General

Changes:

• Display “i” during scan if file ignored due to sizemax [bytes] being exceeded
• HTTP::Tiny upgraded to v0.039
• Translate ampersand for HTML output
• Fixed cxs UI not adding files to the ignore file after using the Ignore link
• Additional checks for ignore, xtra and new detections updates for cxs watch daemon to reload the relevant files if necessary
• Exploit fingerprint definitions database additions

Changes:

• Parameterise all calls to system() and Open3()
• Only list viewable files in UI “Other Files” option
• Fixed issue with ignoring user: and puser: with web scanning
• Added new –ignore [file] option ip: – ignore IP address for web and ftp uploads. This may or may not have any impact on performance with ftp uploads as the IP address will need to be established from the message log for each file
• Removed DNS lookup on FTP IP addresses to improve performance
• Exploit fingerprint definitions database additions

Changes:

• Fixed POD display in UI

Changes:

• Fixed issue with cxs Watch not reporting running state correctly

Changes:

• Fixed issue with reporting boolean CLI options

Changes:

• Fixed issue with creation of new quarantine directory for new installs
• Improved quarantine directory detection for conversion on upgrade to v4

(see changelog for v4 for main changes for this release tree)

Changes:

• Introducing a new Quarantine system. This new version creates a more secure method of quarantining suspicious files in cxs. It removes the need for a directory with 1777 permissions. It also makes the layout and maintenance of the quarantine directory much simpler
• Automatically rename old quarantine directory to [dir].(timestamp) and create new quarantine structure. An email is sent to root with a reminder to remove the old directory
• Any pre v4 old quarantine directory can still be viewed and restored from through the UI if required, though this functionality (for old quarantine directories) will be removed in the future
• New option –qcreate. This option is used to create a new quarantine directory structure. It will rename any pre-existing directory to [name].(timestamp)
• New option –qclean [days]. This option is used to clean a quarantine directory specificed with –quarantine [dir], retaining the last [days] worth of files
• New option –qrestore [file]. This option is used to restore a quarantine file via the CLI to the original file location (v4 quarantined files only)
• New option –qview [file]. This option is used to view a quarantined file via the CLI
• Modified cxs UI to cater for new quarantine layout and provide some additional information on quarantined files
• Added new file /etc/cxs/cxsdaily.sh as an example file to symlink from /etc/cron.daily/ to perform daily tasks and added to RECOMMENDATIONS in the docs
• Modified cxs Watch scanning to automatically scan newly created directories for exploits to help overcome an issue where files are created before a new directory is watched
• Support for running cxs through suhosin has been removed
• Fixed issue with –defapache [user]
• Modified recommendations on file ownership and permissions when using –logfile [file]
• HTTP::Tiny upgraded to v0.037
• POD documentation tidy
• Exploit fingerprint definitions database additions