- 09/01/2004 0.9.7 (Initial Release)
- First Release
- Packaged application as BASE
- Split individual files into a more manageable directory structure
(more work necessary there)
- Updated ADODB link and information
- 09/04/2004 0.9.7.1 (Francis)
- Added Credits
- Changed TODO
- Changed css file for different look (kinda) :)
- Removed commented code that was floating around
- Updated Whois entry for ARIN
- Updated the ADODB information in the README... missed it there!<grin>
- Fixed various typos and display changes
- 10/14/2004 0.9.8 (dhara)
- PHP 5 support -- Chris Shepherd
- Fixed datetime to timestamp error in create_base_tbls_pgsql.sql [ 1025011 ]
- Changed comment banner
- Added start of the capabilities class -- Chris Shepard
- Changing ADODB to PEAR:DB -- Kevin Johnson
- Added header to prevent direct access to certain pages -- Kevin Johnson
- Changed title bar -- Kevin Johnson
- Changed Function names in HTML output file -- Kevin
- Changed Display of the summary graphs -- Kevin
- Created the user class -- Kevin
- Created the start of the auth system -- Kevin
- Created acid2base_tbls_mysql.sql -- Kevin
- Change html file to php in prep for the template system -- Kevin
- Various typos..... -- Kevin
- Added /admin/ and various files within it -- Kevin
- Expanded year dropdowns to 2010 -- Kevin
- Changed look to use Walter B's CSS and various tweaks -- Kevin
- Moved around the front page -- Kevin
- Added variables to /etc/base/base_conf.php.dist
- Created dispYearOptions() to handle the year issue (so ignore the expanded
change item above<grin)-- Kevin
- 10/28/2004 0.9.9 (brenna)
- Started PDF work
- Changed all acid functions to base functions -- Kevin
- base_db.inc.php
- base_net.inc.php
- Added GPL file -- Kevin
- Moved around the /etc/base/base_conf.php.dist -- Kevin
- Changed external links bug [1051873] -- Kevin
- Removed SamSpade links
- Added User Preferences page
- Completed Auth functions
- Fixed Sort bug [1051872] -- Chris Shepherd
- Added URL signature reference -- Thanks Joel Esler
- Fixed error in include on base_stat_common.php -- Thanks Justin Best
- Completed all of the $BASE_path/ for includes -- Kevin
- Added listing of users to admin pages. -- Kevin
- 11/21/2004 1.0 (denise)
- Added patch from nobody
- Finished the User stuff!
- This framework will continue to be built upon
but as of right now, I would consider it stable! -- Kevin
- base_stat_common.php changed sensorCnt to return sensors with no events
-created new function to handle this
- added images directory.
- Fixed issue where people couldn't add a user if UseAuth was off -- Kevin
- Change admin pages to match the naming of the rest of the project
- Role management system -- Kevin
- Minor look changes -- Joel and Kevin
- Created languages directory -- Kevin
- Started building the language files -- Kevin
- /setup/ program -- Kevin
- /help/ work
- moved app_faq to /help
- Built start of help icon system used in the setup system
- Added nessus ref to base_conf.dist -- Thanks Christian Svensson
- English -- Kevin Johnson
- Japanese -- Kenji
- French -- Maurice Lanselle and Sebastien Desse
- Norwegian -- Ole-Martin Bækkeli
- Swedish -- Jimmy Hansson
- German -- Menrath Johann
- Portuguese -- Pedro Walter
- Russian -- Dmitry Purgin
- Spanish -- Jason Santos
- Italian -- DJ Echelon
- Danish -- Kim Christensen
- Formatting change to base_signature.inc.php -- Randy McEoin
- Fixed error where menu appeared on the login page -- Kevin Johnson
- Fixed error with menus in the footer on any page but base_main.php
- Added check on each page to determine if you are logged in
- Added Refresh to multiple pages. RFE [1048873]
- Added BASE tables to the PostGRES and the MSSQL files
- Fixed password size in the database files
- Added Upgrade script for 0.9.x -> 1.0 for MYSQL
- Fixed issue with MSSQL tables creation commands
