tripwire-open-source/ChangeLog

2017-01-15 Brian Cox <bcox@tripwire.com>
	* Bump version to 2.4.3.2
	* DOS/DJGPP platform support.
	* Use posix_fadvise() to reduce disk cache impact (where available).
	* Use O_NOATIME where available, so scans don't update file access times.
	* Optional HASH_DIRECT_IO (Linux only) to access files via direct i/o when hashing, per user request.
	* Optional support for iconv character conversion, for db/report file portability.
	* Improved display of multibyte characters in reports.
	* On OSX, use builtin CommonCrypto hashes instead of impls provided with OST.
	* Update build system to automake 1.15
	* Cross compiling can use OpenSSL now.
	* 'make dist' now creates a buildable source bundle.
	* Can use build dir outside of source tree
	* Include 'what'-style version strings.
	* AROS: Correctly hide passphrases & delete temp files.
	* Remove dead code & unused files.
	* Optional RESOLVE_IDS_TO_NAMES option to disable uid/gid to name resolution, if needed.
	* New --key-size option to twadmin --generate-keys, to generate 1024 (default) or 2048 bit El Gamal keys.  
2016-04-20 Brian Cox <bcox@tripwire.com>
	* Bump version to 2.4.3.1
	* Revive old 'twtest' unit test suite (such as it is); move _t.cpp files into twtest dir.
	* Fix -Wnarrowing warnings in yyparse.cpp - GCC 6 would treat these as errors.
	* Build with -Wextra to enable more warnings.
	* Fix a variety of other compiler warnings, some exposed by -Wextra, others preexisting.
	* Replace remaining tabs w/ 4 spaces. Mixing the 2 styles can now cause GCC 6 'misleading indentation' warnings.

2016-04-11 Brian Cox <bcox@tripwire.com>
	* Bump version to 2.4.3.0
	* Compilation fixes for gcc 4.7+ and LLVM/clang 
	(see http://www.linuxfromscratch.org/blfs/view/svn/postlfs/tripwire.html )
	* Absorb fixes from FreeBSD ports patchset
	(see http://svnweb.freebsd.org/ports/head/security/tripwire/ )
	* Fix handling of SHA hashes (with and without OpenSSL hash impl.)
	* Update GNU config.guess & config.sub to current versions
	* Compilation fixes for various and sundry Posix-esque platforms
	(Mac OS X, OpenBSD, OpenSolaris, Cygwin, Minix 3.x, GNU/Hurd, MidnightBSD, Haiku, Syllable, SkyOS, Sortix, MiNT)  
	* Add script to bump buildys file timestaps, to fix 
	spurious aclocal/automake errors on a fresh clone/untar/etc.
	* Update 'make dist' to bundle manpages & policy files
	* Replace broken RPM spec w/ 'Packaging' doc that explains where to get packaging stuff.
	* Add contributed files from 2.4.2.3 fork (see below)
	* Fix large file support on e.g. 32-bit Linux
	* Add '-h' option to display hashes as hex instead of base64
	* Add MAILFROMADDRESS config param (see twconfig man page)
	* Use O_NONBLOCK, to avoid blocking on fifos & mandatory-locked files
	* Report Solaris door & event port file types correctly

2014-01-01 Barry Allard <barry.allard@gmail.com>

	* Bumping version to 2.4.2.3
	* Fixed compilation on clang and gcc compilers

2011-11-21 Stephane Dudzinski <tripwire@frlinux.net>

	* Bumping version to 2.4.2.2
	* Updated version revision in reports and all
	* Added experimental policy creation (see policy/policy_generator_readme.txt)
	* Fixed report formating and sendmail issues
	* Added Debian patches for crypto and hostnames
	* Fixed compiling issue on recent GCC compilers (-fpermissive)

2011-07-14 Stephane Dudzinski <tripwire@frlinux.net>

	* Bumping version to 2.4.2.1
	* Fixed version numbering and added RPM spec file

2010-03-11 Stephane Dudzinski <tripwire@frlinux.net>

	* Bumping version to 2.4.2
	* Added patch to fix bug [ 1962485 ] Cannot change or expect-script
	passphrases - thanks to Ross Tyler (rtyle)
	* Removed RPM spec file for now, will be fixed in next release

2007-04-16 Ron Forrester <rjf@theforrest.org>

	* Bumping all versions to 2.4.1.2
	* Fixed bug in install script when sendmail isn't installed
	  target system.
	* Removed some non-existent files from installer

2005-08-18 Ron Forrester <rjf@theforrest.org>

	* Wow, has it been 4+ years? :)
	* Starting fresh with Paul's autoconf'ed code base
	* Bumped version number, misc cleanup, etc.

2001-02-25  Ron Forrester  <rjf@theforrest.org>

	* Bumped version to 2.3.1.

	* BSD support, thanks to Paul Herman <pherman@frenchfries.net>.
	The support was added for FreeBSD 4.2, your mileage may vary on
	other BSD's.

	* Fixed long standing bug with recurse=3

	* If TEMPDIRECTORY was missing trailing /, bad things could
	happen. Tripwire now appends a / if one isn't present. Thanks
	Jarno.

	* Fixed GLOBALEMAIL bug where no global emails would be sent
	unless there were emailto attributes somewhere in the policy
	file. Additionally, reports were being sliced to global
	recipients, despite the fact that global recipients should get
	the full report.

2001-02-03  Ron Forrester  <rjf@theforrest.org>

	* Fixed possible security problem with the handling of temp
	files. We now open temp files with O_EXCL set to make sure a
	particular file doesn't already exist. Thanks to Jarno for this
	suggestion and help via a patch.

	* Added the configuration file variable TEMPDIRECTORY. This
	variable can be set to the full path to where tripwire should
	write its temporary files. By default it is /tmp. Because /tmp has
	to be world writable, this isn't a good place for tripwire to
	write temporary files. Setting TEMPDIRECTORY to a directory with
	permissions 700 is much more secure. Updated man page with info on
	this variable.

	* Added the configuration file variable GLOBALEMAIL. This variable
	can be set to a list of email addresses which are semi-colon or
	comma separated. If a report is about to be emailed to addresses
	reaped from the policy file, it will also be emailed to the
	addresses in the GLOBALEMAIL list, allowing designation of one or
	more people to always get email reports. Updated the man page with
	info on this variable.

	* Began a convention of providing a "Solution:" line to all errors
	(exceptions) emitted by tripwire. Only the two latest error
	messages incorporate this convention, but all future ones will as
	well, and I hope to revist all current errors and retrofit them
	with Solution: lines as well.