Month: May 2012

LogAnalyzer 3.4.3 (v3-stable)

Download file name: LogAnalyzer 3.4.3 (v3-stable)

Version 3.4.3 (stable), 2012-05-23

  • Fixed several security vulnerabilities discovered by Filippo Cavallarin.
    This contains the following fixes:
    • Fixed SQL Injection vulnerability in admin/view.php
    • Fixed Cross Site scripting issue filter parameter on index.php
    • Fixed Cross site scripting issue of id parameter on admin/reports.php
    • Fixed Cross site scripting issue of id parameter on admin/searches.php
  • Fixed arbitrary file read issue in Disk LogStream class. The config.php file does now contain an array “DiskAllowed” which contains allowed directories. Only files located within these allowed directories can be accessed in LogAnalyzer. By default, only /var/log is allowed.

File size: 1003528 Bytes

LogAnalyzer v3.5.4 (v3-beta)

Download file name: LogAnalyzer v3.5.4 (beta)

Changes in Version 3.5.4 (beta), 2012-05-23

  • Merged security fixes into beta branch
  • Fixed several security vulnerabilities discovered by Filippo Cavallarin.
    This contains the following fixes:
    •   Fixed SQL Injection vulnerability in admin/view.php
    •   Fixed Cross Site scripting issue filter parameter on index.php
    •   Fixed Cross site scripting issue of id parameter on admin/reports.php
    •   Fixed Cross site scripting issue of id parameter on admin/searches.php
  • Fixed arbitrary file read issue in Disk LogStream class. The config.php file does now contain an array “DiskAllowed” which contains allowed directories. Only files located within these allowed directories can be accessed in LogAnalyzer. By default, only /var/log is allowed.

Version: 3.5.4
File size: 1041518 bytes

LogAnalyzer v3.5.3 (v3-beta)

Download file name: LogAnalyzer v3.5.3 (beta)

Changes:

  • Fixed some issues in the new MongoDB Logstream Class. To name a few, add resultlimits to speedup performance. Changed and fixed some issues when grouping data for consolidation. Added support to create Indexes on fields. This should also speedup report generation.
  • Added support to filter by date string, example: timereported:=2012-01-01
    A new Datetype has been added to support filtering by date.
  • Updated jpgraph code to latest version which is 3.0.7

Version: 3.5.3
File size: 1040396 bytes

LogAnalyzer 3.4.2 (v3-stable)

Download file name: LogAnalyzer 3.4.2 (v3-stable)

Version 3.4.2 (stable), 2012-05-07

  • Fixed a #bugid 303, VerifyChecksumTrigger function in logstreamdb class did not generate a lowercase triggername.
  • Fixed typo in lang files
  • Changed processid field type to string in logstreamclass. Filtering for non-numeric processids is now possible.
  • Added support to filter by day (Date field – for example: timereported:=2012-01-01

File size: 1002.472 KB