- Added New Flow-Portscan functionality -- Scott Elgram & Jean-Marc
- 1/17/2005 1.0.1 (michelle)
- Finnish -- Elmo Mäntynen
- Chinese -- Johnson Chiang
- Indonesian -- Rachim Tamsjadi
- Alert Group fixes -- Tim Rupp
- Fixed the postgres sql files -- Kevin
- Fixed various Postgress issues -- Kevin
- Working on limiting includes -- Kevin
- Fixed setup bugs -- Michiel Brendel
- Removed regex from base_db.inc.php and related WHERE clauses -- Kevin
- Added better display of the error messages -- Jason Dixon
- Fixed for "Duplicate Entry" errors -- pr00f at users.sourceforge.net
- Fixed issue with adding a user after deleting one that was not the last
user added. -- Kevin
- Fixed some graphing issues -- Kevin
- Fixed the MSSQL setup scripts to correctly insert roles -- Alan Vallance
- Fixed setup issues with postgres -- Jason Dixon
- 2/13/2005 1.0.2 (racquel)
- Fixed host cache expiry issue -- Thanks to Michael Stone for the heads up
- Fixed search issue with PHP 5 -- Tim Rupp
- Added fix to increase performance on time based queries for MySQL -- Michael Stone
- Fixed potential navigation fatal error seen with some PHP5 installations -- Tim Rupp
- All HTTP_*_VARS have been changed to newer superglobals -- Tim Rupp
- Fixed bug #1114778, duplicate defines in lang files -- Tim Rupp
- Fixed bug #1118792, Errors creating Postgres tables -- Kevin Johnson
- Added DShield.org IP Info page -- Kevin Johnson
- External IP links open in a new window -- Kevin Johnson
- Portuguese Translation fixes -- Thiago Martins
- Fixed bug #1111841 -- Alejandro Flores
- Summary Statistics box added to base_stat_alerts page, RFE from Joel -- Tim Rupp
- Fixed out of memory error in Graph Alert Data on vanilla installs of PHP5 -- Tim Rupp
- Changed setup to not check for indexes unless you are using MySQL -- Kevin Johnson
- Footer link changes and look and feel -- Kevin and Joel
- Cleaned up conf files -- Kevin Johnson
- Uses isc.sans.org port database for more information -- Kevin Johnson
- Updated all Language files to ensure proper spacing between items and added
links to Members list -- Joel Esler
- New packaging directory structure -- Kevin Hoffman
- 4/3/2005 1.1 (elizabeth)
- Patch for PostgreSQL setup -- C. Bensend
- Added further comments to BASE_urlpath in base_conf -- Kevin Johnson for Jeff Kell
- Fixed bug #1123243 Call to undefined function in Whois Cache-- Tim Rupp
- Fixed a mixup that is on the Source and Destination Ports pages in the title -- Tim Rupp
- Fixed bug #1123247, Listing users with no users error -- Kevin Johnson
- Implemented RFE #1048868 Packet display -- Kevin Johnson
- Fixed bug #1123815. Applied patch submitted by anonymous user on SF -- Tim Rupp
- Added $BASE_installID to /etc/base/base_conf.php to enable a unique install id -- Kevin Johnson for Al Reust
- Fixed bug #1116034 Lack of distinct results after clicking Src IP -- Tim Rupp for Alejandro Flores
- More fixes to the portuguese language file -- Thiago Martins
- Fixed bug #1143574 -- Tim Rupp
- Implemented RFE #1122502 Access to the archive database from the one BASE install -- Kevin Johnson
- Fixed bug #1144817 Pie charts not working -- Tim Rupp and Alejandro Flores
- Fixed Bug #1145254 Archive Database switching -- Kevin Johnson
- Fixed error in German language file -- Heinrich Lieker
- Added the FAQ to the docs/ -- Joel Esler
- Fixed Bug #1150681 Database summary display for the archives -- Kevin Johnson
- Put Archive in the title bar -- Kevin Johnson
- Fixed Bug #1150688 Archive Actions -- Kevin Johnson
- Implemented RFE #1150696 (Needs much more work) -- Kevin Johnson
- Implemented RFE #1150789 Adding Archive to the hdr -- Kevin Johnson
- Started Implementing RFE #1114443 Support for Oracle -- Kevin Johnson
- Moved Payload Display link to the Payload section of the display -- Kevin
- Fixed Signature lookup for new Snort.org web site -- Kevin
