from lower to 2.3.x: database scheme has changed slightly

  -- MySQL:
	ALTER TABLE samhain.log ADD COLUMN acl_old BLOB;
	ALTER TABLE samhain.log ADD COLUMN acl_new BLOB;

  -- PostgreSQL:
	ALTER TABLE samhain.log ADD COLUMN acl_old TEXT;
	ALTER TABLE samhain.log ADD COLUMN acl_new TEXT;

  -- Oracle:
	ALTER TABLE samhain.log ADD acl_old VARCHAR2(4000);
	ALTER TABLE samhain.log ADD acl_new VARCHAR2(4000);
	DROP TRIGGER trigger_on_log;
 


since 2.2.0: server-to-server relay is possible

  -- this implies that problems will arise if your server is misconfigured
     to connect to itself (SetExportSeverity is explicitely set
     to a threshold different from 'none', and the logserver is set to 
     localhost). The server may deadlock in this case.



since 2.1.0: update and daemon mode can be combined

  -- this implies that '-t update' will start a daemon process if running as
     daemon is the default specified in the config file. use '--foreground'
     to avoid starting a daemon process



from 1.7.x to 1.8.x: client/server encryption protocol has been enhanced

  -- 1.7.x clients can connect to a 1.8.x server

  -- 1.8.x clients can only connect to a 1.7.x server, if they
     are built with --enable-encrypt=1



from 1.6.x to 1.7.x: things to watch out for

  -- the log server drops root privileges after startup; it needs a logfile
     directory with write access for the unprivileged user now

  -- the PID file does not double as lock for the log file anymore; the
     log file has its own lock now (same path, with .lock appended)

  -- by default, the HTML status page of the server is in the log directory 
     now; this allows to make the data directory read-only for the server