All Versions
11
Latest Version
Avg Release Cycle
51 days
Latest Release
2655 days ago

Changelog History
Page 1

  • v0.4.0 Changes

    August 25, 2017

    Full Changelog

    Implemented enhancements:

    • Output changelog in report, TUI and JSON for RHEL #367
    • ๐Ÿง Output changelog in report, TUI and JSON for Amazon Linux #366
    • ๐Ÿ‘Œ Improve scanning accuracy by checking package versions #256
    • ๐Ÿ‘Œ Improve SSH #415
    • Enable to scan even if target server can not connect to the Internet #258
    • SSH Hostkey check #417 (kotakanbe)
    • v0.4.0 #449 (kotakanbe)
    • ๐Ÿ”„ Change default ssh method from go library to external command #416 (kotakanbe)
    • โž• Add containers-only option to configtest #411 (knqyf263)

    ๐Ÿ›  Fixed bugs:

    • Running Vuls tui before vuls report does not show vulnerabilities checked by CPE #396
    • ๐Ÿ“ฆ With a long package name, Local shell mode (stty dont' work) #444
    • ๐Ÿ‘Œ Improve SSH #415
    • ๐Ÿ“ฆ Report that a vulnerability exists in the wrong package #408
    • ๐Ÿ“ฆ With a long package name, a parse error occurs. #391
    • ๐Ÿ“ฆ Ubuntu failed to scan vulnerable packages #205
    • CVE-ID in changelog can't be picked up. #154
    • v0.4.0 #449 (kotakanbe)
    • ๐Ÿ›  Fix SSH dial error #413 (kotakanbe)
    • โšก๏ธ Update deps, Change deps tool from glide to dep #412 (kotakanbe)
    • ๐Ÿ›  fix report option Loaded error-info #406 (hogehogehugahuga)
    • โž• Add --user root to docker exec command #389 (PaulFurtado)

    Closed issues:

    • ๐Ÿง README.md.ja not include "Oracle Linux, FreeBSD" #465
    • โšก๏ธ Can't scan remote server - (centos 7 - updated) #451
    • An abnormality in the result of vuls tui #439
    • compile faild #436
    • Can't install vuls on CentOS 7 #432
    • ๐Ÿ“ฆ Vuls scan doesn't show severity score in any of the vulnerable packages #430
    • Load config failedtoml: cannot load TOML value of type string into a Go slice #429
    • โšก๏ธ vuls scan not running check-update with sudo for Centos 7 #428
    • โœ… options for configtest not being activated #422
    • "could not find project Gopkg.toml, use dep init to initiate a manifest" when installing vuls #420
    • go get not get #407
    • ๐Ÿณ Failed to scan via docker. err: Unknown format #404
    • โšก๏ธ Failed to scan - kernel-xxx is an installed security update #403
    • 169.254.169.254 port 80: Connection refused #402
    • vuls scan --debug cause invalid memory address error #397
    • ๐Ÿ’ป Provide a command line flag that will automatically install aptitude on debian? #390

    ๐Ÿ”€ Merged pull requests:

  • v0.3.0 Changes

    March 24, 2017

    Full Changelog

    Implemented enhancements:

    • ๐Ÿ”„ Changelog parsing fails when package maintainers aren't consistent regarding versions #327
    • ๐Ÿณ Docker scan doesn't report image name #325
    • vuls report -to-email only one E-Mail #295
    • ๐Ÿ‘Œ Support RHEL5 #286
    • Continue scanning even when some hosts have tech issues? #264
    • Normalization of JSON output #259
    • โž• Add report subcommand, change scan subcommand options #239
    • scan localhost? #210
    • โšก๏ธ Can Vuls show details about updateable packages #341
    • Scan all containers except #285
    • ๐Ÿ”” Notify the difference from the previous scan result #255
    • ๐Ÿ‘ EC2RoleCreds support? #250
    • Output confidence score of detection accuracy and detection method to JSON or Reporting #350 (kotakanbe)
    • Avoid null slice being null in JSON #345 (kotakanbe)
    • โž• Add -format-one-email option #331 (knqyf263)
    • ๐Ÿ‘Œ Support Raspbian #330 (knqyf263)
    • โž• Add leniancy to the version matching for debian to account for versioโ€ฆ #328 (jsulinski)
    • โž• Add image information for docker containers #326 (jsulinski)
    • Continue scanning even when some hosts have tech issues #309 (kotakanbe)
    • โž• Add -log-dir option #301 (knqyf263)
    • ๐Ÿ‘‰ Use --assumeno option #300 (knqyf263)
    • โž• Add local scan mode(Scan without SSH when target server is localhost) #291 (kotakanbe)
    • ๐Ÿ‘Œ Support RHEL5 #289 (kotakanbe)
    • โž• Add LXD support #288 (jiazio)
    • โž• Add timeout option to configtest #400 (kotakanbe)
    • ๐Ÿ”” Notify the difference from the previous scan result #392 (knqyf263)
    • โž• Add Oracle Linux support #386 (Djelibeybi)
    • ๐Ÿ”„ Change container scan format in config.toml #381 (kotakanbe)
    • ๐Ÿ‘ Obsolete CentOS5 support #378 (kotakanbe)
    • ๐Ÿ—„ Deprecate prepare subcommand to minimize the root authority defined by /etc/sudoers #375 (kotakanbe)
    • ๐Ÿ‘Œ Support IAM role for report to S3. #370 (ohsawa0515)
    • โž• Add .travis.yml #363 (knqyf263)
    • Output changelog in report, TUI and JSON for Ubuntu/Debian/CentOS #356 (kotakanbe)