- Fixed Bug #1164491 IP Links sorting issue -- Kevin Johnson
- Created cookie so that if you had selected clean payload display it would stick -- Kevin
- Created stand alone maintenance program -- Kevin
- Fixed bug in base_maintenance.pl -- Doug Mackie
- Fixed bug #1166158 Search Criteria lost -- Kevin Johnson
- Added authentication support to base_maintenance.pl -- Kevin Johnson
- Made the default in /etc/base/base_conf.php to not resolve FQDN -- Kevin
- Moved FORM tag before Timing box -- Kevin Johnson
- Fixed error with emailing from the AG page -- Ethan Chai
- Simplified search form -- Thom Dosedel
- Fixed much of the search sort issues -- Bruce Briggs
- Fixed Bug #1168587 PHP safe mode breaks BASE -- Kevin Johnson
- Implemented RFE #1144818 Simplify the graph form -- Thom Dosedel
- Fixed error where setup would die silently -- Thanks Jeff Nathan
- Fixed error with actions again -- Alejandro Flores and Tim Rupp
- Replaced jpgraph with PEAR::Image_Graph -- Alejandro Flores
- Removed $ChartLib_path and updated docs -- Kevin Johnson
- Added check to verify that the archive DB exists before allowing use of it -- Kevin Johnson
- Updated Spanish language file -- Ricardo Montañana Gómez
- Implemented RFE #1150696 Themes -- Kevin Johnson
- Fixed Search page "cannot use string as array offset" error again. Should be fixed for good now. -- Tim Rupp
- 4/8/2005 1.1.2 (zora)
- Added setting the archive_exists var to the setup system -- Kevin Johnson
- Fixed sort order bug -- Jonathan W Miner
- Fixed issue with TimeStamps -- Michael Stone
- Fixed Fatal error in some installs -- Michael Stone
- 6/13/2005 1.1.3 (lynn)
- Many performance change for Postgres -- Michael Stone
- Added options to /etc/base/base_conf.php to increase performance -- Michael Stone
- Fixed issue with show_stats (Need to change this based on Alejandro's change to the front page-- Kevin Johnson
- Changed default for $avoid_counts -- Kevin
- Czech language added -- Michal Mertl
- Oracle script work -- John Evans and Kevin Johnson
- Fixed off by one bug -- Jonathan W Miner
- Added custom footer option -- Jonathan W Miner
- Clean up of jpGraph leftovers -- Kevin Johnson
- Fixed ARIN lookup since their change -- Jonathan W Minor
- HTML Fixes for W3C.org compliance -- Jonathan W Minor
- Query change to speed up today queries -- Michael Stone
- Fixed README -- Kevin Johnson
- Oracle support -- Vladimir Anufriev
- Simplified Chinese language files -- Hai Xie (xxxss@msn.com)
- Form work -- Bruce Briggs and Kevin Johnson
- Table width changes -- Kevin Johnson for Thinh Pham
- Added Red theme -- Kevin Johnson
- Updated FAQ -- Joel Esler
- Typo in french.lang.php -- Dominik Gehl
- Fixed bug #1199128, Search with multiple Time criteria is broken -- Tim Rupp
- Fixed bug #1183916, Incorrect count/list of Unique alerts after deleting some -- Tim Rupp
- Fixed bug #1208972, Auto Refresh -- Tim Rupp
- Fixed bug #1214307, icat.nist.gov link error -- Thinh Pham
- 8/8/2005 1.1.4 (cheryl)
- Fixed bug #1220169 typo in create_base_tbls_mysql.sql -- Kevin Johnson
- This typo was in all of the sql files -- Kevin
- Changes to docs -- Kevin
- Added a bunch of translation stuff -- João
- Added Polish Language -- Michal Fraszek
- Fixed issue with lang files -- Kevin Johnson
- Updated Polish Language file -- Michal Fraszek
- Fixed issue with English lang file -- Christian Svensson
- Translated most of the //NEW varibles in the swedish lang file -- Christian Svensson
- Fixed bug #1253176, URL reference with BleedingSnort rules -- Kevin Johnson
- 10/9/2005 1.2.0 (betty)
- Fix for bugs #1256237 and #1254318 -- Tim Rupp
- Patch to add Binary download -- Juergen Leising
- Fixed bug #1249911, ASCII representation with base64 encoding -- Kevin Johnson (from anonymous)
- Fixed quote issue in base_stat_iplink.php -- Michael Stone
