Skip to content

Latest commit

 

History

History
514 lines (436 loc) · 50.9 KB

CHANGELOG.md

File metadata and controls

514 lines (436 loc) · 50.9 KB

Change Log

v0.4.1 and later, see GitHub release

v0.4.0 (2017-08-25)

Full Changelog

Implemented enhancements:

  • Output changelog in report, TUI and JSON for RHEL #367
  • Output changelog in report, TUI and JSON for Amazon Linux #366
  • Improve scanning accuracy by checking package versions #256
  • Improve SSH #415
  • Enable to scan even if target server can not connect to the Internet #258
  • SSH Hostkey check #417 (kotakanbe)
  • v0.4.0 #449 (kotakanbe)
  • Change default ssh method from go library to external command #416 (kotakanbe)
  • Add containers-only option to configtest #411 (knqyf263)

Fixed bugs:

  • Running Vuls tui before vuls report does not show vulnerabilities checked by CPE #396
  • With a long package name, Local shell mode (stty dont' work) #444
  • Improve SSH #415
  • Report that a vulnerability exists in the wrong package #408
  • With a long package name, a parse error occurs. #391
  • Ubuntu failed to scan vulnerable packages #205
  • CVE-ID in changelog can't be picked up. #154
  • v0.4.0 #449 (kotakanbe)
  • Fix SSH dial error #413 (kotakanbe)
  • Update deps, Change deps tool from glide to dep #412 (kotakanbe)
  • fix report option Loaded error-info #406 (hogehogehugahuga)
  • Add --user root to docker exec command #389 (PaulFurtado)

Closed issues:

  • README.md.ja not include "Oracle Linux, FreeBSD" #465
  • Can't scan remote server - (centos 7 - updated) #451
  • An abnormality in the result of vuls tui #439
  • compile faild #436
  • Can't install vuls on CentOS 7 #432
  • Vuls scan doesn't show severity score in any of the vulnerable packages #430
  • Load config failedtoml: cannot load TOML value of type string into a Go slice #429
  • vuls scan not running check-update with sudo for Centos 7 #428
  • options for configtest not being activated #422
  • "could not find project Gopkg.toml, use dep init to initiate a manifest" when installing vuls #420
  • go get not get #407
  • Failed to scan via docker. err: Unknown format #404
  • Failed to scan - kernel-xxx is an installed security update #403
  • 169.254.169.254 port 80: Connection refused #402
  • vuls scan --debug cause invalid memory address error #397
  • Provide a command line flag that will automatically install aptitude on debian? #390

Merged pull requests:

v0.3.0 (2017-03-24)

Full Changelog

Implemented enhancements:

  • Changelog parsing fails when package maintainers aren't consistent regarding versions #327
  • Docker scan doesn't report image name #325
  • vuls report -to-email only one E-Mail #295
  • Support RHEL5 #286
  • Continue scanning even when some hosts have tech issues? #264
  • Normalization of JSON output #259
  • Add report subcommand, change scan subcommand options #239
  • scan localhost? #210
  • Can Vuls show details about updateable packages #341
  • Scan all containers except #285
  • Notify the difference from the previous scan result #255
  • EC2RoleCreds support? #250
  • Output confidence score of detection accuracy and detection method to JSON or Reporting #350 (kotakanbe)
  • Avoid null slice being null in JSON #345 (kotakanbe)
  • Add -format-one-email option #331 (knqyf263)
  • Support Raspbian #330 (knqyf263)
  • Add leniancy to the version matching for debian to account for versio… #328 (jsulinski)
  • Add image information for docker containers #326 (jsulinski)
  • Continue scanning even when some hosts have tech issues #309 (kotakanbe)
  • Add -log-dir option #301 (knqyf263)
  • Use --assumeno option #300 (knqyf263)
  • Add local scan mode(Scan without SSH when target server is localhost) #291 (kotakanbe)
  • Support RHEL5 #289 (kotakanbe)
  • Add LXD support #288 (jiazio)
  • Add timeout option to configtest #400 (kotakanbe)
  • Notify the difference from the previous scan result #392 (knqyf263)
  • Add Oracle Linux support #386 (Djelibeybi)
  • Change container scan format in config.toml #381 (kotakanbe)
  • Obsolete CentOS5 support #378 (kotakanbe)
  • Deprecate prepare subcommand to minimize the root authority defined by /etc/sudoers #375 (kotakanbe)
  • Support IAM role for report to S3. #370 (ohsawa0515)
  • Add .travis.yml #363 (knqyf263)
  • Output changelog in report, TUI and JSON for Ubuntu/Debian/CentOS #356 (kotakanbe)

