From OSSEC Wiki

Known bugs - v1.3

Segmentation Fault when Parsing Rules

Version 1.3 of OSSEC-HIDS contains a bug that can cause ossec-analysisd to segfault when attempting to issue a configuration error message if it detects a rule that contains the frequency directive without an if_matched_sid directive. To correct this bug simply issue the below change prior to running install.sh

In ./src/analysisd/rules.c on line 888 change the below code:

merror("%s: Invalid use of frequency/context options. "
                           "Missing if_matched on rule '%d'."
                           ARGV0, config_ruleinfo->sigid);
 

To (notice the comma on the second line at the end of the string):

merror("%s: Invalid use of frequency/context options. "
                           "Missing if_matched on rule '%d'.",
                           ARGV0, config_ruleinfo->sigid);
 

Save the changes and run install.sh. If you installed 1.3 prior to correcting this bug simply run 'make' and copy ossec-analysisd over your existing ossec-analysisd binary.

OSSEC-WUI Permission Denied Errors Due to SELinux on Fedora / Redhat Based Systems

See this mailinglist post for more context: mailinglist post

For this example, the web dir is /var/www, and ossec is in /var/ossec:

chcon -R --reference /var/www/ /var/ossec/

That is what worked on my FC6 box. And it worked on F7 (just confirmed).