forked from marioli/havp-ng
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ChangeLog
166 lines (143 loc) · 6.58 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
*HAVP 0.93 released (2019/02/02)
- Add support for clamav 0.101: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
- Enable LFS & fix autoreconf: Sebastian Andrzej Siewior
- Add SSLTIMEOUT config option: Rene Mayrhofer, adapted from a patch by Heiko Schlittermann
- Fix missing re-opens of logfiles after signal(7): Sebastian Andrzej Siewior
- Remove the VIA header completely if disabled: Sebastian Andrzej Siewior
- Change default PID file and SCANTEMPFILE location: <mfladischer@home.fladi.at> adapted and cleaned up by Rene Mayrhofer
- Change default clamd socket: Scott Kitterman
- Update transparent proxy documentation link: Sebastian Andrzej Siewior
*HAVP 0.92a - Security Fix
- Add missing dot to sourceforge for safety
*HAVP 0.92 released
- Add SCANMIME and SKIPMIME options
- Add TIMEFORMAT option
- Add VIRUSLOG option
- Add PARENTUSER/PARENTPASSWORD (thanks to James Brotchie)
- DISABLELOCKINGFOR default has changed in favor of ClamAV 0.96,
it only contains AVG:ALL now
*HAVP 0.91 released
- Fix possible segfault on dns lookups (thanks Gavin McCullagh)
- Fix compiling with gcc 4.4
- Support AVG version 8.5 (default AVGPORT 54322) (thanks Markus Wigge)
(note: you may need DISABLELOCKINGFOR AVG:ALL, which is now default)
*HAVP 0.90 released
- ClamAV library 0.95 support (recompile needed)
- Support NOD32 version 3 (set NOD32VERSION 30 in config)
- Add PRELOADZIPHEADER config (Squid 3.x might not work if enabled)
- Add SYSLOGVIRUSLEVEL config
*HAVP 0.89 released
- Fix possible retry loop and hang (thanks to Peter Warasin @ endian.it)
- Always send Via: header, fixes some IIS problems (e.g. MSNBC)
*HAVP 0.88 released
- ClamAV library 0.93 support (recompile needed, new option CLAMMAXSCANSIZE)
- CLAMMAXFILESIZE default is now 100MB (so 0.93 even starts scanning big files)
- Fix random seed issue (ClamAV generated some temporary file errors)
- Added DISABLELOCKINGFOR config (fix for ZIP handling in ClamAV 0.93)
- Arcavir version 2008 support (set ARCAVIRVERSION)
- Log scanner errors to errorlog
- Relaxed SSL/CONNECT port limits
(It is _not_ recommended to use --enable-ssl-tunnel, you should use Squid)
*HAVP 0.87 released
- DrWeb scanner support
- F-Prot support for v6.0 added (also check FPROTOPTIONS)
- If false, X_FORWARDED_FOR drops also Via: header for privacy
- Fix Avast and AVG bugs
- Templates support <!--url--> and <!--clientip--> tags
- Uses supplementary groups for user if defined
- Added TRICKLINGBYTES config
- Reduced *MAXFILES settings to 50 for performance
- Add missing HTTP methods (MKACTIVITY, CHECKOUT, MERGE)
*HAVP 0.86 released
- Experimental support for chunked Transfer-Encoding, fixes some broken sites
- Added IGNOREVIRUS config for whitelisting virus names
- Added CLAMBLOCKBROKEN config
- Improve detection with AVG, only Viruses were found, not Trojans etc
- HAVP is killed if database reloading fails for Library Scanner
- Log URL when crashed scanner process detected, for troubleshooting
- Build system updated (--prefix --sbindir --sysconfdir --localstatedir)
*HAVP 0.85 released
- Added support for ClamAV 0.90 library
(once compiled for it, older library versions not supported)
*HAVP 0.84 released
- Fix bug in tcp buffer, requests could leak to other clients sometimes