Fixed bugs:

  • Debian scans failing in docker #323
  • Local CVE DB is still checked, even if a CVE Dictionary URL is defined #316
  • vuls needs gmake. #313
  • patch request for FreeBSD #312
  • Report: failed to read from json (Docker) #294
  • -report-mail option does not output required mail header #282
  • PackInfo not found error when vuls scan. #281
  • Normalize character set #279
  • The number of Updatable Packages is different from the number of yum check-update #373
  • sudo is needed when exec yum check-update on RHEL7 #371
  • 123-3ubuntu4 should be marked as ChangelogLenientMatch #362
  • CentOS multi package invalid result #360
  • Parse error after check-update. (Unknown format) #359
  • Fix candidate to confidence. #354 (kotakanbe)
  • Bug fix: not send e-mail to cc address #346 (knqyf263)
  • Change the command used for os detection from uname to freebsd-version #340 (kotakanbe)
  • Fix error handling of detectOS #337 (kotakanbe)
  • Fix infinite retry at size overrun error in Slack report #329 (kotakanbe)
  • aptitude changelog defaults to using more, which is not interactive a… #324 (jsulinski)
  • Do not use sudo when echo #322 (knqyf263)
  • Reduce privilege requirements for commands that don't need sudo on Ubuntu/Debian #319 (jsulinski)
  • Don't check for a CVE DB when CVE Dictionary URL is defined #317 (jsulinski)
  • Fix typo contianer -> container #314 (justyns)
  • Fix the changelog cache logic for ubuntu/debian #305 (kotakanbe)
  • Fix yum updateinfo options #304 (kotakanbe)
  • Update glide.lock to fix create-log-dir error. #303 (kotakanbe)
  • Fix a bug in logging (file output) at scan command #302 (kotakanbe)
  • Add -pipe flag #294 #299 (kotakanbe)
  • Fix RHEL5 scan stopped halfway #293 (kotakanbe)
  • Fix amazon linux scan stopped halfway #292 (kotakanbe)
  • Fix nil-ponter in TUI #388 (kotakanbe)
  • Fix Bug of Mysql Backend #384 (kotakanbe)
  • Fix scan confidence on Ubuntu/Debian/Raspbian #362 #379 (kotakanbe)
  • Fix updatalbe packages count #373 #374 (kotakanbe)
  • sudo yum check-update on RHEL #372 (kotakanbe)
  • Change ssh option from -t to -tt #369 (knqyf263)
  • Increase the width of RequestPty #364 (knqyf263)

Closed issues:

  • vuls configtest --debugがsudoのチェックで止まってしまう #395
  • Add support for Oracle Linux #385
  • error on install - Ubuntu 16.04 #376
  • Unknown OS Type #335
  • mac os 10.12.3 make install error #334
  • assumeYes doesn't work because there is no else condition #320
  • Debian scan uses sudo where unnecessary #318
  • Add FreeBSD 11 to supported OS on documents. #311
  • docker fetchnvd failing #274
  • Latest version of labstack echo breaks installation #268
  • fetchnvd Fails using example loop #267

Merged pull requests:

v0.2.0 (2017-01-10)

Full Changelog

Implemented enhancements:

Fixed bugs:

Closed issues:

  • gocui.NewGui now takes a parameter #261
  • Add a --yes flag to bypass interactive prompt for vuls prepare #260
  • vuls prepare doesn't work on Debian host due to apt-get confirmation prompt #251

Merged pull requests:

v0.1.7 (2016-11-08)

Full Changelog

Implemented enhancements:

Fixed bugs:

  • Debian 8.6 (jessie) scan does not show vulnerable packages #235
  • panic: runtime error: index out of range - ubuntu 16.04 + vuls history #180
  • Moved golang.org/x/net/context to context #243 (yoheimuta)
  • Fix changelog cache bug on Ubuntu and Debian #235 #238 (kotakanbe)
  • add '-ssh-external' option to prepare subcommand #234 (mykstmhr)
  • Fixed error for the latest version of gocui #231 (ymd38)
  • Handle the refactored gocui SetCurrentView method. #229 (oswell)
  • Fix locale env var LANG to LANGUAGE #215 (kotakanbe)
  • Fixed bug with parsing update line on CentOS/RHEL #206 (andyone)
  • Fix defer cache.DB.close #201 (kotakanbe)
  • Fix a help message of -report-azure-blob option #195 (kotakanbe)
  • Fix error handling in tui #193 (kotakanbe)
  • Fix not working changelog cache on Container #189 (kotakanbe)
  • Fix release version detection on FreeBSD #184 (kotakanbe)
  • Fix defer cahce.DB.close() #183 (kotakanbe)
  • Fix a mode of files/dir (report, log) #182 (kotakanbe)
  • Fix a error when no json dirs are found under results #180 #181 (kotakanbe)
  • ssh-external option of configtest is not working #178 #179 (kotakanbe)

Closed issues:

  • --enable-repos of yum option #246
  • --skip-broken at yum option #245
  • Recent changes to gobui cause build failures #228
  • https://hub.docker.com/r/vuls/go-cve-dictionary/ is empty #208
  • Not able to install gomail fails #202
  • No results file created - vuls tui failed #199
  • Wrong file permissions for results/*.json in official Docker container #197
  • Failed: Unknown OS Type #196
  • Segmentation fault with configtest #192
  • Failed to scan. err: No server defined. Check the configuration #187
  • vuls configtest -ssh-external doesnt work #178
  • apt-get update: time out #175
  • scanning on Centos6, but vuls recognizes debian. #174
  • Fix READMEja #164 #173

Merged pull requests:

v0.1.6 (2016-09-12)

Full Changelog

Implemented enhancements:

Fixed bugs:

  • Failed to setup vuls docker #170
  • yum check-update error occurred when no reboot after kernel updating #165
  • error thrown from 'docker build .' #157
  • CVE-ID is truncated to 4 digits #153
  • 'yum update --changelog' stalled in 'vuls scan'. if ssh user is not 'root'. #150
  • Panic on packet scan #131
  • Update glide.lock #170 #171 (kotakanbe)
  • Fix detecting a platform on Azure #168 (kotakanbe)
  • Fix parse error for yum check-update #165 #166 (kotakanbe)
  • Fix bug: Vuls on Docker #159 (tjinjin)
  • Fix CVE-ID is truncated to 4 digits #155 (usiusi360)
  • Fix yum update --changelog stalled when non-root ssh user on CentOS #150 #151 (kotakanbe)

Closed issues:

  • Support su for root privilege escalation #44
  • Support FreeBSD #34

Merged pull requests:

v0.1.5 (2016-08-16)

Full Changelog

Implemented enhancements:

