2.6.7 - Non-active log files should be read only - In augenrules, restore the selinux context if restorecon is installed - Update gitignore file and remove ltmain.sh (Richard Guy Briggs) - Replace Group Separator with whitespace in syslog audispd plugin - In auditd, check for euid rather than capabilities when local_events = no - If events are piped from ausearch to audisp-remote, flush queue when done - In auditctl, correct handling of -F key so that key is not part of value - In auparse, move static variables to auparse_state_t 2.6.6 - Interpret ioctlcmd fields - Fix the permission of the audit logging directory - Fix timeout in autrace better - Add gitignore file to ignore generated files if using git (Richard Guy Briggs) - audit_log_user_comm_message now resolves comm if NULL is passed - Update syscall table - Fix multi-key support in auparse which was broke in tty escape bug fix - Add multi-key support for syscall rules 2.6.5 - Correct the header length for dispatched events - Revise buffer handling in auditd to fix dispatched events - Fix spelling in man pages - Add documentation link to systemd unit file - Correct af_unix pathname detection in ausearch/report - Add remote_ended info to audisp-remote stat dump
i've added 2.7.1 now: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d7b0cd38b2c7bf584dba873bca8c9c89fbc2a862
