GP-0 updated Whats New and Change History docs for 10.1.1 release

ghidra1 · ghidra1 · commit 7f2675c9c16b · 2021-12-20T14:12:43.000-05:00
diff --git a/Ghidra/Configurations/Public_Release/src/global/docs/ChangeHistory.html b/Ghidra/Configurations/Public_Release/src/global/docs/ChangeHistory.html
@@ -7,6 +7,30 @@
 
 <BODY>
 
+<H1 align="center">Ghidra 10.1.1 Change History (December 2021)</H1>
+<blockquote><p><u>Improvements</u></p>
+<ul>
+    <li><I>Analysis</I>. Fixed headless analysis exception related to running UI code from the GNU Demangler analyzer. (GP-1613, Issue #3765)</li>
+    <li><I>Basic Infrastructure</I>. Upgrade logging dependency to use <i>log4j</i> 2.17.0 (GP-1621)</li>
+    <li><I>Debugger:Memory</I>. Added <B>New Memory Bytes View</B> to Window->Debugger menu. (GP-1465)</li>
+    <li><I>Debugger:Memory</I>. Fixed issue with Debugger Memory view scrolling. (GP-1591)</li>
+    <li><I>GUI</I>. Removed restriction that prevented renaming tree nodes while the tree is filtered. (GP-1507)</li>
+    <li><I>GUI</I>. Fixed issue where renaming a symbol in the symbol tree could result in the symbol appearing more than once (under different organizational nodes) (GP-1587)</li>
+    <li><I>Help</I>. Fixed NullPointerException when using the help system with animation disasbled. (GP-1612, Issue #3767)</li>
+</ul>
+</blockquote>
+<blockquote><p><u>Bugs</u></p>
+<ul>
+    <li><I>Basic Infrastructure</I>. Fixed the <I>"ERROR StatusLogger Reconfiguration failed"</I> message that appeared in the log when Ghidra was launched with <I>support/ghidraDebug</I> script. (GP-1607)</li>
+    <li><I>Debugger</I>. Fixed null pointer exception in Debugger when opening a program from a shared project. (GP-1490)</li>
+    <li><I>Debugger</I>. Fixed issue with context menus on the trace selector tabs in Debugger Threads window. (GP-1494)</li>
+    <li><I>Debugger</I>. Fix for font resizing (GP-1597, Issue #3752)</li>
+    <li><I>Debugger</I>. Fixes null-pointer exceptions in lldb (GP-1600, Issue #3645)</li>
+    <li><I>Debugger:Listing</I>. Fixed default configuration problem when cloning the Debugger Listing window. (GP-1479)</li>
+    <li><I>Importer</I>. Fix issue importing NE binaries that have a segment number greater than 127. (GP-1576, Issue #3715)</li>
+</ul>
+</blockquote>
+
 <H1 align="center">Ghidra 10.1 Change History (December 2021)</H1>
 <blockquote><p><u>New Features</u></p>
 <ul>
diff --git a/Ghidra/Configurations/Public_Release/src/global/docs/WhatsNew.html b/Ghidra/Configurations/Public_Release/src/global/docs/WhatsNew.html
@@ -26,7 +26,7 @@ <H1>Ghidra: NSA Reverse Engineering Software</H2>
     Ghidra is a software reverse engineering (SRE) framework developed by NSA's Research Directorate.
     This framework includes a suite of full-featured, high-end software analysis tools that enable
     users to analyze compiled code on a variety of platforms including Windows, MacOS, and Linux.
-    Capabilities include disassembly, assembly, decompilation, graphing, and scripting, along with
+    Capabilities include disassembly, assembly, decompilation, debugging, emulation, graphing, and scripting, along with
     hundreds of other features.  Ghidra supports a wide variety of processor instruction sets and 
     executable formats and can be run in both user-interactive and automated modes.  Users may also
     develop their own Ghidra plug-in components and/or scripts using the exposed API.  In addition there are
@@ -41,45 +41,44 @@ <H1>Ghidra: NSA Reverse Engineering Software</H2>
     code and generating deep insights for NSA analysts who seek a better understanding of potential
     vulnerabilities in networks and systems.
     </P>
+    <hr>   
     