- Fixed sort of alerts by address -- Alex Butcher
- Added ISC Source/Subnet report -- Alex Butcher
- Added other sources of port information -- Alex Butcher
- Added TrustedSource IP lookup -- Alex Butcher
- Fixed Portscan issue with emails -- Nikns Siankin
- Added local reference to read sigs from a directory in the BASE install -- Kevin J for Juergen
- 10/30/2005 1.2.1 (kris)
- Added black theme -- Nick Whitehill
- Fixed Bug #1338142 SQL Injection vulnerability -- Kevin Johnson
- Fixed URL for sstats and display for the external port links (Patch #1333209) -- Jonathan W Minor
- Added better erroring if some forms of SQL injection happen -- Doug Mackie
- 1/12/2006 1.2.2 (cindy)
- Added Turkish -- Umut Nacak
- Changed login button to actually say login -- Jonathan W Minor
- Fixed issue with signature names and MySQL 5.0 -- Kade P. Cole
- Fixed Bug# 1347623 auto-refresh ignored for stat pages -- Shane Castle
- Fixed Sort order issues -- Timothy Doty
- Applied patch from Debian maintainer for final SQL injection fix -- Kevin
- Updated prject lead comments -- Kevin
- Added Portscan Information -- Kevin for Nikns
- 3/19/2006 1.2.4 (melissa)
- Fixed issue with PostGRES and schema in base_db.inc.php -- Kevin J and Nikns
- Fixed bug #1284695 Error in SQL with PostgreSQL -- Kevin J and Nikns
- Fixed issues displaying PortScans -- Nikns
- Fixed sig_class (bug #1407325) and sig_priority filter bug -- Nikns and Max Valdez (garaged)
- Fixed bug #1408387 Archive move and Email summary issues -- Nikns
- Fixed bug when, after setup, archive database wasn't used -- Nikns
- Fixed PostgreSQL archive database support -- Nikns
- Fixed bug #1313261 Unable to use actions in base_stat_sensor.php -- Nikns
- Fixed bug #1371532 First of month timestamp issue -- Nikns
- Fixed bug #1406945 Lost alert order when switching between payload display -- Nikns
- Fixed bug #1413712 /etc/base/base_conf.php file path issue under MS Windows -- garaged
- Fixed search by signature name -- Nikns
- Converted sql/create_base_tbls_mssql_extra.sql to CRLF line terminators -- Nikns
- Fixed broken auth system for MSSQL -- Nikns
- Changed MSSQL schema for table acid_event, sig_name now has type VARCHAR instead of TEXT -- Nikns
- Fixed bug #1307250 broken base_stat_alerts.php with MSSQL -- Nikns
- Fixed bug #1413594 Force to use alert database for auth system stuff -- Nikns
- Setup fix, on error form values are remembered, default language is English -- garaged
- Uppercased name 'Archive' in base_main.php (in sync with base_hdr1.php) -- Nikns
- Fixed support for actions in base_stat_class.php -- Nikns
- Fixed bug #1418660 Broken search by IP criteria -- Nikns
- Added checkboxes and fixed support for actions in base_stat_iplink.php -- Nikns
- Implemented RFE #1123382 support for actions in base_stat_uaddr.php -- Nikns
- Implemented support for actions in base_stat_ports.php -- Nikns
- Fixed bug #1422575 when empty email sent even if action unsuccessful -- Nikns
- Fixed bug #1424033 Unable to Graph Alert Detection Time -- Nikns
- Fixed bug #1426089 Score removed from email address -- Nikns
- Fixed bug #1210542 and #1288402 Packet display mode issues -- Nikns
- Detect archiving duplicates with select queries instead of catching db conflict error -- Nikns
- Fixed bug #1430686 Update alert cache for archived alert right after it is coppied to archive db -- Nikns
- Implemented archiving support for schema 107 -- Nikns
- Added sig_gid (signature generator id) to snort signature reference url for schema 107 -- Nikns
- session_start() on /etc/base/base_conf.php avoiding repetition, easier to handle with debug output -- garaged
- debug_mode needs to be off on login (index.php:45 ) -- garaged
- Fixed bug #1275536 Unable to download binary payload in Internet Explorer when using SSL -- Nikns
- Implemented archiving support for FLoP extended database schema -- Nikns
