This release updates the syscall table for the 3.3 Linux kernel, fixes a bug in grouping records in the same event when the node name is too long, and adds a new feature to ausearch to interpret some arguments to over 40 common syscalls.
This release adds lots of bugfixes in ausearch parsing of event records, improvements to the sample rules, support for virtualization events, a new auvirt utility, and interfield comparison support for the 3.3 and later kernels.
The event parsers were reviewed and updated for better event analysis. A few daemon generated events were fixed. Reliability of remote event logging was improved.
Many improvements were made to the robustness of remote logging. Some problems related to audispd plugin management were fixed. autrace was fixed for the i386 and s390 platforms.
This release adds a store and forward remote logging model to prevent event losses. This release adds new translations for netfilter, virtualization, and capabilities. There is a big performance improvement in aureport. And there are many bug fixes.