  • Enable to scan without running go-cve-dictionary as server mode #84
  • Support high-speed scanning for CentOS #138 (tai-ga)
  • Add configtest subcommand. skip un-ssh-able servers. #134 (kotakanbe)
  • Support -report-azure-blob option #130 (kotakanbe)
  • Add optional key-values that will be outputted to JSON in config #117 (kotakanbe)
  • Change dir structure #115 (kotakanbe)
  • Add some validation of loading config. user, host and port #113 (kotakanbe)
  • Support scanning with external ssh command #101 (kotakanbe)
  • Detect Platform and get instance-id of amazon ec2 #95 (kotakanbe)
  • Add -report-s3 option #92 (kotakanbe)
  • Added FreeBSD support. #90 (justyntemme)
  • Add glide files for vendoring #89 (kotakanbe)
  • Fix README, change -cvedbpath to -cve-dictionary-dbpath #84 #85 (kotakanbe)
  • Add option for it get cve detail from cve.sqlite3. #81 (ymd38)
  • Add -report-text option, Fix small bug of report in japanese #78 (kotakanbe)
  • Add JSONWriter, Fix CVE sort order of report #77 (kotakanbe)

Fixed bugs:

Closed issues:

  • SSh password authentication failed on FreeBSD #99
  • BUG: -o pipefail is not work on FreeBSD's /bin/sh. because it isn't bash #91
  • Use ~/.ssh/config #62
  • SSH ciphers #37

Merged pull requests:

v0.1.4 (2016-05-24)

Full Changelog

Implemented enhancements:

Fixed bugs:

  • vuls scan -cvss-over does not work. #59
  • panic: runtime error: invalid memory address or nil pointer dereference when scan CentOS5.5 #58
  • It rans out of memory. #47
  • BUG: vuls scan on CentOS with Japanese environment. #43
  • yum --color=never #36
  • Failed to parse yum check-update #32
  • Pointless sudo #29
  • Can't init database in a path having blanks #26
  • Fix pointless sudo in debian.go #29 #66 (kotakanbe)
  • Fix error handling of httpGet in cve-client #58 #64 (kotakanbe)
  • Fix nil pointer at error handling of cve_client #58 #63 (kotakanbe)
  • Set language en_US. #61 (pabroff)
  • Fix -cvss-over flag #59 #60 (kotakanbe)
  • Fix scan on Japanese environment. #55 (pabroff)
  • Fix a typo: replace Depricated by Deprecated. #54 (jody-frankowski)
  • Fix yes no infinite loop while doing yum update --changelog on root@CentOS #47 #50 (pabroff)
  • Fix $servername in output of discover command #45 (kotakanbe)

v0.1.3 (2016-04-21)

Full Changelog

Implemented enhancements:

Fixed bugs:

  • Issues updating CVE database behind https proxy #39
  • Vuls failed to parse yum check-update #24
  • Fix yum to yum --color=never #36 #42 (kotakanbe)
  • Fix parse yum check update #40 (kotakanbe)
  • fix typo #31 (blue119)
  • Fix error while parsing yum check-update #24 #30 (kotakanbe)

Closed issues:

  • Unable to scan on ubuntu because changelog.ubuntu.com is down... #21
  • err: Not initialize(d) yet.. #16
  • Errors when using fish shell #8

v0.1.2 (2016-04-12)

Full Changelog

Fixed bugs:

  • Maximum 6 nodes available to scan #12
  • panic: runtime error: index out of range #5
  • Fix sudo option on RedHat like Linux and change some messages. #20 (kotakanbe)
  • Typo fix and updated readme #19 (EuanKerr)
  • remove a period at the end of error messages. #18 (kotakanbe)
  • fix error while yum updateinfo --security update on rhel@aws #17 (kotakanbe)
  • Fixed typos #15 (radarhere)
  • Typo fix in error messages #14 (Bregor)
  • Fix index out of range error when the number of servers is over 6. #12 #13 (kotakanbe)
  • Revise small grammar mistakes in serverapi.go #9 (cpobrien)
  • Fix error handling in HTTP backoff function #7 (kotakanbe)

v0.1.1 (2016-04-06)

Full Changelog

Fixed bugs:

v0.1.0 (2016-04-04)

Merged pull requests:

* This Change Log was automatically generated by github_changelog_generator