Patchman-client - Scanner for web application vulnerabilities and malware

License: All rights reserved
Patchman scans your system for known vulnerabilities in web applications and malware.
It provides means of (automatically) patching or quarantining the files in question
to solve the detected problems.

This software requires a license, which can be obtained through the product website.
Installation instructions for the the Patchman client can be found in the guide on the Patchman Portal.
Instructions to keep the Patchman client up-to-date be be found in this guide.

Available packages


Changelog by Jelmer Verkleij (2024-02-20):
- Improve speed of quarantine directory pruning task on large servers

Changelog by Jelmer Verkleij (2024-02-06):
- Resolve a bug that could cause the agent to deadlock when processing folder exclusion configuration during scans

Changelog by Jelmer Verkleij (2024-01-03):
- Add support for configurable directory scanning exclusions
- General code cleanup and modernization
- Harden integrity checks during processing of encrypted signature information from definition updates
- Resolve a bug where outbound routing changes after license registration could cause communication failure
- Resolve a bug where the number of pending actions was misreported in case of errors during executing actions
- Resolve a bug where multiple malware detections could be created on a single file
- Resolve a bug where internal database access calls occasionally weren't properly checked for errors
- Resolve a bug where successive actions on a single file would not act on the intermediate file state
- Resolve a bug in infinite scanning loop detection in the scanning process in case following symlinks is enabled
- Resolve a bug where symlinks would occasionally be followed during file scans even with following symlinks disabled
- Resolve a bug that would unnecessarily repeat checks on the license file during startup
- Resolve a bug that would leave forked processes in case pipes to those processes failed
- Resolve a bug that would log errors regarding permissions on IPC sockets
- Resolve a bug in the installation script's package installation detection
- (Real-time scanning only) Resolve a bug that would trigger unnecessary internal cache updates
- (Real-time scanning only) Resolve a bug where large bursts of activity could lead to missed events
- (Plesk only) Resolve a bug that would incorrectly consolidate websites if they use subdomains of a common domain
- (CentOS only) Remove unnecessary warnings about non-errors during automatic package updates
- (systemd only) Resolve a bug that would log errors about an unavailable PID file after startup