From 222f57ce51865f36f4f45a3d3c88fe92a79ce84e Mon Sep 17 00:00:00 2001 From: "Scott R. Shinn" Date: Wed, 10 Oct 2018 10:37:54 -0400 Subject: [PATCH 1/4] Update to 3.0.1 Signed-off-by: Scott R. Shinn --- INSTALL | 2 +- README.md | 2 +- src/VERSION | 2 +- src/init/ossec-client.sh | 2 +- src/init/ossec-local.sh | 2 +- src/init/ossec-server.sh | 2 +- src/win32/help.txt | 2 +- src/win32/ossec-installer.nsi | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/INSTALL b/INSTALL index a697ba073..6fa363729 100644 --- a/INSTALL +++ b/INSTALL @@ -1,4 +1,4 @@ -OSSEC v3.0.0 +OSSEC v3.0.1 Copyright (C) 2018 Trend Micro Inc. diff --git a/README.md b/README.md index 07ffd7c32..0e243c818 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -OSSEC v3.0.0 Copyright (C) 2018 Trend Micro Inc. +OSSEC v3.0.1 Copyright (C) 2018 Trend Micro Inc. # Information about OSSEC diff --git a/src/VERSION b/src/VERSION index ad55eb85f..b105cea15 100644 --- a/src/VERSION +++ b/src/VERSION @@ -1 +1 @@ -v3.0.0 +v3.0.1 diff --git a/src/init/ossec-client.sh b/src/init/ossec-client.sh index ff38644ce..b30d373c5 100755 --- a/src/init/ossec-client.sh +++ b/src/init/ossec-client.sh @@ -11,7 +11,7 @@ DIR=`dirname $PWD`; ### Do not modify below here ### NAME="OSSEC HIDS" -VERSION="v3.0.0" +VERSION="v3.0.1" AUTHOR="Trend Micro Inc." DAEMONS="ossec-logcollector ossec-syscheckd ossec-agentd ossec-execd" diff --git a/src/init/ossec-local.sh b/src/init/ossec-local.sh index a8cbae832..051f6241b 100755 --- a/src/init/ossec-local.sh +++ b/src/init/ossec-local.sh @@ -19,7 +19,7 @@ if [ $? = 0 ]; then fi NAME="OSSEC HIDS" -VERSION="v3.0.0" +VERSION="v3.0.1" AUTHOR="Trend Micro Inc." DAEMONS="ossec-monitord ossec-logcollector ossec-syscheckd ossec-analysisd ossec-maild ossec-execd ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}" diff --git a/src/init/ossec-server.sh b/src/init/ossec-server.sh index 0ef0fb0c1..1029b7472 100755 --- a/src/init/ossec-server.sh +++ b/src/init/ossec-server.sh @@ -19,7 +19,7 @@ if [ $? = 0 ]; then fi NAME="OSSEC HIDS" -VERSION="v3.0.0" +VERSION="v3.0.1" AUTHOR="Trend Micro Inc." [ -f /etc/ossec-init.conf ] && . /etc/ossec-init.conf; diff --git a/src/win32/help.txt b/src/win32/help.txt index a991532f0..5f6a0cb56 100644 --- a/src/win32/help.txt +++ b/src/win32/help.txt @@ -1,4 +1,4 @@ -** OSSEC Windows Agent v3.0.0 ** +** OSSEC Windows Agent v3.0.1 ** ** Copyright (C) 2014 Trend Micro Inc. ** diff --git a/src/win32/ossec-installer.nsi b/src/win32/ossec-installer.nsi index b382c6fa7..1386bbf0d 100644 --- a/src/win32/ossec-installer.nsi +++ b/src/win32/ossec-installer.nsi @@ -25,7 +25,7 @@ ; general !define MUI_ICON favicon.ico !define MUI_UNICON ossec-uninstall.ico -!define VERSION "3.0.0" +!define VERSION "3.0.1" !define NAME "OSSEC HIDS" !define SERVICE "OssecSvc" From ba36b3edc9620564896d2f4daac9f8975731dadf Mon Sep 17 00:00:00 2001 From: "Scott R. Shinn" Date: Thu, 11 Oct 2018 11:52:40 -0400 Subject: [PATCH 2/4] 3.1.0 updates to changelog version files, etc Signed-off-by: Scott R. Shinn --- CHANGELOG | 75 ++++++++++++++++++++++++++++++++++- INSTALL | 2 +- README.md | 2 +- src/VERSION | 2 +- src/init/ossec-client.sh | 2 +- src/init/ossec-local.sh | 2 +- src/init/ossec-server.sh | 2 +- src/win32/help.txt | 2 +- src/win32/ossec-installer.nsi | 2 +- 9 files changed, 82 insertions(+), 9 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index e8476903f..e91161baf 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,4 +1,4 @@ -OSSEC changelog (3.0.0) +OSSEC changelog (3.1.0) Release Maintainers @@ -6,6 +6,79 @@ Dan Parriott Scott R. Shinn (Atomicorp, Inc.) +3.1.0 + +Release Notes + + Special thanks on this release go out to: + davestoddard for an amazingly well thought out, and well documented update to the networking code + Bob-Andrews for the largest update to