Server Software and Configuration Services
Changes:
– New option LF_QOS added which matches hits against the mod_qos Apache module
– New option LF_CXS added which matches hits against the mod_security Apache module rule for cxs if implemented
Changes:
– Improved temporary file cleanup
– Change cxs UI to use /sbin/pidof to determine if the Watch daemon is stopped, starting or running. If /sbin/pidof does not exist, no status is shown
– Modification to prevent scan failure if FTP is down and –options [P] used
– Exploit fingerprint definitions database additions
Changes:
– Improvements to the Fingerprint Matching system
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions
Changes:
– Use temporary files when performing a virus scan during –decode ([D])
– Change all clamd STREAM to SCAN scanning
– Use a robust routine for creating random temporary files during –options [Z] (scanning within archives)
– Exploit fingerprint definitions database additions
Changes:
– Allow a value of 0 for –Wrefresh which disables the functionality in the cxs Watch daemon
– Added new advanced PHP decoder for –decode ([D])
– Stop cxs Watch from following symlinks
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions
Changes:
– Added new advanced PHP decoders for –decode ([D])
– Change main cxs Watch process name during startup while still starting
– Exploit regex definitions database additions
– Exploit fingerprint definitions database additions
Changes:
Changes:
Changes:
SECURITY FIX. Anyone running cxs on a DirectAdmin server should upgrade to this release immediately:Changes:
This issue is apparent on DirectAdmin servers only where this C wrapper is used.Note: cxs is not currently officially support on anything other than cPanel servers