Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:ciel1981:OpenVAS
openvas-scanner
openvas-scanner.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openvas-scanner.changes of Package openvas-scanner
------------------------------------------------------------------- Tue Feb 21 11:16:38 UTC 2023 - Martin Hauke <mardnh@gmx.de> - Update to version 22.4.1 https://github.com/greenbone/openvas-scanner/releases/tag/v22.4.1 ------------------------------------------------------------------- Wed Apr 27 10:06:38 UTC 2022 - Martin Hauke <mardnh@gmx.de> - Update to version 21.4.4 Added * flag to set cipher suite preferences on a TLS session. * Extend nasl_ssh_shell_read(). * Add nasl function nasl_send_arp_request(). * Add function to get the local mac address. * Add nasl functions for checking ssl/tls secure renegotiation and performing re-handshake (backport #889). Changed * handle Fatal alert during handshake. * extend cert_query() nasl function to get the public key algorithm. * Only log SSL/TLS failure once per script. * Make OPENVAS_ENCAPS_TLSv13 visible for nasl scripts. * Make OPENVAS_ENCAPS_TLSv13 visible for nasl scripts. * Update digest algo OID to string mapping. Bug Fixes * possible g_memdup() silent memory truncation. * Handle string encoding converison fail. * Fixing isotime_add and add zero padding for isotime [#920]. - Update to version 21.4.3 Added * Add nasl function sftp_enabled_check() to check if sftp subsystem is enabled in the target. * Fix Segmentation fault when freeing hosts and alive hosts. Changed * Changed defaults for installation locations. + SYSCONFDIR is /etc by default now + LOCALSTATEDIR is /var by default now + OPENVAS_RUN_DIR is /run/ospd by default now + OPENVAS_FEED_LOCK_PATH is /var/lib/openvas/feed-update.lock by default now Fixed * Fix interrupted scan, when the process table is full. * Use fchmod to change file permission instead of on open to prevent race conditions. * Fix plugins upload. * Fix Error Message when NVTI chache init failed. * Fix potential segfault. ------------------------------------------------------------------- Fri Aug 20 10:22:24 UTC 2021 - Martin Hauke <mardnh@gmx.de> - Update to version 21.4.2 * Fix clang-analyzer warnings. ------------------------------------------------------------------- Mon Jun 28 09:20:23 UTC 2021 - Martin Hauke <mardnh@gmx.de> - Update to version 21.4.1 Added * Improve nasl linter to catch more cases of undeclared variables. * Add deprecation warning for source_iface related settings which will be removed with the 21.10 release. * New Credentials for SSH to get su privileges. Changed * Update default log config. Fixed * Use host from the original hosts list when boreas is enabled. * Initialize the the kb to store results for openvas-nasl. * Fix unittest. Mock kb_lnk_reset. ------------------------------------------------------------------- Fri Apr 16 18:44:01 UTC 2021 - Martin Hauke <mardnh@gmx.de> - Update to version 21.4.0 Added * Add scanner-only option to enable tls debugging. * Extend nasl lint to detect if function parameter is used twice. * Add option to specify if a host can be scanned through its IPv4 and IPv6 in parallel. * Add insert_tcp_options and insert_tcp_v6_options nasl functions. * Add get_tcp_option and extend dump_tcp_packet nasl functions. * Add new scanner only option for spawning NASL functions with a different owner. * Add debug logs for allow_simultaneous_ips=no. * Add min_free_mem and max_sysload scanner only options. Changed * Store results in main_kb instead of host_kb. * Also use internal function name in some nasl log messages. * Move more scanner preferences to gvm-libs to make them available for openvas-nasl. Removed * Use the nvticache name from gvm-libs, defined in nvticache.h. ------------------------------------------------------------------- Sat Mar 6 17:00:36 UTC 2021 - Martin Hauke <mardnh@gmx.de> - Follow upstream package names * Rename package openvas -> openvas-scanner - Update to version 20.8.1 Added * Extend nasl lint to detect if function parameter is used twice * Add support for TLSv1.3. * Add alternative for supporting snmp during scans. * Add resolve_hostname_to_multiple_ips() NASL function. * Send message to the client with hosts count. * Use nasl_perror on invalid input and add more documentation. * Add timeout argument to ssh_connect() nasl function to set the connection timeout. Changed * Downgrade wmi queries log level for common errors. * Rename some nasl functions and func parameters for consistency and fix byte order issue in get_ipv6_element. * Change log level from debug to message to show max_host and max_scan during scan start. Fixed * Fork vhosts before creating the socket. * Check if another forked child has already added the same vhost. * Send duplicated hosts as dead hosts to ospd, to adjust scan progress calculation. * Only send the signal if the pid is a positive value. * When routes with same mask are found the route with the better metric is chosen. * Fix malformed target. * Fix snmp result. Only return the value and do not stop at the first \n. * Fix masking of IPv6 addresses. * Fix technique switch for getting the appropriate interface to use for IPv6 dst addr. * Fix host count. Set to -1 when the target string is invalid. ------------------------------------------------------------------- Tue Aug 11 18:42:54 UTC 2020 - Martin Hauke <mardnh@gmx.de> - Update to version 20.8.0 * Create greenbone-nvt-sync create lock file during feed sync. * Extend script_get_preference() to get the value by id. * Add extended environmental variables info to greenbone-nvt-sync help text. * Extend nasl functions which generate results with optional "uri" parameter. * Add nasl function to get the host kb index. * Print the filter used by pcap in the error message. Changed * The logging of the NASL internal regexp functions was extended to include the pattern in case of a failed regcomp(). * Add config for gpg keyring path (OPENVAS_GPG_BASE_DIR). * Use func instead of FUNCTION. * Use