LogAnalyzer 3.6.0 (v3-stable)

Download file name: LogAnalyzer 3.6.0 (v3-stable)

Version 3.6.0 (stable), 2012-12-04

  • Bugfix: Fixed “DiskAllowed” checking in Disklogstream. Filenames are now correctly checked against allowed folders. This check was added for  security reasons before.
  • Fixes #bugid 369: http://bugzilla.adiscon.com/show_bug.cgi?id=369
    The DefaultviewID was accidentally overwritten with default value.
  • Fixes #bugid 375: http://bugzilla.adiscon.com/show_bug.cgi?id=369
    User and Group data is now deleted when removing them from the UserDB.
  • Bugfix: Added missing dependency for the Checksum field in “EventLog Audit” and “EventLog Logon/Logoff” report.

 

Version: 3.6.0
File size: 1043066 bytes

LogAnalyzer 3.4.3 (v3-stable)

Download file name: LogAnalyzer 3.4.3 (v3-stable)

Version 3.4.3 (stable), 2012-05-23

  • Fixed several security vulnerabilities discovered by Filippo Cavallarin.
    This contains the following fixes:
    • Fixed SQL Injection vulnerability in admin/view.php
    • Fixed Cross Site scripting issue filter parameter on index.php
    • Fixed Cross site scripting issue of id parameter on admin/reports.php
    • Fixed Cross site scripting issue of id parameter on admin/searches.php
  • Fixed arbitrary file read issue in Disk LogStream class. The config.php file does now contain an array “DiskAllowed” which contains allowed directories. Only files located within these allowed directories can be accessed in LogAnalyzer. By default, only /var/log is allowed.

File size: 1003528 Bytes

LogAnalyzer v3.5.4 (v3-beta)

Download file name: LogAnalyzer v3.5.4 (beta)

Changes in Version 3.5.4 (beta), 2012-05-23

  • Merged security fixes into beta branch
  • Fixed several security vulnerabilities discovered by Filippo Cavallarin.
    This contains the following fixes:
    •   Fixed SQL Injection vulnerability in admin/view.php
    •   Fixed Cross Site scripting issue filter parameter on index.php
    •   Fixed Cross site scripting issue of id parameter on admin/reports.php
    •   Fixed Cross site scripting issue of id parameter on admin/searches.php
  • Fixed arbitrary file read issue in Disk LogStream class. The config.php file does now contain an array “DiskAllowed” which contains allowed directories. Only files located within these allowed directories can be accessed in LogAnalyzer. By default, only /var/log is allowed.

Version: 3.5.4
File size: 1041518 bytes

LogAnalyzer v3.5.3 (v3-beta)

Download file name: LogAnalyzer v3.5.3 (beta)

Changes:

  • Fixed some issues in the new MongoDB Logstream Class. To name a few, add resultlimits to speedup performance. Changed and fixed some issues when grouping data for consolidation. Added support to create Indexes on fields. This should also speedup report generation.
  • Added support to filter by date string, example: timereported:=2012-01-01
    A new Datetype has been added to support filtering by date.
  • Updated jpgraph code to latest version which is 3.0.7

Version: 3.5.3
File size: 1040396 bytes