Changes:

• New feature - Log Scanner. This feature will send out an email summary of the log lines of each log listed in /etc/csf/csf.logfiles. All lines will be reported unless they match a regular expression in /etc/csf/csf.logignore


• Set LWP::UserAgent agent to "csf/[version]" instead of the default

Changes:

• Modification to quarantine to ensure unique filenames


• Exploit regex definitions database additions


• Exploit fingerprint definitions database additions

Changes:

• Modified to remove cPanel process limits when run


• Modified from using backticks to open3


• Removed use of wget binary

Changes:

• Fixed version module error in cPanel log


• cPanel v11.28+ now a requirement

Changes:

• Changes "no_message_logs" to "message_logs = false" for exim.conf so that the new cPanel v11.32 exim configuration editor doesn't complain


• New Mailscanner v4.84.3:
  http://www.mailscanner.info/ChangeLog

Changes:

• Include new MailWatch database creation SQL to cope with changes in MySQL v5.5 which are not backwards compatible

Changes:

• Added new --ignore [file] option pscript: - regex of web script to ignore


• Set --options [P] ftp timeout to 10 seconds


• Exploit regex definitions database additions


• Exploit fingerprint definitions database additions

Changes:

• csf and lfd modified to better handle !lo interface for compatibility with newer iptables versions


• Removed use of Sys::Hostname::Long


• Added new options LF_APACHE_403 and LF_APACHE_403_PERM. This option will keep track of the number of "client denied by server configuration" errors in HTACCESS_LOG. If the number of hits is more than LF_APACHE_403 in LF_INTERVAL seconds then the IP address will be blocked. See csf.conf for more information

SECURITY FIX. Anyone running cxs on a DirectAdmin server should upgrade to this release immediately:

Changes:

• Add check for successful open of admin.list on DA servers to avoid a segfault, which could lead to a buffer overflow

This issue is apparent on DirectAdmin servers only where this C wrapper is used.

Note: cxs is not currently officially support on anything other than cPanel servers

SECURITY FIX. Anyone running csf on a DirectAdmin server should upgrade to this release immediately:

Changes:

• Add check for successful open of admin.list on DA servers to avoid a segfault, which could lead to a buffer overflow

This is in response to http://www.exploit-db.com/exploits/18225/

This issue is apparent on DirectAdmin servers only where this C wrapper is used.