- bump libprelude library
Changelog libpreludedb:
- Source and Target now use a 16 bits index (required for CorrelationAlert
with large number of source/target). CorrelationAlert Alertident now use a
32 bits index (required to link large number of Alert together).
- Fix compilation on system without ENOTSUP (fix#227):
Include modified patch from Alexandre Anriot <aanriot@atlantilde.com>.
- [pgsql] Patch by Pierre Chifflier <chifflier@inl.fr>, that fixes type
conversions preventing PostgreSQL to use indexes (fix#225).
- [preludedb-admin] Use separate alert / heartbeat command: this is done to
have a coherent implementation of the --offset and --count command line
options.
- [preludedb-admin] Fix --offset with the load command.
- [preludedb-admin] Give the delete table a decent size, should speedup the
delete command.
- [documentation] preludedb-admin manpage (fix#230), by Pierre Chifflier
<chifflier@inl.fr>.
PR: ports/116109
Submitted by: maintainer (Robin Gruyters)
- Updated patch-Makefile.in
- Added Man page
Changelog libprelude:
- prelude-adduser has been renamed to prelude-admin, and now include command
to print or send files containing binary IDMEF data.
- Brand new failover implementation, Feature a real 'journaling' log,
allowing to restart where we were interupted. Allow multiple process to write to
the same failover, and is chroot safe.
- prelude-admin manpage, thanks to Frederic Motte <fred at ubixis com>.
- Use SHA1 in place of MD5 for Analyzer checksum.
- Do not set TCP option on UNIX socket, avoid un-necessary warning.
- New measure all over the public interface to protect against bad API
usage, when a function is not used correctly, a critical warning is triggered.
- [logging]: New PRELUDE_LOG_CRIT logging priority.
- [logging]: Correctly map Prelude log level to Syslog priority.
- [logging]: Improved logging format (include timestamp, level, process pid).
- [logging]: New LIBPRELUDE_ABORT variable, useful if you'd like libprelude
to abord on critical assertion.
- [logging]: Automatically switch to syslog mode if we detect stdout/stderr
closure.
- [IDMEF-Criteria]: When we try to match a value against a path that is not
part of a message using a 'not' operator, the match should succeed
(Example:
alert.classification.text != 'stuff' should match if the message has no
classification object).
- [IDMEF-Criteria]: When matching multiple listed values within the same
path using a 'not' operator, return an explicit 'no match' if the provided
comparison value was found at least once.
- [IDMEF-Path] (fix#251): Fixes NULL pointer dereference when the last
element of an IDMEF path to an enumeration is not the enumeration itself
(S??ébastien Tricaud <toady at gscore.org>
- Fix a possible race condition with the internal libprelude reference to
the program idmef_analyzer_t when asynchronous timer were used.
- Workaround possible deadlock at exit on OpenBSD, Linux Glibc.
- Only configure libltdl if it is required.
- Various bug fixes, minor enhancements.
- Write the children PID into specified pidfile (fixes#257).
- Fix double free on idmef_criterion_value_t cloned regexp object (thanks
to Helmut Azbest <helmut.azbest at gmail.com>).
- Allow Python thread to run, while entering libprelude C function.
- Return PRELUDE_ERROR_ASSERTION when API check fail, in place of
PRELUDE_ERROR_GENERIC.
- Make prelude_plugin_unsubcribe() work as expected (call the plugin
instance destroy function).
- Various bug fixes, minor enhancements.
PR: ports/116107
Submitted by: maintainer (Robin Gruyters)
It performs "black-box" scans, i.e. it does not study the source code of
the application but will scans the webpages of the deployed webapp,
looking for scripts and forms where it can inject data.
Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to
see if a script is vulnerable.
WWW: http://wapiti.sourceforge.net/
PR: ports/116873
Submitted by: Philippe Audeoud <jadawin at tuxaco.net>
