OSSEC version 1.0 is now available.

Caveats:
* Make sure to fully stop ossec before updating (if upgrading from 0.9).
* Make sure to update your ossec server before any agent.


It has the following new features and fixes:


-Support for registry monitoring on the Windows agent.

-Support for dynamic IP addresses in the server/agent communication
(useful for DHCP networks). More information: http://ossec.net/dcid/?p=19

-Storing full logs in the alert log file.

-More information added to the active response logs which was
moved to the logs directory ( active-responses.log ).

-Support for glob formated files in the logcollector list.

-Added parser for Lotus Domino logs (NCSA format).

-Added parser for Windows event logs in the NTSyslog format.

-Added decoders/rules for Symantec Anti virus.
(Thanks to BlackCryptoknight for the logs).

-Added support for Windows Routing and Remote Access logs.
(Thanks to BlackCryptoknight - black_cryptoknight at yahoo.com
for the logs).

-Improved rules for Unix PAM
(Thanks to Jay for the logs).

-Added support for ASL (Apple system log) in the following
formats: http://www.ossec.net/wiki/index.php/Asl.log
(Thanks to ChuckD <mdmonk at gmail.com> for the logs).

-Added more kernel-related and syslogd rules.

-Fixed bug on execd that wasn't allowing active responses to be
disabled on the agent.
(Thanks to Vish Sama <samakasi at hotmail.com> for the report).

-Fixed bug on syscheckd that was reporting the wrong file
name on the alert subject.
(Thanks to BlackCryptoknight - black_cryptoknight at yahoo.com).

-Fixed problem on logcollector that was causing it to crash
when no log was given to the Windows Agent.
(Thanks to Rob <jnrelliott at gmail.com> for the report).

-Improved decoders to support Cisco ASA logs
(Thanks to David J. Bianco <david at vorant.com> for the information).

-Fixed issue on which ossec was still using /sbin/nologin for
the user shell even when it was not present (checking for
/bin/false now).
(Thanks to Jack S. Lai <laitcg at gmail.com> for the report).

-Fixed misuse of the stdarg functions. It was causing
some 64 bits systems to segfault (when printing to stderr).



To download the new version:
http://www.ossec.net/en/downloads.html


Thanks for all the contributors! 

Daniel B. Cid (in name of the OSSEC team).
http://www.ossec.net/en/about.html#dev-team
http://www.ossec.net/announcements/v1.0-2007-01-15.txt