-    <H1>What's new in Ghidra 10.1</H1>
-    
-    <H2>The not-so-fine print: Please Read!</H2>
-    
-	<P><span style="color:#FF0000">WARNING:</span> There has been a published CVE security vulnerability noted in Ghidra dependencies within two log4j jar files.
-    We strongly encourage anyone using previous versions of Ghidra or a build from source, to remediate this issue by either upgrading
-    to the latest Ghidra 10.1 version, or patching your current version.</P>
+    <H1><span style="color:#FF0000">Log4j Vulnerability Mitigation</span></H1>
+    <p><span style="color:#FF0000">Please read!</span> There have been several
+    published CVE security vulnerabilities noted for log4j which Ghidra uses for logging.  The known issues
+    have been resolved in log4j 2.17.0.  We strongly encourage
+    anyone using previous versions of Ghidra or a build from source, to remediate this issue by either upgrading
+    to the latest Ghidra 10.1.1 version, or patching your current version.</P>
     
     <P>
-	To patch your current Ghidra installation, delete:
-	<BLOCKQUOTE><UL>
-    <li>Ghidra/Framework/Generic/lib/log4j-api-2.12.1.jar</li>
-    <li>Ghidra/Framework/Generic/lib/log4j-core-2.12.1.jar</li>
-    </UL></BLOCKQUOTE>
-    </P>
+	To patch your current Ghidra installation:
+	
+	<BLOCKQUOTE>
+	<UL>
+    <li>Delete any log4j jar files in <b>Ghidra/Framework/Generic/lib</b>.</li>
+    <li>Replace those jar files with the newer log4j 2.17.0 version: <b>log4j-api-2.17.0.jar</b> and <b>log4j-core-2.17.0.jar</b>.</li>
+    <li>Update the log4j version to refer to 2.17.0 in <b>&ltinstall_dir&gt/Ghidra/Features/GhidraServer/data/classpath.frag</b>.</li></UL>
+    </BLOCKQUOTE>
+    </p>
     
     <P>
-	and replace with the newer log4j 2.15.0 version:
-	<BLOCKQUOTE><UL>
-    <li>log4j-api-2.15.0.jar</li>
-    <li>log4j-core-2.15.0.jar</li>
+	You can find these in the latest Ghidra 10.1.1 release, or from:
+	<BLOCKQUOTE>
+	<UL>
+    <li>https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.17.0/log4j-api-2.17.0.jar</li>
+    <li>https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.17.0/log4j-core-2.17.0.jar</li>
     </UL></BLOCKQUOTE>
-    </P>
+    </p>
     
     <P>
-	You can find these in the latest Ghidra 10.1 release, or from:
-	<BLOCKQUOTE><UL>
-    <li>https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-api/2.15.0/log4j-api-2.15.0.jar</li>
-    <li>https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core/2.15.0/log4j-core-2.15.0.jar</li>
-    </UL></BLOCKQUOTE>
-    </P>
+    The details of the vulnerabilities can be found in the following:
+    CVE-2021-44228, CVE-2021-45046, CVE-2021-45105.
+    </p>
+    <hr>
+        
+    <H1>What's New in Ghidra 10.1</H1>
     
-    <P>
-    The details of the vulnerability can be found here:
-	<BLOCKQUOTE><UL>
-    <li>https://nvd.nist.gov/vuln/detail/CVE-2021-44228</li>
-    </UL></BLOCKQUOTE>
-    </P>
+    <H2>The not-so-fine print: Please Read!</H2>
     
 	<P>Ghidra 10.1 is fully backward compatible with project data from previous releases. However, programs and data type archives
 	which are created or modified in 10.1 will not be useable by an earlier Ghidra version.</P>
