- Added keychain man page
- Fixed bugs with displaying colors for keychain --help
- Added a $grepopts to fix the grepping for a pid on cygwin
- Added a TODO document color fix based on submission by Luke Holden
Changes:
2003-03-09 Gisle Aas <gisle@ActiveState.com>
Release 2.24
Don't let the $^W test get confused by lexical warnings.
Sync up with bleadperl; safer patchlevel include.
2003-01-18 Gisle Aas <gisle@ActiveState.com>
Release 2.23
Override INSTALLDIRS for 5.8 as suggested by
Guido Ostkamp <Guido.Ostkamp@t-online.de>.
Changelog:
1.8.3 (Feb 6, 2003)
- Lots of new signatures
- URL's for papers and sites with information on fingerprinting.
- Information on the windows/Cygwin port. .exe for 1.8.3 will
show up soon.
1.8.2.2 (May 13, 2002)
- Rechecked version numbers. (Bill)
- Mysql cleanup and integration
- Mysql quickstart (Marion)
1.8.2.1 (May 12, 2002)
- Mysql Support Added (Evrim ULU <evrim@core.gen.tr>)
- FPS Buffer Length increased from 120 to 150 (Evrim)
- p0f-mysql.conf config file added for mysql connectivity (Evrim)
- parser for p0f.fp was corrected. It was including
wwww:ttt: ... line in the comments. (Evrim)
- mysql/db.sql file is included for creation of db tables (Evrim)
- Makefile.mysql is added - no gnu autoconf support yet. (Evrim)
- New RedHat 7.0 Beta Fischer FP added. (Evrim)
- Max fingerprints raised to 5000 for the moresigs project. (Bill)
- ad hoc fix build problem on NetBSD current.
- changes from 0.1.2a:
Tue, 10 Dec 2002 02:32:54 -0900 -- GOTOU Yuuzou <gotoyuzo@notwork.org>
* ossl-0.1.3 released
Mon, 9 Dec 2002 22:26:15 -0900 -- GOTOU Yuuzou <gotoyuzo@notwork.org>
* x509name.c: let initialize() give a Array instead of a Hash.
to_a is implemented and to_h is deprecated.
* openssl.rb: X509::Name is refined.
Mon, 9 Dec 2002 20:21:32 -0900 -- GOTOU Yuuzou <gotoyuzo@notwork.org>
* ossl.c: use ruby_unsetenv() instead of unsetenv().
* ssl.c: the return value of SSL_read/SSL_write is int (not size_t).
This fix is suggested by matz. ([ruby-list:36721])
Mon, 28 Oct 2002 10:39:43 +0100 -- Michal Rokos <m.rokos@sh.cvut.cz>
* LICENCE: update to latest Ruby's
* extconf.rb: fix to make it work under Ruby 1.7.3
* pkey.c: fix MACRO
* ChangeLog: changed style
since there is a problem with aide-0.9 which results in it sending an
email warning on every run of the scanner. Whilst this version may
have other problems (it believes opendir(3)'s output, IIRC), it does
keep quiet about them.
aide-0.6 creates a database from the regular expression rules that it finds
from the config file. Once this database is initialized it can be
used to verify the integrity of the files. It has several message
digest algorithms (md5,sha1,rmd160,tiger,haval,etc.) that are used to
check the integrity of the file. More algorithms can be added with
relative ease. All of the usual file attributes can also be checked
for inconsistencies. It can read databases from older or newer
versions. See the manual pages within the distribution for further
info. There is also a beginning of a manual at
http://www.cs.tut.fi/~rammer/aide/manual.html
Changes (from 0.49) :
- fixed build problem for OpenSSL 0.9.6 and some builds
of perl 5.8.x which resulted in make error:
/usr/include/openssl/des.h:193: parse error before '&' token"
Thanks to Rob Brown for submitting a similar patch to cover
this problem
- bug fix from Dongqiang Bai when server using proxy cannot
resolve host name being connected to
- Added c:/openssl in default search path on win32 machines
which is the recommended installation area in the openssl dist
- Added patch from Pavel Hlavnicka for freeing memory leaks
from SSL_CTX_use_pkcs12_file() whose functionality is triggered
by the $ENV{HTTPS_PKCS12_*} settings
- Added alarm() during Net::SSL->read() to honor socket timeout
setting for more robust applications. read()
will die_with_error() which in consistent with previous
semantics used during SSL read() failure
Thanks to Pavel Hlavnicka for prompting this change.
