Merge pull request #1696 from atomicturtle/v3.3-version-tag

V3.3.0 tagging

BUGS

@@ -1,4 +1,4 @@
-OSSEC v3.2.0
+OSSEC v3.3.0
 Copyright (C) 2019 Trend Micro Inc.
 
 

CHANGELOG

@@ -1,3 +1,74 @@
+OSSEC changelog (3.3.0) <[email protected]>
+
+Release Maintainers
+
+Dan Parriott
+Scott R. Shinn (http://www.atomicorp.com)
+
+Contributors on this release
+
+almirb (Almir Bolduan)
+aquerubin (Antonio Querubin)
+atomicturtle (Scott R. Shinn)
+Bob-Andrews (Bob Andrews)
+ddpbsd (Dan Parriott)
+jubois 
+MangyCoyote 
+mephesto1337 
+
+
+
+Release Notes
+
+	OSSECCON 2019, from the whole team here at OSSEC it was really fantastic meeting everyone at the show, and we look forward to seeing you all again at OSSECCON 2020!
+	PCRE2, Jubois made a major update to the IDS foundation in OSSEC 3.3.0 with PCRE2 (https://www.pcre.org/current/doc/html/pcre2.html) library. This is an extremely powerful update to the overall pattern analysis functionaility in OSSEC. In order to build this with the native distribution pcre2 packages (pcre2-devel, etc), you will need to use: export PCRE2_SYSTEM=yes. This adds several new xml tags:
+	    - pcre2 (to replace regex)
+	    - match_pcre2
+	    - program_name_pcre2
+	    - prematch_pcre2
+	    - srcgeoip_pcre2
+	    - dstgeoip_pcre2
+	    - srcport_pcre2
+	    - dstport_pcre2
+	    - user_pcre2
+	    - url_pcre2
+	    - id_pcre2
+	    - status_pcre2
+	    - hostname_pcre2
+	    - extra_data_pcre2
+
+	Dynamic Decoders, discussed in the "Beyond Security" talk at OSSECCON 2019, this allows for user-defined keys in decoders. These are exposed in JSON output for inclusion with other data analytics tools. This adds a new internal option: analysisd.decoder_order_size  to define the maximum number keys allowed in a single decoder. 
+
+
+Whats New
+
+	(jubois) - PCRE2 regular expression support - PR#1652
+	(atomicturtle) - ossec-analysisd, Dynamic decoder support. Original: Vikman Fdez-Castro  - PR#1678
+	(ddpbsd) - ossec-execd, Switch "white lists" to "allow lists" - PR#1687 - NARRATE HERE
+
+New Rules / Decoders
+	(Bob-Andrews) - rootcheck, update  for NullSessionShares - PR#1669
+	(Bob-Andrews) - topleveldomainrules.xml, Shady TLD web traffic detection - PR#1671
+	(Bob-Andrews) - last_rootlogin_rules.xml, Sensitive login detection - PR#1671
+	(Bob-Andrews) - unbound_rules.xml, added rule for maybe critical TLD request - PR#1672
+	(Bob-Andrews) - rootcheck, Deleted repeating rules - PR#1674
+	(ddpbsd) - Update info links in Windows rules - PR#1675
+	(aquerubin) - Added decoder for pam_succeed_if - PR#1684
+
+
+General
+	(MangyCoyote) - ossec-analysisd, support Syslog ISO timestamp events with optional fraction of second - PR#1664
+	(ddpbsd) - Fix compilation with PCRE2_SYSTEM=yes - PR#1666
+	(aquerubin) - ossec-batch-manager.pl, update regexp for ipv6 addresses - PR#1667
+	(mephesto1337) - Fix part of issue#1663, compiling with PCRE2_SYSTEM=yes - PR#1677
+	(ddpbsd) - active-response, Fix for issue#1647, log disable-account.sh to the correct location - PR#1683
+	(aquerubin) - Copy resolv.conf on build event - PR#1685	
+	(almirb) - active-response, Corrected the way active-response logs are generated on windows - PR#1689
+	(atomicturtle) - ossec-execd, Expose filename variable in AR add/delete events - PR#1695
+
+
+
+
 OSSEC changelog (3.2.0) <[email protected]>
 
 

CONFIG

@@ -1,4 +1,4 @@
-OSSEC v3.2.0
+OSSEC v3.3.0
 Copyright (C) 2019 Trend Micro Inc.
 