- Implemented rebuild of packet in pcap format for FLoP extended database -- Nikns
- Added display of MAC addresses in base_query_alert.php for FLoP extended database -- Nikns
- Fixed BASE authentication bypass in standalone mode for base_maintenance.php -- Nikns
- Added HTTP response codes on authentication failure in base_maintenance.php for standalone mode -- Nikns
- Fixed bug #1341286 Show IP header length in bytes, not words -- Juergen Leising
- In plain display mode several sequential non-ASCII payload characters join together displaying their count -- Nikns
- Changed input type of the password field in useradmin -- Kevin Johnson
- 6/4/2006 1.2.5 (sarah)
- Added base64 encoding support for MAC addresses presented on the screen for FLoP extended database -- Juergen Leising
- Added base64 encoding support for rebuild of packet in pcap format for FLoP extended database -- Juergen Leising
- Fixed issue with Oracle and schema version in base_db.inc.php -- Nikns
- Fixed bug when alerts with sig references would fail to archive causing duplicates error -- Nikns
- Added base64 encoding support for ICMP payload additional table in base_qry_alert.php -- Juergen Leising
- Added check for PHP Logging Level against E_NOTICES in setup/index.php -- Nikns
- Fixed bug when certain preprocessor alerts would not be cached (for example arpspoof) -- Nikns
- Added setup/setup_db.inc.php with CreateBASEAG() to resolve redundancy in setup and base_db_setup.php -- Nikns
- Removed unnecessary and broken search index stuff from Create BASE AG, since schemas are already with them -- Nikns
- Added XSSPrintSafe() (array safe htmlspecilchars() function) and made filterSql() use ADOdb qmagic() -- Nikns
- Changed input type of the password field to actually be password in setup3.php -- Nikns
- Filtered all unfiltred (mainly auth system stuff) $_POST and $_GET variables using filterSql() -- Nikns
- Santized all $_SERVER variables to be protected against XSS attacks -- Nikns
- Added "Clear Data Tables" option in base_maintenance.php and "Repair Tables" option to execute CreateBASEAG() -- Nikns
- Make use of FLoP's event reference. Signature name of alert which trigered "Tagged Packet" alert is shown too -- Nikns
- Updated chinese.lang.php -- Johnson Chiang
- Fixed Time error in searches -- Jeff Kell
- Fixed refresh issue with ~ directories -- Kevin Johnson
- Fixed cookie stored data and authentication scheme to correct Nikns' report on session forge issue -- GaRaGeD
- Updated link to the Nessus plug in DB -- Jonathan W Miner
- Fixed display after deleting alerts -- Bruce Briggs
- Fixed Bug #1466392 - Back button doesn't work after refresh. -- Juergen Leising
- Patches from jhart@spoofed.org to add missing ICMP and TCP type and codes - GaRaGeD
- add support for ICMP redirect decoding. - Jon Hart
- add decoding support for ICMP source quench and ICMP parameter problem - Jon Hart
- split up "flags" into DF and MF, much like tcp flags are currently handled - Jon Hart
- 7/23/2006 1.2.6 (christine)
- Added check for base_users and base_roles tables in base_main.php - Kevin Johnson
- Added . to VAR_PUNC to fix query issue - Kevin johnson
- Fixed issue with base_users table being required - Kevin Johnson
- Added search punctuation fix - Bruce Briggs
- Added FQDN to display -- Jonathan W Miner
- PrintForm() fixes - Bruce Briggs
- Settings for automatic expansion of the IP and Payload Criteria on Search screen - Bruce Briggs
- Save the fields entered on the Search screen for Back button proper refilling - Bruce Briggs
- RFE #1520185 Add support for managing last_cid - Eric Jacobsen
- Changed show_rows to 49 in /etc/base/base_conf.php.dist to fix IE 6/7 bug - Bruce Briggs
- Fixed link to FAQ - Juergen Leising
- Fixed VAR_BOOLEAN error and some typos in the footer - Eric Jacobsen