- Support for Arcavir scanner
- Support for multiple IPs in hostnames, all are tried if necessary
- Pass Proxy-Authorization header to parent proxy (thanks Mateus)
- Ignore scanner errors if MAXSCANSIZE reached (thanks Vittorio)
- Build system polished a bit (--prefix supported)
- Added support for old NOD32 scanner (set NOD32VERSION in config)
- Default for MAXSCANSIZE 5000000, not suggested to be 0 anymore
*HAVP 0.83 released
- Allow Accept-Encoding header so HTTP compression works
- Workaround for some ClamAV mmap() troubles (affected BinHex and PDF)
*HAVP 0.82 released
- Improved ZIP handling (header pre-fetch, scans ZIPs larger than MAXSCANSIZE)
- Added SCANIMAGES config
- Ignore RAR errors from clamd
- Fixes to HTTP header handling
- Added syslog logging option
- Signal HUP re-opens logfiles, making rotation possible
*HAVP 0.81 released
- Fixed binding to low ports (<1024)
- Fixed FreeBSD, downloads that took longer than TRICKLING did not work
*HAVP 0.80 released
- Experimental FreeBSD support (no mandatory locking, KEEPBACK not supported!)
- Avast! scanner support
- Added MAXDOWNLOADSIZE config
- Added X_FORWARD_FOR config to control the header
- Added some archive scanning parameters for Trophie
- Added TCP support for clamd
- Ignore RAR errors from ClamAV (use ClamAV-devel if you want to scan RARv3)
- Fixed bug in socket buffer, sometimes caused nasty effects with POST etc.
- Fixed KeepAlive for HTTP/1.1 clients, now on by default
- Access logging format changed a bit
*HAVP 0.79 released
- MULTIPLE SCANNER SUPPORT! (see havp.config how to enable scanners)
- NOD32, Sophos and Clamd scanner support
- Parentproxy error on SSL tunneling is passed to browser
- Whitelisted sites can use HTTP Range requests (for Windowsupdate..)
- Added STREAMUSERAGENT/STREAMSCANSIZE config to reduce stream scanning
- Added SCANNERTIMEOUT option to catch scanners gone wild
- Added scanning options for ClamLib
- Some HTTP header handling fixes
- Init-script updated so it works on Solaris
*HAVP 0.78 released
- Solaris is now supported too
- AVG scanner support
- Kaspersky aveserver socket support (faster)
- Added TEMPDIR, LOGLEVEL, FAILSCANERROR and WHITELISTFIRST config
- KEEPBACKTIME config added to complement KEEPBACKBUFFER setting
- Basic HTTP Keep-Alive support, improves network performance
- HTTPS/SSL tunneling support (requires configure --enable-ssl-tunnel)
- FTP is supported and scanned when FTP supporting parent proxy is used
- Default user and group changed to havp
- Logging improved
- Many important and not so important fixes/optimizations
*HAVP 0.77 released
- Fix Security Bug - Kaspersky and F-Prot did not catch viruses
- Add Trophie (Trend Micro) Scanner
- Added RANGE config for improved security
- Change some default settings
*HAVP 0.76 released
- Improve performance
- Fix small bug in logfile
- Swedish Templates <Johnny Strom>
- Polish Templates <Eryk L. Rathmann>
*HAVP 0.75 - 02/01/2005
- Improve Configfile
- Fix Bug in Black/Whitelists
*HAVP 0.74 - 12/11/2005
- Add IP to Logfile
- Add Templates
- Improve Errorhandling
- Fix Bug in Serverpool
*HAVP 0.73 - 20/10/2005
- Move Pidfile to /var/run/havp/havp.pid
- Add Templates
- Improve Performance
- Rewrite Domains (Check default.h.in)
*HAVP 0.72 - 07/10/2005
- Add Kaspersky and F-Prot Scanner
- Add Templates
- Fix some minor bugs in default.h