[SSHGuard-maintainers] sshguard 2.5.0 release candidate

[Kevin Z. <kev...@gm...>]

Dear SSHGuard users and maintainers,

It has been some time since the last versioned SSHGuard release, and 
it's time to cut a new version for the benefit of packagers and users.

If you are able and comfortable to compile from source and deploy on 
test/production systems, your early testing and feedback is appreciated 
so that we can squash any late-breaking bugs before the release.

You can check out a copy of the release candidate code from:

https://bitbucket.org/sshguard/sshguard.git

The two main changes are:

1. Non-privileged processes such as the parser can now switch users
    after starting. Previously, they only used OS-level sandboxing
    mechanisms if available (Capsicum on FreeBSD and pledge on OpenBSD).

2. The web log (CLF) parser was refactored to fix some false positives
    and provide flexibility in defining new attacks. While the new web
    log parser passes all existing and new tests, there may be some
    regressions in cases that are not currently covered by tests.

The draft change log is below:

**Added**

- Add attack signatures for Proxmox VE
- Update signatures for:
   - Cyrus
   - Exim
   - OpenSSH
   - Postfix
- Add option to write Prometheus-compatible metrics
- Add option to change sandboxable-processes to an unprivileged user

**Changed**

- Any HTTP 401 response is now recognized as an attack
- Code improvements in in log banner and web (CLF) parsers. If there are
   regressions, please file a bug report with example attacks so that 
they can
   be added to our tests.

**Fixed**

- Fix configure issues when the shell is not bash
- Fix false positives in web (CLF) log detection with "mail" in the request

Your efforts in testing the release candidate are appreciated!

Regards,
Kevin