- Trivial patch to make base_stat_time.php use GET insted of POST to avoid the 'resend data' warning on refresh - GaRaGeD
- Added base-rss.php to the contrib section - Dan Michitsch
- 11/17/2006 1.2.7 (karen)
- Improved HTML <table> output in "base_qry_alert.php" -- Jonathan W Miner
- Remove message when 0 alerts -- Jonathan W Miner
- PrintBase64PacketPayload fix for payload lenght modulo = 0 -- Juergen Leising
- Added empty function to ProtocolFieldCriteria -- Kevin Johnson
- Fixed issue if sig_gid was empty -- Valter Santos
- Added SnortUnified, a perl replacement for Barnyard -- Jason Brvenik
- Updated base-rss.php -- Dan Michitsch
- 2/19/2007 1.3.5 (marie)
- Applied patch to fix bug #1602391 [IP Fragments] -- Juergen Leising
- Fix typo in setup4.php -- Jonathan W Miner
- Updated footer for site location -- Kevin Johnson
- Trivial patch to correct IPFieldCriteria::Description() on base_state_citems.inc.php -- GaRaGeD
- Another trivial check for ProtocolFieldCriteria::Description() array correctness -- GaRaGeD
- Patch to fix Bug#1550613 Payload queries fail due to inconsistent case -- Kevin J for "nobody"
- Patch to fix extra <table> in base_main.php -- Jonathan W Miner
- Added pcap download functionality for individual alerts -- Jon Hart
- Added logout functionality when internal authentication is used -- Jon Hart
- Updated README -- Kevin J
- Updated Ports list -- Kevin J
- 5/13/2007 1.3.6 (louise)
- Fixed issues with graphing Bug#166596 -- Kevin J
- Fixed Bug#1666340 MySQL Syntax error with base_net.inc.php -- Kevin J
- Patch to fix display of index.php -- Jonathon W Miner
- Patch to fix Bug#1669265 Memory Leak in base_cache.inc.php -- Stephen Sadowski
- Fixed Bug#167508 BACK text not commented out when history disabled -- Kevin Johnson for Jordan Wiens
- Fixed Bug #1680965 - SANS IP Lookup fails -- Kevin Johnson for Jordan Wiens
= Fixed major amounts of errors with undefined vars. -- Marek Cruz
- Updated tons of HTML for complience -- Marek Cruz
- Fixed misspelled constants -- Marek Cruz
- Fixed CreateBASEAG function -- Marek Cruz
- Fixed check for Image_Graph -- Marek Cruz
- Removed portsdb.org as it is no longer valid -- Marek Cruz
- 7/8/2007 1.3.8 (jodie)
- Fixed base_conf_contents.php to include colored alerts -- Jonathan W Miner
- Fixed base_main.php to remove an extra table and repair two column display -- Jonathan W Miner
- Added exit() to the redirect to fix security hole -- Jon Hart
- removed fpdf file to save room since we are not using them. -- Kevin Johnson
- Fixed bug #1723928 Top Right, Database and User not shown -- Kevin Johnson
- Added base_header wrapper, please use it instead of header if you're not sure -- GaRaGeD
- Fixed Bug #1675094 snort signature information links broken (really a hack!) -- Kevin Johnson
- Fixed Bug #1689885 Maybe need count(DISTINCT ip_src) to sort by IP correctly -- Kevin Johnson
- Fixed Bug #1649659 Use of archive DB seems broken in "karen" release -- Kevin Johnson
- Cleaned a warning -- Marek Cruz
- Spanish install guide -- Daniel Medianero
- 11/20/2007 1.3.9 (anne)
- Update to Spanish -- David Gil
- Bug #1750697 base_header() is undefined fixed -- Juergen and Kevin Johnson
- Bug #1680965 sans lookup fails -- Jordan Wiens
- Updated Chinese language file -- Randy
- Added Sean Muller as the Project Manager -- Kevin Johnson
- Fixed error in contrib/base-rss.php -- Dan
- Added INSTALL and INSTALL.rtf files to docs directory -- Sean Muller
- Bug #1801192 XSS bug in BASE fixed -- Kevin Johnson and Sean Muller (Discovered by Daniel Medianero)
- Bug #1760615 Sort order ignored -- Kevin Johnson and Jordan Wiens
- 4/25/2008 1.4.0 (katherine)
- Fixed index.php redirect -- Kevin Johnson for Terry Burton
- Fixed Bug #1836274 base_qry_alert.php Showing corrupt HTML -- Kevin Johnson
- Fixed error in norwegian.lang.php with the SEARCH tag -- Kevin Johnson for Ronny Hansen
