Version 4.33
2005-09-26 Sergey Akhapkin <asv@drweb.com>
        
        NEW:

        * New product - Dr.Web (R) GUI Scanner: this product provides graphical 
          interface for console scanner and updater. This product also
          contains unique features:
          - quarantine service
          - sending suspicious files to Dr.Web Virus-Monitoring Service
          - jump to the Dr.Web site and forum directly from interface
          - displaing of news messages from the Dr.Web

        * New updater: key features:
          - logging into a file with customized levels of detailization;
          - per version updating;
          - a section [Updater] in the drweb32.ini for customizing;
          - support an automatically updated list of update servers;
          - information about update to stdout (for using with cron);
          - full information about update by e-mail;
          - lock for preventing multiply instances;
        
        * engine: new types of malware definitions bases
          drwnasty.vdb - for detecting AdWare and Dialers
          drwrisky.vdb - for detecting RiskWare, Hacktools and Jokes
        * engine: a new heuristic analyzer for finding following types
          of viruses: 
          DLOADER (Trojan.DownLoader.xxx), MULDROP (Trojan.MulDrop.xxx),
          STPAGE (Trojan.StartPage), BACKDOOR (BackDoor.xxx), 
          PWS (Trojan.PWS.xxx),  WORM and MAIL.WORM (e-mail worms).
          Possible combinations:
           (DLOADER|MULDROP|STPAGE)(.IRC)(.PWS).Trojan
           BACKDOOR(.IRC)(.PWS).Trojan
           WIN.(.IRC)(.PWS)(.MAIL).WORM.Virus
        * engine: added extracting files from BZIP (1.0.3) archives 
        * engine: added extracting files from CHM archives
        * engine: added support of the ULTRAPROTECT packer 
        * engine: added support of new versions of ASPACK, PECRYPT, UPX,
          MORPHINE, PECOMPACT, NFO, EXPRESSOR, SQR, EXE32PACK, WWPACK32,
          ARM, NEOLITE, SVKP, PESPIN, MOLEBOX, SOFTDEFENDER, MEW, TELOCK,
          CEXE, PEDIMINISHER, FSG, KCUF, NSPACK, ELKA, FAKENEO, YODA,
          UPACK 
 
        * daemon\scanner: support of engines update without updating binaries
        * daemon\scanner: now the daemon and the scanner have separated 
          localization files. russian.dwl obsolete.
        * daemon\scanner: the loading algorithm of virus bases is improved       
        * daemon\scanner: check of the license key file integrity is implemented
    
        * daemon: supports loading more than one license key
          Multiply definition of 'Key' parameter should be used for 
          keys enumaration.
          (BugID #4663)
        * daemon: protocol changes - extended scan options unit is added.
          Extended options allow to specify actions for new types of
          detected objects: Adware, Dialers, Jokes, Riskware and
          Hacktools. Old (4.32.1 and less) versions are also supported.
          See also for new command line options of drwebdc: -V, -I, -A,
          -D, -J, -W, -H for actions on new types of detected objects.  
        * daemon: notification about license expiration by e-mail. 
          New parameter: MailCommand
          (BugID #4105)
        * daemon: new feature: pure 'per day' traffic license
          Obsolete parameters: TrafficEqualPerHour, TrafficPerHour
          (BugID #4550)

        * scanner: New command line parameters: -adw[d|r|m|-], -dls[d|r|m|-],
          -jok[d|r|m|-], -rsk[d|r|m|-], -hck[d|r|m|-]
          New parameters: ActionAdware, ActionDialers,
          ActionJokes, ActionRiskware, ActionHacktools. 
        * scanner: a key term is displayed in the log file and terminal
        * scanner: logging information about versions  
        * scanner: prints at the stderr if the license will expires in 2 weeks
          (BugID #4104)
        
        * package: a new distribution layout, separate packages for base
          components, the updater, the daemon, the scanner and the gui
          this extends your upgrade capability   
        * package: using logrotate for automatic rotation of logfiles   
        * package: supports FedoraCore4, RedHat Enterprise Linux 4, FreeBSD 5.4
        * package: OpenBSD\Solaris packages are available

       FIX:

        * engine: fixed bugs in CAB extractor
        * engine: parsing errors of bz2-archives during the by  check are corrected
        * engine: more checking errors of rar-archives
        * engine: error of processing of large number of add-ons is fixed
        * engine: errors of files unpacking during gzip-archives check are ignored
        * engine: errors of unpacking MEW, MOLEBOX, PEDIMINISHER, PEPACK,
          ASPACK, WWPACK32, EXE32PACK, PKLITE, WINKRIPT, MORPHINE
        
        * daemon\scanner: fix bug with /dev/null as logfilename (passed by -log option)
          (BugID #3618)
        * daemon\scanner: fix processing fifos, sockets etc
          (BugID #3876, #4198)
        * daemon\scanner: prints an error if action for an infected
          archive fails
          (BugID #3973, #4060 by db@drweb.com)

        * daemon: fix problem if daemon cannot create pidfile
          (BugID #5103, #5508)
        * daemon: fix ignorance of the ScanFiles option for non archives
          (BugID #5499)
        * daemon: fix ignorance of the ExcludePaths option
          (BugID #5523)
        * daemon: fix a bug with reloading in the PreFork mode
          (BugID #4123, #5992, #5993)
        * daemon: fix a bug with second reloading in the non-PreFork mode
          (BugID #4232)
        * daemon: fix RejectCondition parsing bug
          (BugID #4457)
        * daemon: fix a problem with broken encapsulated multipart parts 
          (BugID #4006)
        * daemon: fix a problem with virus finding in a broken base64 encoding
          (BugID #4796)
        * daemon: fix a problem with virus finding in broken text/html parts
          (BugID #4873)
        * daemon: fix a problem with virus finding in a broken RFC-broken QP encoding
          (BugID #5982)
        * daemon: logging summary info about checked messages   
          (BugID #4541)
        * daemon: less strict rules for RFC2822 compiance
        * daemon: fix reporting CURED\DELETED if a message repacking fails
          (BugID #4165)
        * drwebdc: return license errors too
          (BugID #5986)
        * drwebdc: fix processing of zerolength files in the non local mode
          (BugID #5985)

        * scanner: fix segmentation faults and very long paths 
          (BugID #5049, #4596)
        * scanner: fix symlink processing
          (BugID 4718, #4787, #4877, #4878, #5010, #5085)
        * scanner: fix problem with scanning directories that contains *
          and ? in names 
          (BugID #5181, Dups: #5041, #5046, #5060)
        * scanner: fix ignorance of the -ni option
          (BugID #5127)
        * scanner: fix read error on some packed win executables
          (BugID #4583)
        * scanner: fix an error in a parsing filelist
          (BugID #5980)

        * package: fixed following bugs: 
          (BugID #4782, #4879, #4903, #4904, #4919, #4921, #5021)
          (BugID #5291, #4919, #5205, #5328, #3476, #4082)
          (BugID #4224, #4492, #4493, #4522, #4642, #4597, #4609, #4616)

Version 4.32.2
2004-11-02 Sergey Akhapkin <asv@drweb.com>
	* daemon\scanner: correct a work with FIFO, sockets etc
	  (BugID #3876)
	* daemon\scanner: fix problem with curing Win32.Parite.2
	  (BugID #3965)
	* daemon\scanner: fix printing "- unknown file type, skipped" 
	  without a filename
	  (BugID #4021, #4083, #4085)
	* daemon\scanner: prints an error if action for an infected
	  archive fails
	  (BugID #3973, #4060)
	* daemon: fix reporting CURED\DELETED if a message repacking fails
	  (BugID #4165)
	* daemon: fix problem with RejectConditions
	  (BugID #3993)
	* daemon: fix that info about sockets is logged two times
	  (BugID #3830)
	* updater: a new update url is added
	* updater: fix a problem with chown
	  (BugID #3877)        
	* updater: fix a deletion of files are placed in sections for newer versions
	  (BugID #3779)
	* updater: add some paths to the PATH environment variable
	  (BugID #3987)
	* engine: new version 4.32b
	* engine: unpacking newest versions: UPOLYX, PELOCK, FSG,
	  MORPHINE, PECRYPT, YODA, PCSHRINK, SHAOLIN, PEDIMINISHER,
	  BITARTS, UPC, MOLEBOX, PESPIN etc
	* engine: fix ZIP unpacking when a files size is zero in the ZIP header
	* engine: some new unpackers has been implemented
	* engine: fix unpacking errors in some packers (YODA, PECRYPT, EXE32PACK)
	* doc: add readme files about licenses
	* doc: clean up some old parameters
	  (BugID #3990)
	* rpm: now uses drweb crontab with more correct entry
	  (BugID #3860, #3938)
	* rpm: remove bases from another version during install\update
	  (BugID #2558)

Version 4.32.1_1 (Solaris, OpenBSD)
2004-09-02 Sergey Akhapkin <asv@drweb.com>
	* updater: remove -q option for md5 utility under Solaris 8, OpenBSD

Version 4.32.1
2004-08-30 Sergey Akhapkin <asv@drweb.com>
	* daemon: print warning and continue instead of break if initgroup() fails
	* daemon: fix evaluation message printing if key not found
	  (BugID #3739)
	* daemon: fix bugs in Rule Filters (RejectConditions, FilterParts,
      	  MissingHeaders etc)
	  (BugID #3783, #3790)
	* daemon: fix problem with loading bases under special conditions
	  (BugID #3784)
	* daemon: fix problem with FileServer license
          (BugID #3815)
	* engine: support of some packers is added
	* engine: fix bug in WINEXE unpacker
	* updater: now allows to be updated from update.drweb.com to
          customers of our partners
	* updater: fix incorrect requests header under FreeBSD
          (BugID #3816)
	* dwl: fix misspelling
	  (BugID #3782, #3814)

Version 4.32
2004-08-16 Sergey Akhapkin <asv@drweb.com>
	* daemon: support new licenses: Traffic and on 15,30 e-mail addresses.
	* daemon: using supplementary groups
	* daemon: fix PreFork mode. Daemon becomes inresponsible in some cases.
	* daemon: fix e-mail curing. cured messages for sources with unix
                and win end line were different.
	* daemon: fix 'stack overflow' under OpenBSD 3.x (x >= 4) if LocalScan = no
                (BugID #3395)
	* daemon: make RejectPartConditions recursive
                (BugID #3227)
	* daemon: now daemon can be run in foreground
                see RunForeground option in drweb32.ini	      
                (BugID #2758)
	* daemon: following parameters are removed from drweb32.ini:	
                HeuristicAnalysis - now only in filters
                LogStatistic - not used
	* daemon: partially incorrect information in removed sections
                (BugID #2782)
	* daemon: fix incorrect logged information	
                (BugID #2883)
	* daemon: fix problem with SocketTimeout
                (BugID #3357)
	* daemon: fix incorrect behaviour of LogInfected = No
                (BugID #3296)
	* daemon: fix ingnorance of MaxCompressionRatio if
                CompressionCheckThreshold was not defined
                (BugID #3095)
	* scanner: fix problem with Fedore Core 2
                (BugID #3569)
	* scanner: fix incorrect work with symlinks if FollowLinks == Yes
                (BugID #2755)
	* scanner: fix incorrect work with -cnn command line option
                (BugID #2446)
	* both: following parameters are removed from drweb32.ini:	
                LogInfo - not used
	* doc: documentation was been updated
                (BugID #3369, #3370)
	* updater: now work with updates servers list
	* engine: support for bzip2 archive has been implemented
	* engine: fix unpacking zip-streams from ACTIVEMIME and POWERPOINT
	* engine: fix decompression error for RAR archive
	* engine: support new version of unpackers: UPX, MORPHINE, YODA, PEX,
                PECOMPACT, PECRYPT, ASPACK, FSG  etc
	* engine: new heuristic for finding of worms distributing over KAZAA network
                and written on Visual Basic
	* engine: fix decoding of broken base64
	* engine: files unpacked with incorrect CRC will been scanned too

Version 4.31.2
2004-03-05 Vsevolod Lutovinov <vla@drweb.ru>
	* daemon: CGP files parsing was fixed:
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=2641
	* daemon: Outlook files parsing was fixed:
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=2700
	* daemon: Viruses removing was fixed:
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=2719
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=2720