- Removed code that supported versions of SSLeay before version 0.8
I believe SSLeay v.8 was released back in 1998
- Added patch from Devin Heitmueller so that initial random seed
would be taken from /dev/urandom if available via RAND_load_file
API
Changes :
1.22
- proxy auth fix from Bill.Muller@@ubsw_..com
- RAND patch from Toni Andjelkovic <toni@soth._at>
1.23
- some minor tweaks by many, mainly for RH build
- memory leak and cleanup patches from
Marian Jancar <mjancar@suse._cz>
now and not NetBSD-*-arm32. Changes include one or more of:
- Change MACHINE_ARCH == arm32 to also match arm
- Where ONLY_FOR_PLATFORM includes NetBSD-*-arm32, add NetBSD-*-arm
- Where BROKEN or worked around for arm gcc bugs, set USE_GCC3
The last may shake out a few more broken packages the next bulk build.
- (djm) Add back radix.o (used by AFS support), after it went missing from
Makefile many moons ago
- (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer
- (djm) Fix blibpath specification for AIX/gcc
- (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org
(This last fix makes this compile on IRIX again.)
Also, add dependency on Perl instead of noting it in message, and use
REPLACE_PERL.
PHP frontend not included in this package.
Changes:
apg-2.1.0
Some code cleanup.
apg-2.1.0b1
Option [-E char_string] now works for pronounceable
password generation too (see apg(1), apgd(8)).
apg-2.1.0b0
Added new option [-e char_string] that allow to exclude some
characters from password generation process.
(works only for random password generation yet)
apg-2.1.0a0
Added support for /dev/arandom for OpenBSD
apg-2.1.0a0
Fixed some typing errors in the man pages
System getopt() replaced with own apg_getopt().
All calls of bcopy() and bzero() replaced with memcpy() and memset().
Changed documentation.
PRNG algorithm changed to use PID as an element of initial seed.
Redesigned PHP frontend. Added support for German language.
Implemented password quality ckeck based on filter. Now you can enforce
APG to generate passwords that must contain numbers, special characters etc.
Removed support for old style password generation mode definition.
apg-2.0.0final
Changed PHP frontend to work with PHP safe-mode.
Version numbers of apg, apgd, apgbfm, apgonline changed to 2.0.0final.
apg-2.0.0b1
Fixed error that has forced user to set world-write privileges on
Bloom-filter file. (Thanks to Mike Robbins)
Fixed PHP frontend to clean-up generated HTML code.
(Thanks to Mike Robbins)
apg-2.0.0b0
Some code style fixes.
Support for "special" symbol-set usage for password generation
in pronounceable mode (S mode).
Support for "resticted special" symbol-set usage for password generation
in pronounceable mode (R mode).
New style of hyphenated password output for pronounceable
password generation mode.
apg-2.0.0a3
Better error handling in apgbfm.
Added -q option for apgbfm and apg (quiet mode).
Added PHP frontend for APG.
apg-2.0.0a2
Added support for SHA1 algorithm used for random numbers and hash
generation.
Hash function used in apgbfm changed to SHA1.
Added info to APG_TIPS file.
apg-2.0.0a1 (not published)
Finaly fixed some warnings during compilation process.
Added support for OpenBSD.
Added info to APG_TIPS file.
apg-2.0.0a0
Added new algorithm (-b option) to check generated passwords
quality (Bloom filter).
Added utility apgbfm to manage Bloom filter.
Some code style fixes.
Added APG_TIPS file in documentation.
- Cleared up some ambiguous syntax (grid -column instead of -col)
- Added a workaround for a bug in Tcl/Tk 8.4.0, which crashes on selection
requests when a handler is registered without a type. Thanks to Roberto
Ugoccioni for both of these patches!
This also includes changes offered in pr pkg/18734 and pr pkg/20796
submitted by Adrian Portelli. Thanks & Sorry that it took that long to
pick them up.
2.0.6 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Support for the keyword 'default' as a port range in nmap_wrapper.nes
- Fixed a zombie issue in nmap_wrapper.nes
- Fixed various issues which could allow a NASL script to crash the
NASL interpretor
- Improved the process management in find_services.nes
2.0.5 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a rare race condition which may make the scan hang
- Fixed SMB related issues
- Entering "default" as the port range will make nessusd scan the ports
listed in the Nessus services file.