- Fixed Bug #1859481 You have an error in your SQL syntax -- Juergen Leising
- Fixed Bug #1846317 Paging does not work in base_stat_sensor.php -- Kevin Marion
- Updated Chinese language file -- Johnson Chiang
- Fixed Bug #1886513 Line Duplication -- Kevin Johnson
- Multiple graphing fixes -- Juergen Leising
- Added country support for source and destination ip in
"graph alert data"; feature request no. 1399907 -- Juergen Leising
- Added Worldmap feature -- Juergen Leising
- Fixed Query bug regarding time -- Juergen Leising
- Added BASE64 support for TCP options -- Juergen Leising
- Added Vendor MAC Map -- Juergen Leising
- Added patch for Barnyard from University of Florida -- Kevin Johnson
- Updated INSTALL documents -- Sean Muller
- Added debug function calls -- Juergen Leising
- Fixed setup issues -- Juergen Leising
- 06/29/2008 1.4.1 (lara)
- Fixed moving alerts with empty sig_priority -- Kevin Johnson for Michel Lundell
- Added support for new chart type "unique alerts vs. number of
alerts". Feature request no. 1659968 -- Juergen Leising
- Further fixes in the setup procedure -- Juergen Leising
- Disabled the pcap download possibility for sfportscan alerts, as
these are just pseudo packets rather than real packets from the
network. Answer to bug no. 1885673 -- Juergen Leising
- Workaround and fixes for the bugs reported under no. 1699443
1. "Fatal error: Call to a member function MoveNext() on a non-object
in /var/www/base-127/includes/base_db.inc.php on line 463".
Workaround.
2. Improved error handling in base_action.inc.php:
Errors are now shown in regular mode rather than with
$debug_mode > 1. Not every kind of error is a duplicate error.
3. Fixed baseGetHostByAddr() in base_net.inc.php in cases,
where it does not get provided with a numerical ("dotted")
IP address. This is the heart of the bug reported under this
number by the original poster twstdpear. The "ERROR: invalid
input syntax for integer is a rather late state", though.
4. Fixed a violation of referential integrity, that does not
get accepted by postgresql, at least not by those ones of
version 8.x. Cf. base_action.inc.php, where I have essentially
moved the actions around the table "event" upwards, so that
these lines get performed prior to lines that change/update
any other tables.
-- Juergen Leising
- Same or at least similar problem as under no. 1699443 sub 1.
seems to be the one reported in
https://sourceforge.net/forum/forum.php?thread_id=2014650&forum_id=404428
Workaround. -- Juergen Leising
- Workaround for bug no. 1762491. Related to the last
two points (if not identical) -- Juergen Leising
- Fix for bug no. 1974990 -- Juergen Leising
- Added information to the docs about how to fix a pear::image::graph
library bug preventing legends from being displayed with pie charts
-- Juergen Leising
- Added information to the docs about how to fix a missing fonts problem
-- Juergen Leising
- Fixes in PrintPortscanEvents(). Reaction to
https://sourceforge.net/forum/forum.php?thread_id=2035110&forum_id=404428
-- Juergen Leising
- Workaround for a potential bug in preg_replace(); should solve
problem mentioned in
https://sourceforge.net/forum/forum.php?thread_id=1916121&forum_id=404428
-- Juergen Leising
- Some changes to the translations in
languages/german.lang.php -- Juergen Leising
- Added patch from Chris Ryan for german.lang.php -- Juergen Leising
- Increased memory limit from 50 to 128 MB in base_graph_common.php
as proposed by Chris Ryan on
http://sourceforge.net/forum/forum.php?thread_id=2084987&forum_id=404428
-- Juergen Leising
- Added completely rewritten base.spec for building rpm packages
of BASE. -- Juergen Leising
- Workaround in base_graph_common.php for the case that signature
classification names are missing. Even in this case different
bars should be displayed, not just one "unclassified" one.
