v0.23.4

Changelog

• 70fd968 fix(server): add filter cves (#1707)
• 0144135 feat(contrib/snmp2cpe): add other fortinet products (#1636)
• 4a28722 fix(scanner): fix socket file name length of SSH ControlPath (#1714)
• dea9ed7 fix: errorlog future-vuls trivy-to-vuls (#1739)
• f6509a5 feat(config): Auto-upgrade Windows config.toml from v1 to v2 (#1726)
• 80b48fc feat(contrib/fvuls) Add commands to obtained CPE information of network devices by executing snmp2cpe and upload to Fvuls server (#1721)
• 3f2dbe3 chore(deps): bump github.com/aws/aws-sdk-go from 1.44.300 to 1.45.6 (#1730)
• 5ffd620 chore(deps): bump golang.org/x/oauth2 from 0.8.0 to 0.12.0 (#1731)
• a23abf4 chore(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.3 (#1687)
• 6e14a2d chore(deps): bump github.com/aws/aws-sdk-go from 1.44.263 to 1.44.300 (#1706)
• e12fa0b chore(deps): bump google.golang.org/grpc from 1.52.0 to 1.53.0 (#1699)
• fa5b875 chore(deps): bump github.com/BurntSushi/toml from 1.2.1 to 1.3.2 (#1692)
• f9276a7 feat(windows) export DetectKBsFromKernelVersion (#1703)

v0.23.3

Changelog

• 457a3a9 feat(scanner/windows): update release info (#1696)
• 4253550 chore(scanner): do not show logs when lsof: no Internet files located (#1688)
• 97cf033 feat(os): add Fedora 38 EOL date (#1689)
• 5a69804 feat(ubuntu): Support Ubuntu 14.04 and 16.04 ESM (#1682)
• 6271ec5 fix(detector/github): Enhance the dependency graph API call on the big repository (#1681)
• 83681ad chore(deps): bump github.com/aws/aws-sdk-go from 1.44.259 to 1.44.263 (#1677)
• 7798338 chore(deps): bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 (#1678)
• 5c79720 fix(detector/github): Dependency graph API touches fewer data per page than before (#1654)
• b2c5b79 feat(os): support debian 12 (#1676)
• b0cc908 chore(deps): bump github.com/docker/distribution (#1675)

v0.23.2

What's Changed

• chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 68.0.0+incompatible by @dependabot in #1588
• chore(deps): bump github.com/aws/aws-sdk-go from 1.44.136 to 1.44.249 by @dependabot in #1656
• chore(deps): bump github.com/emersion/go-smtp from 0.14.0 to 0.16.0 by @dependabot in #1580
• feat(ubuntu): add ubuntu 23.04 by @MaineK00n in #1647
• chore(deps): bump github.com/spf13/cobra from 1.6.1 to 1.7.0 by @dependabot in #1658
• chore(deps): bump go.etcd.io/bbolt from 1.3.6 to 1.3.7 by @dependabot in #1657
• chore(deps): bump github.com/c-robinson/iplib from 1.0.3 to 1.0.6 by @dependabot in #1659
• chore(deps): bump github.com/aws/aws-sdk-go from 1.44.249 to 1.44.251 by @dependabot in #1660
• chore(deps): bump github.com/Ullaakut/nmap/v2 from 2.1.2-0.20210406060955-59a52fe80a4f to 2.2.2 by @dependabot in #1665
• chore(deps): bump golang.org/x/oauth2 from 0.1.0 to 0.7.0 by @dependabot in #1662
• chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.0 to 0.7.1 by @dependabot in #1663
• fix(saas): remove current directory part by @MaineK00n in #1666
• chore(deps): update goval-dictionary v0.8.3 by @MaineK00n in #1671
• chore(deps): bump github.com/aws/aws-sdk-go from 1.44.251 to 1.44.254 by @dependabot in #1669
• chore(deps): bump golang.org/x/sync from 0.1.0 to 0.2.0 by @dependabot in #1673
• chore(deps): bump github.com/aws/aws-sdk-go from 1.44.254 to 1.44.259 by @dependabot in #1672
• chore(deps): update dictionary tools, Vuls is now CGO free by @MaineK00n in #1667
• test: sort []cveContent by CVEID by @MaineK00n in #1674