- Even more sigs in find_services.nes
. changes by Julien Bordet (zejames@greyhats.org)
- Added over 3,000 signatures to smtpscan.nasl (thanks to the data
provided by the Nessus team)
2.0.4 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- fixed the SIGCHLD handler which would not work properly and leave zombies
on the system
- fixed a race condition when testing a great number of hosts which would
cause a testing process to slow down a whole audit or even hang it
totally
- When a great number of host names is passed to nessusd as a target, they
are resolved by chunks of 64 instead of trying to resolve everything then
starting the test
- RedHat 9 support (in spite of their attempt to make their distro incompatible
with everyone else)
. changes by Gabriel L. Somlo <somlo@acns.colostate.edu>
- The nessus can save the reports to stdout and read them from stdin
2.0.3 :
- fixed a compilation error which would prevent find_services from working
properly
2.0.2 :
. changes by Michel Arboi (arboi@alussinan.org)
- NASL port of smtpscan (original Perl program by Julien Bordet)
- Nasty bug made loop stop prematurely on rare cases
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Re-wrote webmirror.nasl from scratch. The new version has a real parser
built-in and is much faster
- Added checks for older Microsoft Advisories
- SMB plugins now use NTMLv1 authentication, ie: they don't send passwords
in clear text over the network any more
- Added new crypto functions, taken from samba, in libnasl/
- Repaired detached scans
- Fixed IP ranges notation (10.1.1-9.1-254 did not work any more)
- Minor bug fixes and enhancements : #234, #233, #230, #229, #228, #225, #222,
#220, #218, #217, #216, #215, #213, #212, #211, #207, #206, #205
- nessus-update-plugins properly calls chown under FreeBSD, no matter how
many plugins there are
- find_services.nes recognizes even more protocols
. changes by Xueyong Zhi <zhi@mail.eecis.udel.edu>
- Added NTLMv2 authentication
. changes by Frank Migge (frank.migge@oracle.com)
- nessus-mkcert-client creates the auth/rules file properly
2.0.1 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Minor bugfixes (bugs #180, #183, #185, #188, #189, #195, #197, #202, #203, #204)
- Fixed the "pink" graphical report issue
- Added http keep-alive support in the CGI related plugins
- Fixed a bug in the function get_kb_list() which would not always work
properly
- Fixed an issue where in some situations, some HTTP services would not
be tested for flaws if they have not been port-scanned first
- Added new signatures in find_services.nes
. changes by Stephen Friedl (steve@unixwiz.net)
- Fixed bugs and warnings in nessus-libraries
2.0.0 :
. changes by Michel Arboi (arboi@alussinan.org)
- NASL2 : Implement >!< "strings don't match" operator
- NASL2 : fixed a vicious case of freed memory copy.
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Fixed a small bug in the plugin scheduler
- Ported to IRIX
- Several small bugfixes
. changes by Xueyong Zhi <zhi@mail.eecis.udel.edu>
- Added nmap_osfingerprint
1.3.4 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Re-written the process manager for the hosts
- Lots of bugfixes in the plugins text store manager
- New port scanner "synscan" which uses the RTT of the packets to do
its job.
- Fixed several small issues in nasl and nessusd (bug fixes, code cleanup)
- Added cryptographic hashing functions in NASL
- Added the function get_kb_list() which returns the content of a KB
without forking the plugin
- Updated the manpages of nessusd and nasl
. changes by Michel Arboi (arboi@alussinan.org)
- Fixed scanner_get_port() when running in standalone mode
- Fixed possible uninitiliazed memory issues in libnasl
- Started to write the NASL2 reference guide (to be found in libnasl/doc/)
1.3.3 :
. changes by Michel Arboi (arboi@alussinan.org)
- Implement bit xor, logical & aithmetic right shift, power
- Fix operator precedence
- Added new NASL functions
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- The plugin texts are not loaded in memory any more, thus reducing
the consumption of the nessus daemon of two megs. This also speeds up
the loading of nessusd.
- Fixed a bug in the plugins scheduler (if optimizations were enabled,
the scan would sometime hang)
- Added a new NASL function (int())
- Fixed strings substraction to handle null values properly
- find_services.nes runs in parallel mode, for improved speed
- new plugin (synscan) which should perform well against firewalled
hosts (computes the RTT before the scan)
1.3.2 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Added fixes so that nessus-core/nessusd/pluginscheduler.c compiles with
the latest version of GCC
- Fixed a bug in nessus-libraries/libnessus/bpf_share.c : a timer would not
be reset, causing plugins which call bpf_next() to sometimes crash
- Set the timer of bpf_share.c to a much lower value, thus making it work
much better
- Improved tcp_ping()
- Fixed two bugs in the plugins scheduler :
- If the option "enable dependencies at runtime" is set,
it would enable ALL the plugins which are depended on, instead
of only those we use ;
- In some cases, it may terminate too early, thus preventing a scan
from being complete
- DESTDIR support
1.3.1 :
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- Rewrote the plugins scheduler (which determines the order in which
the plugins are to be launched). The new one is much more efficient
but as a result, it is not possible to accurately determine the
order in which the plugins will be ran, so the 'plugin name' in
the client is now totally bogus
- Fixed various issues with NASL scripts so that they work better
with NASL2
- Fixed bugs relative to the creation of icmp and udp packets in nasl
- Fixed some fatal bugs in the bpf sharer
- NASL scripts do not read /dev/urandom any more, and use time() as a
random seed instead. As a result, the loading and execution of nasl
scripts if faster on systems where /dev/urandom can be blocking
- Fixed the tcp NIDS evasion techniques on BSD systems
- Full support for Bugtraq IDs
- The HTML reports add links for URLs, and show the ID number of
the plugin that issues the report.