 

INSTALL

@@ -1,4 +1,4 @@
-OSSEC v3.2.0
+OSSEC v3.3.0
 Copyright (C) 2019 Trend Micro Inc.
 
 

README.md

@@ -1,4 +1,4 @@
-OSSEC v3.2.0 Copyright (C) 2019 Trend Micro Inc.
+OSSEC v3.3.0 Copyright (C) 2019 Trend Micro Inc.
 
 # Information about OSSEC 
 

contrib/version_bump.sh

@@ -33,7 +33,11 @@ sed -i -e "s/Agent v${OLDVERSION}/Agent v${NEWVERSION}/" src/win32/help.txt
 # misc
 sed -i -e "s/OSSEC v${OLDVERSION}/OSSEC v${NEWVERSION}/" INSTALL
 sed -i -e "s/OSSEC v${OLDVERSION}/OSSEC v${NEWVERSION}/" README.md
+sed -i -e "s/OSSEC v${OLDVERSION}/OSSEC v${NEWVERSION}/" CONFIG
+sed -i -e "s/OSSEC v${OLDVERSION}/OSSEC v${NEWVERSION}/" BUGS
 
 # update defs.h
-sed -i -e "s/v${OLDVERSION}/v${NEWVERSION}" src/headers/defs.h
+sed -i -e "s/v${OLDVERSION}/v${NEWVERSION}/" src/headers/defs.h
+
+# Update CONFIG
 

src/VERSION

@@ -1 +1 @@
-v3.2.0
+v3.3.0

src/headers/defs.h

@@ -39,7 +39,7 @@
 
 /* Some global names */
 #define __ossec_name    "OSSEC HIDS"
-#define __version       "v3.2.0"
+#define __version       "v3.3.0"
 #define __author        "OSSEC Foundation"
 #define __contact       "[email protected]"
 #define __site          "https://www.ossec.net"

src/init/ossec-client.sh

@@ -11,7 +11,7 @@ DIR=`dirname $PWD`;
 
 ###  Do not modify below here ###
 NAME="OSSEC HIDS"
-VERSION="v3.2.0"
+VERSION="v3.3.0"
 DAEMONS="ossec-logcollector ossec-syscheckd ossec-agentd ossec-execd"
 
 [ -f /etc/ossec-init.conf ] && . /etc/ossec-init.conf

src/init/ossec-local.sh

@@ -19,7 +19,7 @@ if [ $? = 0 ]; then
 fi
 
 NAME="OSSEC HIDS"
-VERSION="v3.2.0"
+VERSION="v3.3.0"
 DAEMONS="ossec-monitord ossec-logcollector ossec-syscheckd ossec-analysisd ossec-maild ossec-execd ${DB_DAEMON} ${CSYSLOG_DAEMON} ${AGENTLESS_DAEMON}"
 
 ## Locking for the start/stop

src/init/ossec-server.sh

@@ -19,7 +19,7 @@ if [ $? = 0 ]; then
 fi
 
 NAME="OSSEC HIDS"
-VERSION="v3.2.0"
+VERSION="v3.3.0"
 
 [ -f /etc/ossec-init.conf ] && . /etc/ossec-init.conf;
 

src/win32/help.txt

@@ -1,4 +1,4 @@
-** OSSEC Windows Agent v3.2.0 **
+** OSSEC Windows Agent v3.3.0 **
 ** Copyright (C) 2014 Trend Micro Inc. **
 
 

src/win32/ossec-installer.nsi

@@ -25,7 +25,7 @@
 ; general
 !define MUI_ICON favicon.ico
 !define MUI_UNICON ossec-uninstall.ico
-!define VERSION "3.2.0"
+!define VERSION "3.3.0"
 !define NAME "OSSEC HIDS"
 !define SERVICE "OssecSvc"