Version 4.31
2004-02-04 Vsevolod Lutovinov <vla@drweb.ru>

	* both: multilines keys in ini-file handling was added, example:
	        RejectCondition No "From AND \
		                No "Subject"
	* daemon: problem with unix-socket deleting was fixed
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=0001068
	* daemon: rules with russian characters handling was fixed
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=0001045
	* daemon: MissingHeader rule handling was fixed 
              (daemon return to filter headers names)
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=0001051
	* daemon: deadlock while SIGHUP handling was fixed
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=0001054
	* daemon: nested multipart messages curing was fixed
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=0001064
	* daemon: no evaluation banner in */signed messages
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=0001065
	* daemon: invalid users and groups handling was added
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=0001067      

Version 4.30
2003-10-07 Vsevolod Lutovinov <vla@drweb.ru>	

	* both: new ini-file key: LogEncoding = { koi8-r | windows-1251 }
	* both: LHA archives handling was added
	* both: "broken" RAR-SFX archives handling was fixed
	* both: RTF documents parsing was fixed
	* both: encrypted RAR archives handling was fixed
	* both: PowerPoint containers handling was fixed
	* both: Content-Transfer-Encoding: binary handling was fixed
	* both: memory working was optimized
	* both: message about blocked keys was added
	* daemon: new return to filter alerted rule
	* daemon: message/partial handling was added
	* daemon: "broken" Quoted-Printable scanning was fixed
	* daemon: no evaluation banner in multipart/alternative messages
	* daemon: "Address in use" error was fixed
	* daemon: problem with complex filter rules like "(a)|(b)" was fixed
	* daemon: problem with regexec and long text/html parts was fixed
	* daemon: problem with spaces in filter rules was fixed
	* daemon: problem with long names in attachments was fixed
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=0001028
	* daemon: minor bugs in daemon-client communications were fixed
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=0001029
	* daemon: LogArchive = no allow print errors now
              http://bugs.drweb.ru/bug_view_advanced_page.php?bug_id=0001030
	* daemon: new key: ListeningQueue = N
	* daemon: new key: ScanEncodedHeaders = {Yes|No}, allow scan 
	          message headers before decoding
	* daemon: new key: PreFork = {Yes|No}.
	* daemon: new key: FilterParts = {Yes|No}. 
	* daemon: new keys RejectPartCondition = "expression", 
	          AcceptPartCondition = "expression" for filter
	          message part headers (only with FilterParts = Yes).
	* daemon: new condition in FilterRule key: %HEADER = 8bit
	* daemon: new condition in RejectPartCondition, AcceptPartCondition,
              RejectCondition and AcceptCondition keys: FileName = "regexp".
	* scanner: fixed problem with relative symlinks

Version 4.29.7 beta
2003-03-07 Vsevolod Lutovinov <vla@drweb.ru>	

	* daemon: support for ^ and $ symbols in regular expressions
	          "^$" - now valid and match to empty string
	* daemon: added MissingHeader rule into DrWeb Rule Filter
	          Example:
	          MissingHeader = "To:", "From:"
	* daemon: added AcceptCondition, RejectCondition, DebugCondition rules into
	          DrWeb Rule Filter. Operators (variables starts from %):
	          AND, OR, (, ), No %HEADER, %HEADER = regexp, %HEADER != regexp	          
	* daemon: more info in log about blocked by Rule Filter messages - now
	          rule that was alerted logged 
	* daemon: new default paths for BSD systems:
	          old: /etc/drweb        new: /usr/local/etc/drweb
                   /opt/drweb             /usr/local/drweb
                   /var/drweb/bases       /usr/local/drweb/bases
	* daemon: files  checking was added for remote scanning mode
	* daemon: MaxArchiveLevel key bug was fixed	
	* scanner: fixed critical bug then scanner scans files by list
	* scanner: log time of scanning start
	* scanner: new command-line keys for path/file to scan: -path=...
	

