Chirpy

Chirpy

  • Joined: 25th June 2013
  • Articles: 1502

New cmq v1.15

Changes: Sanitised user data input to prevent running unauthorised commands via the UI. A user would require root access to exploit this, so risk is low  

New csf v6.22

Changes: Security Fix – Sanitised user data input to prevent running unauthorised commands via the UI. A user would require root access to exploit this, so vulnerability is probably low. Thanks to Steven at Rack911.com for reporting this issue Added…

New csf v6.21

Changes: Modified auto-update logic to only create the file if it does not already exist Fix permissions on csf man file and directory Modified webmin module paths to be relative rather than absolute so that webmin via mod_proxy works…

New cxs v3.00

Changes: Implemented hfile ignoring for ratelimiting in cxs Watch Implemented ignore caching in cxs Watch for ratelimited files HTTP::Tiny upgraded to v0.033 Exploit fingerprint definitions database additions

New csf v6.20

Changes: Introduced a new directory structure to get closer to the Linux Filesystem Hierarchy Standard (FHS): /etc/csf/           – (mostly) configuration files /var/lib/csf/       – temporary data files /usr/local/csf/bin/ – scripts /usr/local/csf/lib/ – perl modules and static data /usr/local/csf/tpl/ – email alert…

Apologies for the upheaval

We’ve installed new blog software and caused a bit of a mess on our Twitter account and RSS feed. Hopefully this has now been cleaned up and things will settle back down 😉

Forthcoming csf file and directory changes

In the next release (due in the next few days) we will be moving csf towards the Linux Filesystem Hierarchy Standard (FHS), rather than installing everything in  The following structure will be used:         /etc/csf/           – (mostly) configuration files…

New cxs v2.98

Changes: – Added check for clamd when using –wttw [file] – Added check for script files when using –wttw [file] – HTTP::Tiny upgraded to v0.031 – Removed a false-postitive fingerprint definition – Exploit fingerprint definitions database additions