the auditing system in the project history + phamvoung for resolving some very subtle bugs and high profile issues with the authd daemon + + We'd also like to thank all the other fantastic contributors to the project, whom are referenced in parenthesis in the changelog. We cannot thank you enough! + + + + +Whats New + (davestoddard) Modification to Correct IP Connectivity Issues on BSD Servers PR #1412 + +New Rules / Decoders + (Bob-Andrews) - linux_usbdetect_rules.xml, ms1016_usbdetect_rules.xml, ms_firewall_rules.xml + (Bob-Andrews) - Added ms_ipsec_rules PR #1549 + (Bob-Andrews) - Rootchecks for Debian 7+8, cis_debianlinux7-8_L1_rcl.txt, cis_debianlinux7-8_L2_rcl.txt, cis_win10_enterprise_L1_rcl.txt, cis_win10_enterprise_L2_rcl.txt PR #1531 + (Bob-Andrews) - acsc_office2016_rcl.txt, Added rootcheck PR #1510 + (Bob-Andrews) - added cis_win2016_memberL1_rcl.txt, cis_win2016_memberL2_rcl.txt PR #1496 + (Bob-Andrews) - cis_win2012r2_memberL1_rcl.txt, Added Check Description/Alert PR #1495 + (ddpbsd) - additional sshd decoders PR #1480 + (ddpbsd) - basic support for Dnsmasq PR #1461 + +General + (iasdeoupxe) - host-deny.sh: Move duplicate entry check into the add action PR #1554 + (iasdeoupxe) - host-deny.sh: Use consistent indentation PR #1553 + (iasdeoupxe) - host-deny.sh: Remove unnecessary echo for duplicated entry PR #1552 + (Bob-Andrews) - Added new id ranges for linux usb detection rules, ms1016 usb detection rules and ms firewall rules from PR #1543 + (Bob-Andrews) - Corrected IDs to a non user defined range PR #1547 (psad_rules.xml, sysmon_rules.xml, unbound_rules.xml) + (c0r3dump3d) - Correct and expand spanish translation PR #1541 + (ddpbsd) - Adjust the tests for sysmon rules PR #1548 + (MangyCoyote) - install.sh - case for s-nail patch can't be applied if `mail` is not installed PR #1539 + (atomicturtle) - ossec-authd Fix for foreground flags PR #1538 + (atomicturtle) - ossec-authd Add -f foreground flag support PR #1537 + (featzor) - psad signature match level 6 PR #1517 + (Bob-Andrews) - Corrected rootcheck CIS tests for cis_win2012r2_domainL2_rcl.txt, is_win2012r2_memberL2_rcl.txt, cis_win2016_domainL2_rcl.txt PR #1521 + (franciosi) - Updated README.md, correts small typos PR #1519 + (ddpbsd) - Fix the subject handling. Issue submitted by Michael Starks #1370 PR #1377 + (foygl) - ossec-slack.sh, Fix and clean up output for Slack integration PR #1508 + (ddpbsd) - From issue #1514, a duplicate `_gsid1 == 0` -> `_gsid0 == 0` PR #1515 + (Bob-Andrews) - cis_win2016_domainL1_rcl.txt, Corrected Check - Registry Hive PR #1511 + (ashley-dunn) - Fix "bellow" typos in ossec-[client|local|server].sh files PR #1512 + (ddpbsd) - Fix the log location in the ossec-slack AR script. PR #1422 + (phamvuong) - BUGFIX: remove default value for authpass PR #1464 + (calve) - Bump version definition in defs.h PR #1504 + (ddpbsd) - More coverity fixes PR #1497 + (ddpbsd) - Modify status() to not return 1 when maild is not running PR #1501 + (ddpbsd) - Coverity fixes PR #1490 + (Bob-Andrews) - Moved file to ossec-hids/ src/rootcheck/db/ PR #1493 + (ddpbsd) - Make sure there's room for the full alert id in json alerts PR #1487 + (ddpbsd) - Fix an issue in the nodiff option which could ignore files it isn't supposed to PR #1486 + (ddpbsd) - Hard coded user/group changed to appropriate variables PR #1484 + (ddpbsd) - Add FreeBSD's php.ini location to rootcheck db PR #1483 + (ddpbsd) - Replace hard coded directories with the appropriate variables PR #1482 + (ddpbsd) - When trying to bind to a local address, present the error on failure. PR #1457 + (ddpbsd) - version_bump.sh Quick script to make version bumping easier PR #1532 + (phamvuong) - Call select() before checking active socket PR #1529 + (stephengroat) - use nicer looking travis build badge PR #1460 + (stevhsu) - Correct lua version variable PR #1459 + + + + +OSSEC changelog (3.0.0) + +Release Maintainers + +Dan Parriott +Scott R. Shinn (Atomicorp, Inc.) Whats New SQLite support for syscheck diff --git a/INSTALL b/INSTALL index 6fa363729..6179be814 100644 --- a/INSTALL +++ b/INSTALL @@ -1,4 +1,4 @@ -OSSEC v3.0.1 +OSSEC v3.1.0 Copyright (C) 2018 Trend Micro Inc. diff --git a/README.md b/README.md index 0e243c818..08166a1a4 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -OSSEC v3.0.1 Copyright (C) 2018 Trend Micro Inc. +OSSEC v3.1.0 Copyright (C) 2018 Trend Micro Inc. # Information about OSSEC diff --git a/src/VERSION b/src/VERSION index b105cea15..6c8dc7eb2 100644 --- a/src/VERSION +++ b/src/VERSION @@ -1 +1 @@ -v3.0.1 +v3.1.0 diff --git a/src/init/ossec-client.sh b/src/init/ossec-client.sh index b30d373c5..0c2773001 100755 --- a/src/init/ossec-client.sh +++ b/src/init/ossec-client.sh @@ -11,7 +11,7 @@ DIR=`dirname $PWD`; ### Do not modify below here ### NAME="OSSEC HIDS" -VERSION="v3.0.1" +VERSION="v3.1.0" AUTHOR="Trend Micro Inc." DAEMONS="ossec-logcollector ossec-syscheckd ossec-agentd ossec-execd" diff --git a/src/init/ossec-local.sh b/src/init/ossec-local.sh index 051f6241b..35e0d2365 100755 --- a/src/init/ossec-local.sh +++ b/src/init/ossec-local.sh @@ -19,7 +19,7 @@ if [ $? = 0 ]; then fi NAME="OSSEC HIDS" -VERSION="v3.0.1" +VERSION="v3.1.0" AUTHOR="Trend Micro Inc." DAEMONS="ossec-monitord ossec-logcollector ossec-syscheckd ossec-analysisd ossec-maild ossec-execd ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}" diff --git a/src/init/ossec-server.sh b/src/init/ossec-server.sh index 1029b7472..d10f0ecd3 100755 --- a/src/init/ossec-server.sh +++ b/src/init/ossec-server.sh @@ -19,7 +19,7 @@ if [ $? = 0 ]; then fi NAME="OSSEC HIDS" -VERSION="v3.0.1" +VERSION="v3.1.0" AUTHOR="Trend Micro Inc." [ -f /etc/ossec-init.conf ] && . /etc/ossec-init.conf; diff --git a/src/win32/help.txt b/src/win32/help.txt index 5f6a0cb56..859420d49 100644 --- a/src/win32/help.txt +++ b/src/win32/help.txt @@ -1,4 +1,4 @@ -** OSSEC Windows Agent v3.0.1 ** +** OSSEC Windows Agent v3.1.0 ** ** Copyright (C) 2014 Trend Micro Inc. ** diff --git a/src/win32/ossec-installer.nsi b/src/win32/ossec-installer.nsi index 1386bbf0d..15166350c 100644 --- a/src/win32/ossec-installer.nsi +++ b/src/win32/ossec-installer.nsi @@ -25,7 +25,7 @@ ; general !define MUI_ICON favicon.ico !define MUI_UNICON ossec-uninstall.ico -!define VERSION "3.0.1" +!define VERSION "3.1.0" !define NAME "OSSEC HIDS" !define SERVICE "OssecSvc" From 0f3b29c5593445db12b880a038d68ba024c1fd3f Mon Sep 17 00:00:00 2001 From: "Scott R. Shinn" Date: Thu, 11 Oct 2018 11:54:49 -0400 Subject: [PATCH 3/4] Updating to 3.1.0 Signed-off-by: Scott R. Shinn --- src/headers/defs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/headers/defs.h b/src/headers/defs.h index 4810f75a4..9d40d6c7c 100644 --- a/src/headers/defs.h +++ b/src/headers/defs.h @@ -39,10 +39,10 @@ /* Some global names */ #define __ossec_name "OSSEC HIDS" -#define __version "v3.0.0" +#define __version "v3.1.0" #define __author "Trend Micro Inc." #define __contact "contact@ossec.net" -#define __site "http://www.ossec.net" +#define __site "https://www.ossec.net" #define __license "\ This program is free software; you can redistribute it and/or modify\n\ it under the terms of the GNU General Public License (version 2) as \n\ From 0968ab7a7242065544f7b247cb112da28c28624b Mon Sep 17 00:00:00 2001 From: "Scott R. Shinn" Date: Thu, 11 Oct 2018 15:18:44 -0400 Subject: [PATCH 4/4] Update version field Signed-off-by: Scott R. Shinn --- CONFIG | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONFIG b/CONFIG index c422e2a3f..fde8d357b 100644 --- a/CONFIG +++ b/CONFIG @@ -1,4 +1,4 @@ -OSSEC v3.0.0 +OSSEC v3.1.0 Copyright (C) 2018 Trend Micro Inc.