-- Juergen Leising
- Fixed small HTML bugs in the query form. -- Juergen Leising
- Fixed syntax error in setup1.php in case of a wrong adodb path -- Juergen Leising
- All of the sensors are now displayed in the search form. Same problem
as in UpdateAlertCache() in base-php4/includes/base_cache.inc.php.
-- Juergen Leising
- Fixed SQL error with sig_priority when queried coming from the
query form. -- Juergen Leising
- Fixed "Select Signature from List" in the query form -- Juergen Leising
- Added a README about the usage of Jason Brvenik's SnortUnified plugin.
-- Juergen Leising
- Fixed some smaller issues with Jason Brvenik's SnortUnified plugin
and adjusted the whole plugin to perl-5.10 and Net::Packet-3.25,
as shipped with fedora 9. -- Juergen Leising
perl-5.10, as shipped with fedora 9. -- Juergen Leising
- Fix for bug no. 2001211. -- Juergen Leising
- Updated base.spec. The base-contrib rpm should now be installable
under fedora 9.
- uf_csv.pl puts out IP addresses in human readable form, now. -- Juergen Leising
- Newly generated coordinates file world_map6.txt. -- Juergen Leising
- Any potential relative paths of the adodb library are now
converted to an absolute path -- Juergen Leising
- Signatures from http://www.emergingthreats.net/ point now to
http://docs.emergingthreats.net/SID -- Juergen Leising
4/03/2009 1.4.2 (chandy)
- EmThreats_link opens now in separate browser window -- Juergen Leising for Micah Gersten
- A new reference "[rule]" points now to base_local_rules.php,
which displays a particular rule for a given rules id (sid).
Prerequisite for this is that "local_rules_dir" in /etc/base/base_conf.php
points to an actually existing and readable/searchable directory which
contains the snort rules. Please note, that a web server
is usually NOT allowed to access any files outside of its
document root. Feature request by Chris Ryan, cf.
https://sourceforge.net/forum/message.php?msg_id=5310420
https://sourceforge.net/forum/message.php?msg_id=5311517
-- Juergen Leising
- Update of base.spec; works with fedora 10 -- Juergen Leising
- I have applied two patches submitted by asavenkov
with regard to the oci8 driver (oracle 10), cf.
https://sourceforge.net/forum/message.php?msg_id=5795641
https://sourceforge.net/forum/message.php?msg_id=5796556
-- Juergen Leising
- The "email-the-alerts"-variables were defined twice at different
locations in /etc/base/base_conf.php. Fixed this. -- Juergen Leising
- Emails from BASE containing one or more alerts include now a
"To:"-header, as well. Bug report no. 2234733 -- Juergen Leising
- $sort_order, once it has been chosen, survives now a possible "action",
even in base_stat_uaddr.php, base_stat_ports.php, base_stat_iplink.php,
base_stat_class.php and base_stat_sensor.php.
Bug no. 2234745. -- Juergen Leising
- The refresh-problem, when an "action" has been taken, is now fixed in
base_stat_uaddr.php, base_stat_ports.php, base_stat_iplink.php,
base_stat_class.php and base_stat_sensor.php, as well.
Bug no. 1681012. -- Juergen Leising
- I have corrected the way ICMP redirect messages are displayed
by BASE, inspired by Bruno G. San Alejo. -- Juergen Leising
- Several preprocessor events that did not get stored in the acid_event
table, so far, are now processed and displayed by BASE. This affects
all those preprocessors which have sig names that do NOT start with
a "spp_" prefix. -- Juergen Leising
- Fixed bug with archiving IP options. -- Juergen Leising
5/14/09 1.4.3 (gabi)
- XSS Flaws fixed in alert groups -- Kevin Johnson
- Possible SQL injection flaw fixed in AG -- Kevin Johnson
- XSS Flaws fixed in base_qry files -- Kevin Johnson
- Multiple XSS flaws fixed in citems -- Kevin Johnson
5/30/09 1.4.3.1 (zig)
- Multiple XSS flaws fixed in User and Role management -- Kevin Johnson
distrib
>
Mandriva
>
2010.0
>
i586
>
media
>
contrib-release
>
by-pkgid
>
51e3437de15302a3e5321601e5785b60
>
files
>
5
