends by default
  * Improve log messages and tweak logging priorities
  * Runtime flags now configurable in the configuration file
  * SSHGuard requires a configuration file to start
  * Remove process validation (-f option)
  * Fix ipfw backend on FreeBSD 11
  * Fix initial block time
  * Update Dovecot pattern for macOS
  * Use standard score for Sendmail auth attack
 
-------------------------------------------------------------------
Thu Nov  8 18:28:49 UTC 2018 - joop.boonen@opensuse.org

-  Corrected the service scripts, start after network.target

-------------------------------------------------------------------
Thu Nov 23 13:44:30 UTC 2017 - rbrown@suse.com

- Replace references to /var/adm/fillup-templates with new 
  %_fillupdir macro (boo#1069468)

-------------------------------------------------------------------
Wed Mar  1 08:15:47 UTC 2017 - joop.boonen@opensuse.org

- Add a systemd journal tail so sshguard can parse this file

-------------------------------------------------------------------
Thu Dec 29 12:27:02 UTC 2016 - joop.boonen@opensuse.org

- Build version 1.7.1
    - Add sample Mac OS X 10.12 style launchd.plist
    - Allow multiple forward slashes in process name
    - Log released addresses only when debugging
    - Process validation (``-f`` option) is deprecated
    - Adjust TIMESTAMP_ISO8601 for Mac OS X 10.12
    - Fix build error in hosts backend
    - Fix empty functions in firewall scripts causing errors with Bash
    - Flush stdout after every line in sshg-parser
    - Add *sshg-logtail*
    - Add *sshg-parser*
    - Control firewall using *sshg-fw*
    - Match "no matching key exchange method" for SSH
    - Hosts backend is deprecated
    - Logsuck (``-l`` option) is deprecated, use *sshg-logtail* instead
    - Process validation (``-f`` option) is deprecated
    - Remove external hooks (``-e`` option)
    - Remove support for genfilt and ipfilter backends
    - Accept socklog messages without a timestamp
    - Fix excessive logging causing endless looping in logsuck
    - Fix undefined assignment of initial inode number
    - Match Postfix pre-authentication disconnects
    - Fix bashisms in iptables backend
    - Fix size argument in inet_ntop() call
    - Remove excessive logging when polling from files
    - Keep looking for unreadable files while polling
    - Update Dovecot signature for POP3
    - Match "Connection reset" message for SSH
    - Resurrect PID file option by popular demand
    - Adjust default abuse threshold
    
-------------------------------------------------------------------
Fri Feb 19 13:18:55 UTC 2016 - joop.boonen@opensuse.org

- Added a corrected attack treshold value (40 default)

-------------------------------------------------------------------
Thu Feb 18 10:07:08 UTC 2016 - eshmarnev@suse.com

- Build version 1.6.3 
    - Disable blacklisting by default
    - Implement logging as wrappers around syslog(2)
    - Improve log and error messages
    - Match sendmail authentication failures
    - Remove PID file option
    - Remove SIGTSTP and SIGCONT handler
    - Remove reverse mapping attack signature
    - Remove safe_fgets() and exit on interrupt
    - Terminate state entries for hosts blocked with pf
    - Update and shorten command-line usage
    - Use 'configure' to set feature-test macros
- Updated patch file for new version of sshguard

-------------------------------------------------------------------
Mon Jan 11 15:14:38 UTC 2016 - joop.boonen@opensuse.org

- Added ip6tables support handles via init and service files

-------------------------------------------------------------------
Fri Oct 16 12:15:24 UTC 2015 - joop.boonen@opensuse.org

- Corrected a iptables error, that prevented sshguard 
  from functioning correctly

-------------------------------------------------------------------
Thu Oct 15 13:51:15 UTC 2015 - joop.boonen@opensuse.org

- Moved blacklist.db to /var/lib/sshguard/db/blacklist.db analog
  most SUSE packages

-------------------------------------------------------------------
Thu Oct 15 07:52:48 UTC 2015 - joop.boonen@opensuse.org

- Corrected the blacklist as it's auto generated
- Improved sysconfig

-------------------------------------------------------------------
Wed Oct 14 11:56:49 UTC 2015 - joop.boonen@opensuse.org

- Build version 1.6.2
  + Make '-w' option backwards-compatible for iptables (James Harris)
  + Remove support for ip6fw and 'ipfw-range' option
  + Rewrite ipfw backend using command framework 
- The white and black list now initially reside in files 
  /etc/sshguard/whitelist|blacklist

-------------------------------------------------------------------
Mon Sep 28 13:48:45 UTC 2015 - joop.boonen@opensuse.org

- Build version 1.6.1 
- Added sshguard-gcc5.patch so it also builds via gcc5
- Created a sshguard.service file so it'll run on systemd
  systems

-------------------------------------------------------------------
Wed Mar 27 13:45:46 UTC 2013 - joop.boonen@opensuse.org

- Reformated the spec file to the openSUSE standard
  so it can be submitted to Factory

-------------------------------------------------------------------
Sat Feb 19 11:42:03 UTC 2011 - lars@linux-schulserver.de

- update to 1.5:
  + logsucker: sshguard polls multiple log files at once
  + recognize syslog's "last message repeated N times" contextually 
    and per-source
  + attackers now gauged with attack *dangerousness* instead of 
    count (adjust your -a !)
  + improve IPv6 support
  + add detection for: Exim, vsftpd, Sendmail, Cucipop
  + improve logging granularity and descriptiveness
  + add -i command line option for saving PID file as an aid for 
    startup scripts
  + update some attack signatures
- cleanup specfile via spec-cleaner

-------------------------------------------------------------------
Wed Dec  1 06:53:29 UTC 2010 - wr@rosenauer.org

- fix typo in macro
- revert a bit of cleanup to make it backwards compatible
  (%_initddir)

-------------------------------------------------------------------
Tue Nov  2 12:30:46 UTC 2010 - prusnak@opensuse.org

- cleanup spec file

-------------------------------------------------------------------
Wed Sep 29 13:13:03 CEST 2010 - wr@rosenauer.org

- update to version 1.5rc4

-------------------------------------------------------------------
Sun Apr  4 20:43:08 CEST 2010 - wr@rosenauer.org

- update to version 1.5rc1

-------------------------------------------------------------------
Thu Feb 11 14:54:46 CET 2010 - wr@rosenauer.org

- added init script and sysconfig

-------------------------------------------------------------------
Wed Feb 10 10:33:49 CET 2010 - wr@rosenauer.org

- initial openSUSE package

Places

File sshguard.changes of Package sshguard

Places