==OSSEC v2.2 CHANGELOG (Sep 08, 2009)==

We are pleased to announce the general availability of OSSEC version 2.2.
As always, this version comes with lots of bug fixes and new features.


Changelog:



-Added support to vpopmail logs.
(Thanks to Aleksander Podsiad for the patch).

-Removed duplicated Apache log entry.
(Thanks to Aleksander Podsiad for the patch).

-Added validation checks on the email_to option.

-Added tool to proper validate if the system is little or big endian.

-Added <ignore> option to rootcheck (specially to deal with large NFS shares
 and avoid scaning them).

-Added option to log every rootcheck event (not only the FTS ones).
            
-Fixed configuration error when no parameter was given to the agent.conf file.

-Added rules to ignore constant CRON login/logout alerts (happening on Debian/Ubuntu).            

-Changed the way we handle Windows sockets to better handle shared files.

-Added support for roundcube logs.
(Thanks to Michael Starks for the patch).

-Added support for Netscreen alert (IDS) events.

-Added command line options to the manage_agents tool.

-Fixed issue of duplicated IP addresses on syscheck_control.
(Patch by ddpbsd at gmail.com).

-Fixed the way we handle /0 netmasks on all the control tools.

-Added custom fine-grained entries to syscheck on Windows. The goal is to
reduce the amount of directories check and increase usefulness.

-Added option to disable message id checks. Useful when you plan to reuse
keys.

-Added support for Wordpress logs. They come from the wpsyslog2 plugin that
we modified to log everything to syslog (from new posts, new comments, logins,
logouts, etc).

-Added support for escaping "<" on the XML and regex libraries.

-Fixed bug on syscheck_control where the zero/ignore options were not working
on some systems.
(Thanks to Michael Starks for the report).

-Added support for Trend OSCE log files.

-Fixed installation script on AIX to only use /bin/false if it is installed.

-Fixed test log program that was using 100% CPU when cat/tailing a file to it.

-Fixed logcollector seg fault when the agent.conf file is empty.
(Thanks to ddpbsd at gmail.com for the report).

-Added ossec rule to alert when the event log is cleared even on non-security
event logs. 





To download the new version:
http://www.ossec.net/main/downloads


We want to thank everyone who sent comments, suggestions
or just some nice words to us! We really appreciate the 
feedback!


Daniel B. Cid (in name of the OSSEC team).
http://www.ossec.net/main/about
http://www.ossec.net/announcements/v2.2-2009-09-08.txt