- Speed up the calls to arg_get_value() by using a hash of the name
being searched for.
- Changed the licence of NASL2 to the GPLv2 (with the consent of Michel Arboi)
. changes by Michel Arboi (arboi@alussinan.org)
- Better handling of the arrays in NASL2
. changes by Erik Anderson (eanders@carmichaelsecurity.com)
- CVE and bugtraq cross references
. changes by Jay (jay@kinetic.org)
- Fixed multiple typos in the plugins
. changes by Javier Fernandez-Sanguino (jfernandez@germinus.com)
- Nessus now ships Hydra 2.2
- Fixed various compilation scritps (see bug#63)
1.3.0 :
. changes by Michel Arboi (arboi@alussinan.org)
- Use our own nessus-services file (re-generated at first start to include
/etc/services and nmap-services)
- Added new families of plugins (ACT_KILL_HOST and ACT_END)
- Rewrote libnasl
. changes by Renaud Deraison (deraison@cvs.nessus.org)
- The 'cancel' button of several file selection dialogs is now working
- Optimized several plugins :
- Web-related checks now use http_recv() instead of recv()
- open_priv_sock_tcp() has a lower timeout
- RPC related checks now use get_rpc_port(), a function equivalent
to libc's getrpcport() but with a much smaller timeout
- Decreased the default value of checks_read_timeout from 15 to 5
- Fixed a bug in the plugin selection GUI which would not refresh
the list of plugins of a given family properly (bug#3)
- Fixed memory leaks in NASL
- Fixed a bug in nessusd which would make it leak memory when receiving a SIGHUP
(bug#10)
- Fixed a compatibility problem with Nmap 3.10ALPHA (bug#11)
- Nessus now accepts nmap's U: and T: notation for the port range (bug#5)
- Helped Michel Arboi to give the last touches to the new libnasl
. changes by Erik Anderson (eanders@pobox.com)
- Added CVE and BID links, added urls and removed dead links from the plugins
. changes by Michel Scheidell (scheidell@secnap.net)
- Improved several SMB-related checks
. changes by Rodolfo Baader (rbaader@activesec.biz)
- Quotes and apostrophes are properly escaped in the XML output report
Changes in 0.7.3:
* More key loading optimizations
* Import and Export dialogs now use the clipboard instead of a text view
* Nautilus component that provides a context menu for crypto operations
* Removed Tools menu in favor of nautilus component
* PGP gconf schemas in /desktop/pgp
* Depends on gnome-mime-data for mime types
* Widgets no longer insensitive during progress operations
* Key edit dialogs are key modal so operations do not conflict
* Can do concurrent operations, except for editing the same key
* Can sign, export, and delete multiple keys
* Export dialog has a default filename
* Control center capplet for configuring pgp
* Can select keys & do operations while keys are loading
Changes in 0.7.2:
* GConf notification for preferences and ui settings
* More gnome preferences
* More listing improvements and optimizations for large key rings
* Key properties now a property window
* Owner trust values are restricted based on key type
* Key manager toolbar preferences
* General interface updates
* Nicer passphrase entry dialog
* Nicer change passphrase dialog
* More columns available in key-manager, can customize which ones are shown,
and each column is sortable
* Main window not completely insensitive during progress and startup
* Key Properties shows a formatted fingerprint, tabs are scrollable
* Recipients allows multiple selection, has statusbars to show number selected
* Can expand and collapse all rows in key-manager
* Changed File menu to Key menu
* Added context menu for keys
* Added buttons/menu items for possible, but not-yet-implemented features
* Sign an entire key
* Add a revoker to a key
* Bug fix when setting Ascii Armor Preferences
* Removed File Manager, replaced with file operations in Tools
* Key pairs initially listed first
* Performance improvements with large key rings, especially in loading
preferences
* Progress display at startup for listing of keys
* Can delete subkeys of non key-pairs
* General interface cleanups
