Skip to content

Latest commit

 

History

History
163 lines (128 loc) · 10.9 KB

CHANGELOG.md

File metadata and controls

163 lines (128 loc) · 10.9 KB
Raw

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog.

Unreleased

Added

  • Create greenbone-nvt-sync create lock file during feed sync. #458 #459
  • Extend script_get_preference() to get the value by id. #470
  • Add extended environmental variables info to greenbone-nvt-sync help text. #488

Changed

  • The logging of the NASL internal regexp functions was extended to include the pattern in case of a failed regcomp(). #397
  • Add config for gpg keyring path (OPENVAS_GPG_BASE_DIR) #407
  • Use func instead of FUNCTION #419
  • Use pcap_findalldevs() instead of deprecated function pcap_lookupdev() #422 #430
  • Add port-range option for openvas-nasl #431
  • Add test_alive_hosts_only feature. #456
  • Don't reload the plugins when start a new scan. #458
  • Drop http feed sync. #478
  • Add aligned summary to log at scan end. #496
  • Unify log messages about start/end of scan and of hosts. #500
  • Use flock to lock the feed lock file. #507

Fixed

  • Improve signal handling when update vhosts list. #425
  • Wait for all children instead of waiting just for one a time. #428
  • Don't detect MongoDB as a HTTP service. #447
  • Set status finished and send a message if the port list is invalid. #453
  • Fix format-truncation warning in GCC 8.2 and later. #461
  • Clean the new kb when the scan was stopped and the host has not been started. #494
  • Prevent child deadlock. #491
  • Memleak fixes for kb_item_get_str(). #502
  • Fix denied hosts. #510

Removed

  • Removed "network scan" mode. This includes removal of NASL API methods "scan_phase()" and "network_targets()". Sending a "network_mode=yes" in a scanner configuration will have no effect anymore. #493

7.0.1 (unreleased)

Added

  • Display gvm-libs version in openvas --version output #436

Changed

  • Improve handling of invalid or existent ids of nvt's preference id. #416
  • Perform a scan even if there are missing plugins. #439

Fixed

  • Do not store in memory an empty file received as nvt preference. #409
  • Fix stop scan. #414
  • Fix hanging scans. #423
  • Improve signal handling when update vhosts list. #426
  • Wait for all children instead of waiting just for one a time. #429
  • Release redis connection. [#452

7.0.0 (2019-10-11)

Added

  • An ID has been added to NVT preferences. #282
  • A new NVT cross references data handling has been added. #317
  • Add option --scan-stop. #352
  • Add support to open an rc4 stream cipher, the function to encrypt stream data using the cipher handle, and the function to close a handler. #354
  • Add one single config for redis to config/redis-openvas.conf. #370

Changed

  • Vendor version is now an option in the config file. #363
  • The NVT preference format has been changed. #275
  • Redis supported versions must be 3.2 or higher. #287
  • Log directory is now configurable. #316
  • The greenbone-nvt-sync script is not allowed to run as root. #323
  • OpenVAS Scanner has been renamed to OpenVAS (Open Vulnerability Assessment Scanner). #337 #343
  • Retry until a host finishes and frees a db before running a new host scan, in case there is no free redis db. Therefore a infinite loop has been added when it call kb_new(). #340
  • Use new nvti_add_tag() instead of plug_set_tag() and remove plug_set_tag(). #385
  • Remove dead code about tags regarding former openvas settings "result_prepend_tags" and "result_append_tags". #386
  • Check cache/feed errors during plugin scheduling. #358
  • Vendor version is now an option in the config file. #363
  • Use API for accessing NVTI elements. #365
  • Allow send_packet() and send_v6packet() to send packets to broadcast/multicast.#388

Fixed

  • An issue with stuck scans where only a single plugin is running and is beyond its timeout has been addressed. #289
  • Fix a type mismatch. Use correct format specifier for size_t. #299
  • An issue which caused falling back into a default port in get_ssh_port() has been fixed. #342
  • An issue which could have caused a truncated string in register_service() has been fixed. #373
  • Reset redis connection after the host scan finished. This avoids to leave open fd, which cause ulimit problems. #384
  • Fix mis-identification of Sphinx Search service. #387
  • Set a key in redis when the scan finishes and fix stop scan using the right pid. #390
  • Fix detection of finger service. #391
  • Wait for zombie process in case of timed out nvts. #379
  • Fix handling of file type nvt preferences. #399

Removed

  • Unused be_nice scan preferences has been removed. #313
  • OTP has been entirely removed in favor of using the ospd-openvas interface. #333 #351 #337 #389
  • Daemon mode has been entirely removed. #337 #341

6.0.2 (unreleased)

Changed

  • The call to wmiexec.py has been replaced with impacket-wmiexec, because the symlink has been added in Debian Stretch with python-impacket 0.9.15-1.

6.0.1 (2019-07-17)

Added

Changed

  • Use lowercase for values added from add_host_name(). #306
  • Do not launch the scan if the nvticache is corrupted. #309
  • Separate each scan plugin process into its own process group. #325

Fixed

  • An issue which caused the scanner to crash when a plugin is missing during a scan has been addressed. #296
  • An issue which causes a scan to hang has been addressed. #301
  • Issues in building process have been addressed. #308
  • An issue which caused resuming task not to work was addressed. #312
  • An issue which caused a possible null IP values in OTP results / HOST_END has been addressed. #321
  • An issue which caused the scanner to finish instantly without any result has been addressed. #330

Removed

  • Currently unused advanced_log related code has been removed. #327

6.0.0 (2019-04-05)

Added

  • Function to get the currently running script filename has been added.

Changed

  • Debugging nasl mechanism has been improved, replacing preprocessor directives with g_debug facility.
  • Code related to redis queries was improved.
  • OpenVAS reload has been improved.
  • Documentation has been improved.

Fixed

  • An issue related to the log facility and greenbone-nvt-sync has been fixed.
  • An issue which caused nasl-lint to fail in case of unneeded nested functions has been addressed.
  • An issue which caused returning erroneous values by get_plugin_preference() has been addressed.
  • An issue which cause stuck scans where only a single plugin is running and is beyond its timeout has been addressed.
  • Issues reported by static code analysis have been addressed.
  • Issues in building process have been addressed.
  • Several code improvements and clean-ups have been done.

Removed

  • Unused internal_send/recv() functions have been removed.