File nikto.changes of Package nikto

-------------------------------------------------------------------
Mon Dec  4 11:33:05 UTC 2023 - Paolo Perego <paolo.perego@suse.com>

- Update to 2.5.0. Please see the documentation for all the changes.

-------------------------------------------------------------------
Wed Feb  1 14:07:05 UTC 2023 - Paolo Perego <paolo.perego@suse.com>

- Update to commit 90ff645 in nikto-2.5.0 branch that fixes 5 years of bug
  fixes
- Removed CVE-2018-11652.patch since upstream is already patched.
- Rebase nikto-config.patch to match upstream changes
- Changed shebang to reflect rpmlint suggestion

-------------------------------------------------------------------
Mon Jun  4 09:22:34 UTC 2018 - kbabioch@suse.com

- Added CVE-2018-11652.patch: Fixed a CSV injection vulnerability, which
  allowed remote attackers to inject arbitrary OS commands via the Server
  field in an HTTP response header (bnc#1095721 CVE-2018-11652).

-------------------------------------------------------------------
Tue Aug 18 14:51:38 UTC 2015 - sor.alexei@meowr.ru

- Update to 2.1.6.
- Install databases directory contents.
- Rebase nikto-config.patch.
- Remove nikto-fsf-address.patch.
- Minor spec cleanup.

-------------------------------------------------------------------
Mon Sep 17 07:20:33 UTC 2012 - jweberhofer@weberhofer.at

- Updated to version 2.1.5

  * updated fsf-address-patch
  * moved templates, plugins and database to /var/lib/nikto
  * updated configuration to match file-structure

- New Features

  * Save full response on positive, plaintext & JSON
  * 'maxtime' maximum execution time per host (seconds)
  * 'until' run until specified time or duration
  * 'IgnoreCode' option to allow db_404_strings @CODE from the command line
  * Replay saved JSON requests with replay.pl
  * Client SSL certificate support
  * Output file name now takes '.' which will auto-generate name
  * Content parsing to add items to db_variables values for enhanced testing
  * robots.txt lines are now added to db_variables values for enhanced testing

- New Checks

  * Check for wildcards in crossdomain.xml and clientaccesspolicy.xml
  * Find IPs in HTTP headers
  * Checked for sites parked at hosting providers or advertising pages
  * Parsed robots.txt now checks for listed files (for content search, etc.)
  * nikto_favicon.plugin checks for icons in <link> tags

- Enhancements

  * Fix bugs/minor enhancements in: XML reports, robots.txt parsing, wildcard
    certificate matching, banner parsing, tons more!
  * Default to use Net::SSL instead of Net::SSLeay as a result of too many
     memory issues in SSLeay
  * CSV reports include the same info as other reports
  * HTML reports include more meta information

-------------------------------------------------------------------
Fri Aug  3 23:00:22 UTC 2012 - jweberhofer@weberhofer.at

- Updated to 2.1.4
- linked docs directory to improve update
- fixed fsf-address

-------------------------------------------------------------------
Mon Feb 20 22:11:52 UTC 2012 - Greg.Freemyer@gmail.com

- For newer openSUSE releases change perl-Net_SSLeay to perl-Net-SSLeay

-------------------------------------------------------------------
Wed Feb 24 16:09:00 UTC 2010 - bitshuffler #suse@irc.freenode.org

- Updated to 2.1.1

-------------------------------------------------------------------
Wed Oct 21 18:32:42 UTC 2009 - bitshuffler #suse@irc.freenode.org

- Updated to 2.1.0

-------------------------------------------------------------------
Fri Mar 20 00:00:00 UTC 2009 - bitshuffler #suse@irc.freenode.org

- Initial RPM