Full Changelog: v0.23.1...v0.23.2

v0.23.1

Changelog

• b91a7b7 fix(detector/github): Github dependency graph API request will be retried on error (#1650)
• 333eae0 fix order in identifying amazon linux version (#1652)
• 93d401c chore(integration): update commit (#1649)
• 99dc8e8 feat(gost/ubuntu): check kernel source package more strictly (#1599)
• fb904f0 refactor(reporter): refactoring TelegramWriter, GoogleChatWriter (#1628)
• d4d33fc fix(scanner/dpkg): Fix false-negative in Debian and Ubuntu (#1646)
• a1d3fbf fix(scan): false positives in Debian Pkg for CVE-IDs already detected by Trivy (#1639)
• 2cdfbe3 fix: dependency graph using small query at once to avoid timeout (#1642)
• ac82901 fix(configtest): amazon linux 2022, 2023 require dnf-utils (#1635)

v0.23.0

Changelog

• abdb081 feat(scanner): skip ssh config validation if G option is unknown option (#1632)
• e506125 feat(wp): support csh, no sudo scan (#1523)
• 8ccaa8c fix(scanner/windows): support installationType Domain Controller (#1627)
• de1ed8e feat(ci): add windows for snmp2cpe (#1626)
• 947d668 feat(windows): support Windows (#1581)
• db21149 feat(contrib): add snmp2cpe (#1625)
• 7f35f4e chore(deps): bump github.com/hashicorp/go-getter from 1.6.2 to 1.7.0 (#1606)

v0.22.2

Changelog

• 6682232 feat(os): support Amazon Linux 2023 (#1621)
• 984debe fix(detector/github) change timeout 10s to 10m (#1616)

v0.22.1

Changelog

• a528362 fix(saas): upload JSON if err occured during scan (#1615)
• ee97d98 feat: update EOL (#1598)
• 4e486da style: fix typo (#1592)
• 897fef2 feat(detector/exploitdb): mod update and add more urls (#1610)
• 73f0ada fix: use GetCveContentTypes instead of NewCveContentType (#1603)
• 7044929 Revert: gost/Ubuntu.ConvertToModel() is public method now (#1597)
• 1927ed3 fix(report): tidy dependencies for multiple repo on integration with GSA (#1593)
• ad2edbb fix(ubuntu): vulnerability detection for kernel package (#1591)
• bfe0db7 feat(cwe): add cwe-id for category and view (#1578)
• ff3b9cd fix: add comment (#1585)
• 2deb1b9 chore: update version for golangci-lint (#1586)
• ca64d7f feat(report): Include dependencies into scan result and cyclondex for supply chain security on Integration with GitHub Security Alerts (#1584)

v0.23.0-beta

What's Changed

• chore: update version for golangci-lint by @kl-sinclair in #1586
• fix: add comment by @MaineK00n in #1585
• feat(cwe): add cwe-id for category and view by @MaineK00n in #1578
• fix(ubuntu): vulnerability detection for kernel package by @MaineK00n in #1591
• fix(report): tidy dependencies for multiple repo on integration with GSA by @kl-sinclair in #1593
• fix(ubuntu): dependency problem by @kl-sinclair in #1597
• fix: use GetCveContentTypes instead of NewCveContentType by @MaineK00n in #1603
• feat(detector/exploitdb): mod update and add more urls by @MaineK00n in #1610
• style: fix typo by @MaineK00n in #1592
• feat: update EOL by @MaineK00n in #1598

Full Changelog: v0.22.0...v0.23.0-beta

v0.22.0

Changelog

• 554ecc4 fix(report/email): add Critical to email summary (#1565)
• f6cd4d9 feat(libscan): support conan.lock C/C++ (#1572)
• 03c5986 feat(libscan): support gradle.lockfile (#1568)

v0.21.1

Changelog

• 1d97e91 fix(libscan): delete map that keeps all file contents detected by FindLock to save memory (#1556)