Releases: linux-audit/audit-userspace
audit-3.0.3
This release improves performance reading events from the kernel. This will put more pressure on plugins, so default q_depth was tripled in size. Check your config, too. The behavior of auparse_feed_has_data in auparse was changed to include incomplete events. Add ProtectHome and RestrictRealtime to auditd.service. Some updates to the ids plugin.
audit-3.0.2
This release fixes a bug in the statsd plugin that caused a crash, updates the syscall tables to the 5.12 kernel, has a big documentation cleanup, and has a big update to the auparse normalizer results. There are various issues found by static analysis cleaned up.
audit-3.0.1
Update syscall table to the 5.11 kernel, Add new --eoe-timeout option to ausearch and aureport, Upgrade libev to 4.33, and update the auparse normalizer for some new syscalls and event types
audit-3.0
This is the long awaited 3.0 major feature release. Most notable item is that audispd is gone. All plugins are run from auditd itself. Please look at the ChangeLog for more details.
audit-2.8.5
This is a bugfix release that cleans up numerous bugs cherry picked from the master branch.
audit-2.8.4
This is a bugfix maintenance release. Please see ChangeLog for details.
audit-2.8.3
Fix a segfault in auditd when dns resolution isn't available, make a reload legacy service for auditd, add interpretations and new event types, Fix logging of IPv6 addresses in DAEMON_ACCEPT events, and Do not rotate auditd logs when num_logs < 2.
audit-2.8.2
This is a bugfix release which updates tables to match the 4.14 kernel, fixes ipv6 socket binding, fixes auditctl --reset-lost command, corrects the expr_create_timestamp_comparison_ex function in libauparse, and fixes building on old systems without linux/fanotify.h.
audit-2.8.1
Fix a NULL pointer dereference in audispd related to the plugin_dir setting.
audit-2.8
Lots of updates for the auparse_normalizer to improve support on many events. Added new object2 api to access a second object when available. Remote logging now supports IPv6 and other remote logging improvements. Fix bugs in auvirt that prevented locating AVC's for the VM. Add support for filesystem filter type. Add command line option to auditd & audispd for config dir path. In auparse, allow non-equality comparisons for uid & gid fields.