OSSEC

OSSEC changelog (4.1.0)

Release Maintainers

Dan Parriott

Scott R. Shinn (https://www.atomicorp.com)

Contributors on this release

• @atomicturtle
• @mobstef

Release Notes

Key enhancements include SMTP authentication support, IPv6 whitelisting improvements, and support for large files (>2GB). This release also includes multiple bug fixes for analysisd and logcollector crashes. This changelog is not yet complete

Security Fixes

• @atomicturtle - PR 2181 - Increase default decoder field limit to 256 to support complex log formats
• @atomicturtle - PR 2195 - Add SMTP TLS and authentication support to maild and monitord

General

• @atomicturtle - PR 2183 - CentOS 7 build fixes and C99 adjustments
• @atomicturtle - PR 2185 - Add support for Rocky Linux 9
• @atomicturtle - PR 2186 - Fix agent_control -l output formatting and ICMP logging
• @atomicturtle - PR 2192 - Spec file improvements for RPM packaging
• @mobstef - PR 2194 - Fix Lua symlink targets in build process
• @atomicturtle - PR 2196 - Add GitHub Actions for automated Linux builds
• @atomicturtle - PR 2197 - Add GitHub Actions for automated Windows builds
• @atomicturtle - PR 2198 - Increase OS_MAXSTR to 6144 to prevent log truncation
• @atomicturtle - PR 2200 - Improve IPv6 whitelisting and support in install.sh
• @atomicturtle - PR 2201 - Enable large file support (>2GB) in Makefile and hash operations

Bug Fixes

• @atomicturtle - PR 2162 - Fix Windows version reporting and DB reconnection logic
• @atomicturtle - PR 2184 - Fix false positive in rootcheck for /dev/shm
• @atomicturtle - PR 2187 - Fix memory leak in logcollector and initialize DH parameters in os_auth
• @atomicturtle - PR 2188 - Fix crash in analysisd on sid_prev_matched list overflow
• @atomicturtle - PR 2191 - Fix segfault in analysisd with custom decoders and LibMagic
• @atomicturtle - PR 2199 - FIM: handle missing fields in syscheck logs and update Windows manifest IDs