pcap_findalldevs() instead of deprecated function pcap_lookupdev(). * Add port-range option for openvas-nasl. * Add test_alive_hosts_only feature. * Don't reload the plugins when start a new scan. * Drop http feed sync. * Add aligned summary to log at scan end. * Unify log messages about start/end of scan and of hosts. * Use flock to lock the feed lock file. * Move alive detection module (Boreas) into gvm-libs. * Allow to set all legal types of icmp v6 in icmp header in openvas-nasl. * The output of the NASL dump_* packet forgery functions was made consistent. * Make drop_privileges setting a scanner-only preference. * Feed lock path is now configurable. Fixed * Improve signal handling when update vhosts list. * Wait for all children instead of waiting just for one a time. * Don't detect MongoDB as a HTTP service. * Set status finished and send a message if the port list is invalid. * Fix format-truncation warning in GCC 8.2 and later. * Clean the new kb when the scan was stopped and the host has not been started. * Prevent child deadlock. * Memleak fixes for kb_item_get_str(). * Fix denied hosts. * Fix openvas-nasl. Add kb key/value for all vhosts. * Wait for last plugin to finish before change to other category. * Corrected function parameter names in nasl_perror calls. * Various updates to the nasl_perror() error texts. * Fix icmp checksum calculation in openvas-nasl. * Fix ipv6 flow label in nasl_packet_forgery_v6() for openvas-nasl. * Fix name of NASL internal IPPROTO_IP variable. * Fix byte ordering and wrong PROTO identifier in dump_ipv6_packet() for openvas-nasl. * Fix size calculation which lead to alloc error in get_tcp_element() of openvas-nasl. * Fix filter out of default 'radio' type preferences. * Allow group access to lockfile and fix empty timestamp. Removed * Removed "network scan" mode. This includes removal of NASL API methods "scan_phase()" and "network_targets()". Sending a "network_mode=yes" in a scanner configuration will have no effect anymore. ------------------------------------------------------------------- Tue Aug 11 07:25:05 UTC 2020 - Martin Hauke <mardnh@gmx.de> - Package rename * openvas-scanner -> openvas - Update to version 7.0.1 Added * Display gvm-libs version in openvas --version output * Create greenbone-nvt-sync create lock file during feed sync. * Extend script_get_preference() to get the value by id. Changed * Improve handling of invalid or existent ids of nvt's preference id. * Perform a scan even if there are missing plugins. * Don't reload the plugins when start a new scan. * Use new URL for GCF rsync. Fixed * Do not store in memory an empty file received as nvt preference. * Fix stop scan. #414 * Fix hanging scans. #423 * Improve signal handling when update vhosts list. #426 * Wait for all children instead of waiting just for one a time. * Fix format-truncation warning in GCC 8.2 and later. Removed * Drop HTTP sync #489 - Update to version 7.0.1 Added * An ID has been added to NVT preferences. * A new NVT cross references data handling has been added. * Add option --scan-stop. * Add support to open an rc4 stream cipher, the function to encrypt stream data using the cipher handle, * and the function to close a handler. * Add one single config for redis to config/redis-openvas.conf. Changes * Vendor version is now an option in the config file. * The NVT preference format has been changed. * Redis supported versions must be 3.2 or higher. * Log directory is now configurable. * The greenbone-nvt-sync script is not allowed to run as root. * OpenVAS Scanner has been renamed to OpenVAS (Open Vulnerability Assessment Scanner). #337 #343 * Retry until a host finishes and frees a db before running a new host scan, in case there is no free redis db. Therefore a infinite loop has been added when it call kb_new(). #340 * Use new nvti_add_tag() instead of plug_set_tag() and remove plug_set_tag(). #385 * Remove dead code about tags regarding former openvas settings "result_prepend_tags" and "result_append_tags". #386 * Check cache/feed errors during plugin scheduling. * Vendor version is now an option in the config file. * Use API for accessing NVTI elements. Fixed * An issue with stuck scans where only a single plugin is running and is beyond its timeout has been addressed. * Fix a type mismatch. Use correct format specifier for size_t. * An issue which caused falling back into a default port in get_ssh_port() has been fixed. * An issue which could have caused a truncated string in register_service() has been fixed. * Reset redis connection after the host scan finished. This avoids to leave open fd, which cause ulimit problems. #384 * Fix mis-identification of Sphinx Search service. #387 * Set a key in redis when the scan finishes and fix stop scan using the right pid. #390 * Fix detection of finger service. #391 * Wait for zombie process in case of timed out nvts. #379 * Fix handling of file type nvt preferences. #399 Removed * Unused be_nice scan preferences has been removed. #313 * OTP has been entirely removed in favor of using the ospd-openvas interface. #333 #351 * Daemon mode has been entirely removed. #337 #341 ------------------------------------------------------------------- Tue Dec 6 13:08:47 UTC 2016 - michael@stroeder.com - update to 5.0.7 ------------------------------------------------------------------- Mon Feb 15 14:53:52 UTC 2016 - rwawrig@suse.com - update to 5.0.5 - Fixed a segmentation fault in the Scanner when processing an NVT without a proper name. - Install openvas-mkcert-client to "bin" instead of "sbin" to be FHS compliant - The process title now contains the correct IP address for IPv4-mapped IPv6 addresses. ------------------------------------------------------------------- Wed Aug 19 16:01:28 UTC 2015 - mrueckert@suse.de - remove unused -q option from service file ------------------------------------------------------------------- Tue Aug 18 15:21:29 UTC 2015 - mrueckert@suse.de - update to 5.0.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor