Commit graph

15 commits

Author SHA1 Message Date
agc
5293710fb4 Add SHA512 digests for distfiles for security category
Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
2015-11-04 01:17:40 +00:00
hasso
e29c0fd4da Update to 0.9.17.1. Fix PLIST. Fix dependency. Upstream changes since 0.9.17:
- Fix possible encoding error in the message summary view (#360).
2009-10-02 10:25:53 +00:00
hasso
9362f65242 Update to 0.9.17. From Rumko via PR 41763. Upstream changes:
Changes in 0.9.17:
==================

- Do not provide an exhaustive list of unreachable linked alert, rather,
tell the user how many linked alert are not reachable any more.

- String encoding fixes, do not mix unicode and bytestring, and more
generally, use unicode for internal string storage. This fixes a lot
of possible exception with particular specific user input, or with
localization enabled.

- Inline filter didn't work as expected when viewing events starting
with a specific offset, because the offset keyword wasn't removed
from the generated link.

- Error handling improvement (back / retry button weren't always
working as expected).

- Fix exception when no protocol was available.

- Improve navigation button link (make the link cover the whole button).

Changes in 0.9.16:
==================

- Multiples advanced filter within the same column wouldn't display
correctly.

- Correctly restore input field when switching between advanced/simple
filter mode.

- Fix multiple bug that would results in inconsistant filtered "state"
and reset button.

- Using the classification simple filter now also trigger a search on
impact.completion.

- Fix multiple alert deletion checkbox, (#357).

- Various bug fixes.

Changes in 0.9.15:
==================

- Make it obvious when a column is filtered by replacing the old sober
star with a big "[filtered]" red marker. If the column filter is
saved, then the marker color will go from red to black.

- Once the user filtered a given field by clicking on it, deny further
click so that it is clear that the filter is currently active.

- Re-write the inline filter implementation using Cheetah + Jquery, in
place of generating an enormous amount of javascript code. This
drastically reduce the size of the events listing HTML page, and will
allow for much easier modification of the inline-filters.

- Only propose filter operator relevant to the selected path.

- Inline filter now present a single input field (with no path and
operator selection). Using this field, the user can filter on what is
seen in the associated column. For example, in the classification
column, the filter will trigger a search on classification.text,
classification.reference.name and classification.reference.origin.

There is also an [advanced] button allowing the user to specify both
the path and the operator.

- Implement a reset button in each inline filter column, that allow to
switch between different version of the filter: last saved filters,
default filters, or current filters.

- The user can now click an alert completion to set an inline filter on
the completion value.

- Clicking on a port / protocol now trigger a CSS menu allowing to
filter on the port and protocol information, or to get information
concerning this port / protocol.

- Clicking on a classification reference now trigger a CSS menu which
allow to filter on the reference, or to get more information
concerning it.

- Clicking on classification now add a filter on the selected
classification (previously, it would have unfolded aggregated alerts
for the selected entry, which is now done clicking the alert count).

- Until now, the default user that was automatically created by Prewikka
if there was no administrative user was "admin". As of now you can
define the initial administrative username and password from the
configuration file. (fix #289).

- Fix escaping for reference details URI parameters.

- Fix ModPython content-type handling.

- Invalid variable name, fix #339.

- Update to JQuery 1.3.2, and fit small JQuery API change.

- If the installed libprelude or libpreludedb version is too old,
Prewikka will require the user to upgrade. Currently, Prewikka depend
on libpreludedb 0.9.12, and libprelude 0.9.23.

- Fix IDMEFDatabase exception on empty criteria string (fixes #346).

- Analyzer retrieval fixes and speedup (fixes #350).
2009-08-24 13:57:33 +00:00
shannonjr
c786e8b6b2 Update to 0.9.14. Changes:
- Let the user choose the type of sorting (default to time descending,
  available: time asc/desc, count asc/desc).
- Implement Prewikka Asynchronous DNS resolution in alert view
  as well as message summary (require twisted.names and twisted.internet),
  see the additional dns_max_delay settings parameters in prewikka.conf.
- In the alert summary view, handle portlist and ip_version service fields,
  and show alert messageid.
- Fix exception when rendering ToolAlert.
- Fix double classification escaping (could result in non working link
  for alert with classification containing escaped character).
- Improvement to heartbeat retrieval (heartbeat view speedup).
- Correct typo (fix #275), thanks Scott Olihovki <skippylou@gmail.com>
  for pointing this out.
- Polish translation, by Konrad Kosmowski <konrad@kosmosik.net>.
- Update to pt_BR translation, by Edelberto Franco Silva <edeunix@edeunix.com>
- Various bug fixes and cleanup.
2008-04-28 10:59:42 +00:00
shannonjr
4d45d601c7 Update to 0.9.13. Changes:
- Only perform additional database request when using Sensor localtime:
  this bring a performance improvement of about 36% on aggregated query,
  when using either frontend localtime (the default), or UTC time.
- JQuery support: Port most of the javascript code to make use of JQuery.
  Add show/hide effect to CSS popup. More filtering functionality in the
  SensorListing view.
- Cleanup the Authentication class, so that uper Prewikka layer can act
  depending whether the backend support user creation / deletion. Anonymous
  authentication is nowa plugin.
- Better integration of CGI authentication allowing user listing and deletion.
- Report template exception directly to the user.
- Fix exception if an alert analyzer name is empty.
- Fix problem when adding new Prewikka users (#262).
- Fix exception when user has no permission set.
- When changing password, we didn't try to match an empty 'current password'
  (which is a minor issue since the user is already authenticated). Thanks
  to Helmut Azbest <helmut.azbest@gmail.com> for the fix.
- Fix a typo making mod_python use the parent method (patch from
  Helmut Azbest <helmut.azbest@gmail.com>).
- In the configuration file, recognize section even if there are whitespace
  at the beginning of the line.
- Localization fixes, by Sebastien Tricaud <toady@gscore.org>, and
  Bjoern Weiland.
2007-10-29 21:59:00 +00:00
shannonjr
c558e3963d Update to release 0.9.12.1. Changes:
- Implement an Auto-Refresh system (fix #231).  (including code from
  Paul Robert Marino <prmarino1@gmail.com>).
- Ability to filter on missing/offline/online/unknown agents. Make more easier
  to read each agent status in collapsed mode.
- Fix filter load/save/delete issue with translation.
- New 'My account' tabs, under the Settings section (fix #241).
- New messageid and analyzerid parameters, allowing link to a Prewikka alert
  from an external tool (previously required a database query in order to
  retrieve the database event id).
- Don't redirect to user listing once an user preference are recorded. Fix
  changing of another user language by an user with PERM_USER_MANAGEMENT.
  Display target user language rather than current user language.
- Improve the timeline control table layout.
- Fix translation of string possibly using plural.
2007-08-04 09:27:35 +00:00
shannonjr
741d310347 Update to 0.9.10. Changes:
- Allow filtering plugins to hook others filters plugins.
- Update reporting code to latest specification for the SNMPService class.
- Warn about Un-handled command line arguments.
- Properly dump IDMEF-XML output (fix #186).
- Various bug fixes.
2007-04-09 12:50:20 +00:00
shannonjr
c715ad813c Update to 0.9.9. Changes:
- Improve database performance by reducing the number of query. (Paul Robert Marino)
- Activate CleanOutput filtering (lot of escaping fixes).
- More action logging.
- Bug fixes with the error pages Back/Retry buttons.
- Fix error on group by user (#191).
- Fix template compilation error with Cheetah version 2 (#184).
2007-02-23 15:25:00 +00:00
shannonjr
b0b02fd1c5 Update to Prewikka 0.9.8. Changes:
- Save/load user configuration when using CGI authentication mode (#181).
- Show Prewikka version in the About page (#177).
- Use Python logging facility (available backend: stderr, file, smtp, syslog),
  multiple simultaneous handler supported (#113).
- Fix anonymous authentication.
- Fix external process going into zombie state (#178).
- Display correct alertident for invalid CorrelationAlert analyzerid/messageid pair.
- prewikka-httpd should now log the source address.
- Thread safety fixes.
2006-11-24 11:45:30 +00:00
joerg
450268d1cf Fix config file handling by honouring PKG_SYSCONFDIR, installing the
configuration file to share/examples and using CONF_FILES.
It also stops the package from polluting /etc. Bump revision.
2006-10-10 15:05:14 +00:00
shannonjr
bbdaf76efe Fixed bug in 0.9.7 release that prevented filters from working. 2006-08-23 10:30:02 +00:00
shannonjr
c8ace5acc3 Update to 0.9.7. Changes:
- Use preludedb_delete_(alert|heartbeat)_from_list(). Require
  libpreludedb 0.9.9. Provide a deletion performance improvement
  of around 3000%.
- Handle multiple listed source/target properly. Separate
  source/target in the message listing.
- Make host command/Information link available from the Sensor
  listing.
- Always take care of the "external_link_new_window" configuration
  parameter.
- Make external command handling more generic. Allow to specify
  command line arguments.
- Allow to define unlimited number of external commands rather than
  only a defined subset (fix #134).
- Avoid toggling several popup at once in the HeartbeatListing.
- Only provide lookup capability for known network address type (fix #76).
- New address and node name lookup provided through prelude-ids.com service.
- Link to new prelude-ids.com port lookup instead of broken portsdb
  database (fix #162).
- Various bug fixes.
2006-08-17 11:35:20 +00:00
shannonjr
a5c9fab530 Update to Prewikka 0.9.5. Changes:
- Replace patch with official fix 'Filter on Target' link (fix #148).
- Fix alert summary exception with alert including file permission (fix #149).
- Fix creation of an empty __init__.py file in lib/site-packages (#147).
- Print currently installed version on libpreludedb requirement error.
- Make sure /usr/bin/env is expanded.
2006-05-04 13:16:42 +00:00
shannonjr
bf58e6e09f Update to 0.9.4. This is a bugfix release. Added patch to fix
'Filter on this Target' bug (re Prelude Trac ticket 148)
2006-04-24 10:39:05 +00:00
shannonjr
a22c5267d6 Prelude is a hybrid IDS consisting of multiple
sensors, managers, and a display console. This
is the display console.

This is one of several new Prelude packages.
2006-01-29 16:00:44 +00:00