Version 4.29.5
2003-01-06 Vsevolod Lutovinov <vla@drweb.ru>	

	* both: new option MaxArchiveLevel in drweb32.ini allows to set maximum
	       recursion depth for archives (protect daemon)
	* both: does not start if key has not been found
	* both: engine (dll) version is printed to log at start
	* both: sections [OS] and [OS:Daemon] are replaced by [Scanner] and [Daemon]
	* daemon: new option StopOnFirstInfection in drweb32.ini (daemon stops
              scanning then first virus was found)
	* daemon: options SocketMode, SocketFile, SocketAccess, DaemonPort and 
	          Interfeces are replaced by Socket. Examples:
	          1) was
	          SocketMode = TCP
	          DaemonPort = 3000
	          Interfaces = "10.0.0.1" "127.0.0.1"
	          now
	          Socket = 3000 "10.0.0.1" "127.0.0.1"
			  2) was
	          SocketMode = UNIX
	          SocketFile = /var/drweb/run/drwebd.skt
 	          SocketAccess = 0660
	          now
	          Socket = /var/drweb/run/drwebd.skt 0660

              Now you can use unix and tcp sockets together, because 
	          multiply Socket options are available:
	          Socket = 3000 "10.0.0.1" "127.0.0.1"
	          Socket = /var/drweb/run/drwebd.skt 0660
	* daemon: response to client on "read error" fixed
	* daemon: handling multipart/related fixed 
	* daemon: fix for unpacking zero-length Base64
	* daemon: removing unix socket at start 
	* scanner: fixed work with syslog
               http://bugs.drweb.ru/unix/view_bug_advanced_page.php?bug_id=0000007

Version 4.29.2 released
2003-11-06 Vsevolod Lutovinov <vla@drweb.ru>	

	* both: support glibc-2.3
	* daemon: get filename from Content-Type if possible

Version 4.29 released
2002-10-29 Vsevolod Lutovinov <vla@drweb.ru>	

	* both: stack usage is optimized
	* both: solid RAR-archives 2.9 handling was fixed 
			Dmitry Belousov <db@drweb.ru>
	* both: memory leak with big number of *.vdb was fixed 
			Dmitry Belousov <db@drweb.ru>
	* daemon: SPAM filter is supported by OS/2 version now
	* daemon: SO_REUSEADDR option for daemon children was added
	* daemon: CGP and ZMailer headers handling was added
	* scanner: extended set of recognized files formats     
    
2002-08-20 Vsevolod Lutovinov <vla@drweb.ru>

    drwebd 4.28.2

    * FileTimeout answer was fixed
    * spam filter does not scan headers placed in message body (forwards etc)
    
    drweb 4.28.2
    
    * command line key "--" added (read files list from stdin)
    * files list may contain catalogues

    drweb, drwebd 4.28.2
    
    * logging was fixed
    * new ini-file keys:
	    RecodeNonprintable { yes | no }
	    RecodeMode { Replace | QuotedPrintable }
	    RecodeChar { "?" | ... }

2001-12-28 Vsevolod Lutovinov <vla@drweb.ru>

    drwebd 4.27

    * some bugs with socket writing error was fixed
    * SocketAccess option added
    * SPAM filter added

    drweb, drwebd 4.27
    
    * broken archives handling fixed

2001-10-18 Vsevolod Lutovinov <vla@drweb.ru>

    drweb, drwebd 4.26b

    * no bugs was fixed :)
    
2001-09-25, Vsevolod Lutovinov <vla@drweb.ru>

    drwebd 4.26

    * !!! NEW RESTRICTION FOR LOCAL SCAN MODE WITH EVALUATION KEY !!!
	Directory for temporary files MUST be writable for drwebd if 
	evaluation key used
    * log file locking bug fixed
    * bug with sockets timeout fixed
    * SyslogPriority option added, SyslogFacility changed

2001-06-20, Vsevolod Lutovinov <vla@drweb.ru>

    drwebd 4.25

    * scanning files with length = 0 was fixed
    * log error with "OutputMode = Quiet" was fixed
    * new option "SocketReuseAddr = { Yes | No }", default = Yes

    drweb 4.25
    
    * infinite loop while scanning directory with up-level symlinks was fixed
        
    drweb, drwebd 4.25

    * memory allocation bugs was fixed (Dmitry Belousov <db@drweb.ru>)
    * TAR/GZIP handling was fixed (Dmitry Belousov <db@drweb.ru>)
    * default location if drweb32.ini changed (FreeBSD only, /usr/local/drweb/drweb32.ini)
    * some cosmetic errors were fixed
    * support of external language files was added
    * update url's were changed (see update directory for details)    
