Commit Graph

1658 Commits (2c63b1fe93aeb77724ffc0001110bad04a7065f7)
 

Author SHA1 Message Date
Daniel Black 2c63b1fe93 Merge pull request #439 from yarikoptic/bf/proftpd-millisec
11 years ago
Yaroslav Halchenko 82174ea4c4 Changelog for preceding proftpd date format change
11 years ago
Yaroslav Halchenko d4f6ca4f85 ENH: adding custom date format for proftpd when logging in its own log file (default on Debian) -- includes milliseconds
11 years ago
Daniel Black ed212fcdcc DOC: new ChangeLog header
11 years ago
Daniel Black a7604c899f DOC: list Wiki pages to update after a release
11 years ago
Daniel Black 752ea054db DOC: post release version change
11 years ago
Daniel Black fc213a103e Merge pull request #437 from grooverdan/0.8.11_release
11 years ago
Daniel Black d0498bec69 DOC: finalise 0.8.11 release
11 years ago
Daniel Black 286d78e13c Merge pull request #430 from grooverdan/apache-overflows
11 years ago
Daniel Black 50ca16e50e Merge pull request #431 from grooverdan/apache-noscript
11 years ago
Daniel Black 947c6ff9cc Merge pull request #433 from grooverdan/asterisk
11 years ago
Daniel Black 38503a5848 Merge pull request #434 from grooverdan/dos-resistant-dropbear
11 years ago
Daniel Black 62b1f98dff Merge pull request #435 from grooverdan/dos-resistant-exim
11 years ago
Daniel Black 0d47ea3348 Merge pull request #436 from grooverdan/dos-resistant-roundcube-auth
11 years ago
Daniel Black be60518218 BF/ENH: DoS resistant roundcube-auth with test cases and more variation in IMAP error given
11 years ago
Daniel Black 52972164a2 BF: exim filter to be DoS resistant
11 years ago
Daniel Black c272573fe3 ENH: DoS resistant dropbear filter
11 years ago
Daniel Black eb9663eb4f BF/ENH: asterisk connection ID is a hex not decimal number. Add "Rejecting unknown SIP connection from <HOST>" regex thanks to Jonathan Lanning
11 years ago
Daniel Black 648d48c355 ENH: apache-2.4 message IDs for filter apache-noscript
11 years ago
Daniel Black c81ed53805 TST: change source URL
11 years ago
Daniel Black a4718eb644 ENH: apache-overflow filter to have HTTP-2.4 message IDs and test samples
11 years ago
Daniel Black 87516eb92b ENH: apache-overflows - more detail on "request failed: URI too long (longer than %d)" with test case
11 years ago
Daniel Black e8aa676cf5 Merge pull request #429 from grooverdan/filter-develop-doco
11 years ago
Daniel Black 191c4fda1b Merge pull request #428 from grooverdan/ssh-dos
11 years ago
Daniel Black d90130234d TST: end of json in sshd sample log
11 years ago
Daniel Black 061a26c408 TST: fix space in sshd sample log
11 years ago
Daniel Black d955714d26 TST: test case that shows injection
11 years ago
Daniel Black b8f40fef1b DOC: more on filter regexes - DEVELOP
11 years ago
Daniel Black c5021b55f6 Merge pull request #427 from yarikoptic/bf/nginx-regex-injection
11 years ago
Daniel Black 724c6bfd92 DOC: filter regex debugging
11 years ago
Yaroslav Halchenko ccd26578ec Merge pull request #425 from grooverdan/asterisk-simplify
11 years ago
Yaroslav Halchenko ac061155f0 BF: anchor introduced nginx-http-auth at the end
11 years ago
Yaroslav Halchenko 49024fe6ea DOC: minor typos in ChangeLog
11 years ago
Yaroslav Halchenko ea8fce6308 Merge pull request #426 from yarikoptic/bf/openssh6.3-regex-injection
11 years ago
Yaroslav Halchenko bf245f9640 DOC: adding DEV Notes for for non-greedy matchin within sshd.conf
11 years ago
Daniel Black d6bbe03861 Merge pull request #424 from grooverdan/nginx-auth
11 years ago
Yaroslav Halchenko a169badb95 Merge pull request #423 from yarikoptic/enh/gen_badbots
11 years ago
Yaroslav Halchenko 750e0c1e3d BF: disallow exploiting of non-greedy .* in previous fix by providing too long rhost -- do not impose length limits for user-provided input
11 years ago
Yaroslav Halchenko abb012ae5c BF: fixing injection for OpenSSH 6.3 -- making .* before <HOST> non-greedy
11 years ago
Yaroslav Halchenko eace931c19 Changelog for prior changes (gen_buildbots)
11 years ago
Daniel Black d7560d4041 ENH: condense asterisk regexs for speed
11 years ago
Daniel Black ab9d921162 BF: missed action in nginx-http-auth
11 years ago
Daniel Black a148d35d70 ENH: add filter.d/nginx-http-auth. Partially forfills #405
11 years ago
Yaroslav Halchenko 4522308354 ENH: regenerated config/filter.d/apache-badbots.conf
11 years ago
Yaroslav Halchenko 6f321068f1 NF: gen_badbots script to (re)generate/update config/filter.d/apache-badbots.conf
11 years ago
Daniel Black e91d40ee34 Merge pull request #420 from yarikoptic/enh/release-0.8.11
11 years ago
Yaroslav Halchenko 28ee7ba123 DOC: keeping Changelog release-phrases uniform, simplified intro, unified
11 years ago
Yaroslav Halchenko f26fba9c19 DOC: Untabifying and reindenting a bit ChangeLog
11 years ago
Daniel Black 0730db9b2b Merge pull request #416 from grooverdan/debian-bug-665925-wuftpd-pam
11 years ago
Daniel Black 20693ffb8e Merge pull request #417 from grooverdan/debian-bug-709324-dovecot
11 years ago