    ๐Ÿ›  Fixed bugs:

    • ๐Ÿณ Debian scans failing in docker #323
    • Local CVE DB is still checked, even if a CVE Dictionary URL is defined #316
    • vuls needs gmake. #313
    • patch request for FreeBSD #312
    • ๐Ÿณ Report: failed to read from json (Docker) #294
    • -report-mail option does not output required mail header #282
    • PackInfo not found error when vuls scan. #281
    • Normalize character set #279
    • โšก๏ธ The number of Updatable Packages is different from the number of yum check-update #373
    • โšก๏ธ sudo is needed when exec yum check-update on RHEL7 #371
    • 123-3ubuntu4 should be marked as ChangelogLenientMatch #362
    • ๐Ÿ“ฆ CentOS multi package invalid result #360
    • โšก๏ธ Parse error after check-update. (Unknown format) #359
    • ๐Ÿ›  Fix candidate to confidence. #354 (kotakanbe)
    • ๐Ÿ› Bug fix: not send e-mail to cc address #346 (knqyf263)
    • ๐Ÿ”„ Change the command used for os detection from uname to freebsd-version #340 (kotakanbe)
    • ๐Ÿ›  Fix error handling of detectOS #337 (kotakanbe)
    • ๐Ÿ›  Fix infinite retry at size overrun error in Slack report #329 (kotakanbe)
    • 0๏ธโƒฃ aptitude changelog defaults to using more, which is not interactive aโ€ฆ #324 (jsulinski)
    • Do not use sudo when echo #322 (knqyf263)
    • โฌ‡๏ธ Reduce privilege requirements for commands that don't need sudo on Ubuntu/Debian #319 (jsulinski)
    • Don't check for a CVE DB when CVE Dictionary URL is defined #317 (jsulinski)
    • ๐Ÿ›  Fix typo contianer -> container #314 (justyns)
    • ๐Ÿ›  Fix the changelog cache logic for ubuntu/debian #305 (kotakanbe)
    • ๐Ÿ›  Fix yum updateinfo options #304 (kotakanbe)
    • โšก๏ธ Update glide.lock to fix create-log-dir error. #303 (kotakanbe)
    • ๐Ÿ›  Fix a bug in logging (file output) at scan command #302 (kotakanbe)
    • โž• Add -pipe flag #294 #299 (kotakanbe)
    • ๐Ÿ›  Fix RHEL5 scan stopped halfway #293 (kotakanbe)
    • ๐Ÿ›  Fix amazon linux scan stopped halfway #292 (kotakanbe)
    • ๐Ÿ›  Fix nil-ponter in TUI #388 (kotakanbe)
    • ๐Ÿ›  Fix Bug of Mysql Backend #384 (kotakanbe)
    • ๐Ÿ›  Fix scan confidence on Ubuntu/Debian/Raspbian #362 #379 (kotakanbe)
    • ๐Ÿ›  Fix updatalbe packages count #373 #374 (kotakanbe)
    • โšก๏ธ sudo yum check-update on RHEL #372 (kotakanbe)
    • ๐Ÿ”„ Change ssh option from -t to -tt #369 (knqyf263)
    • Increase the width of RequestPty #364 (knqyf263)

    Closed issues:

    • โœ… vuls configtest --debugใŒsudoใฎใƒใ‚งใƒƒใ‚ฏใงๆญขใพใฃใฆใ—ใพใ† #395
    • โž• Add support for Oracle Linux #385
    • error on install - Ubuntu 16.04 #376
    • Unknown OS Type #335
    • mac os 10.12.3 make install error #334
    • assumeYes doesn't work because there is no else condition #320
    • Debian scan uses sudo where unnecessary #318
    • โž• Add FreeBSD 11 to supported OS on documents. #311
    • ๐Ÿณ docker fetchnvd failing #274
    • โœ… Latest version of labstack echo breaks installation #268
    • fetchnvd Fails using example loop #267

    ๐Ÿ”€ Merged pull requests:

  • v0.2.0 Changes

    January 10, 2017

    Full Changelog

    Implemented enhancements:

    • โž• Add report subcommand, change scan options. #239 #270 (kotakanbe)
    • โž• Add --assume-yes to prepare #260 #266 (Code0x58)
    • ๐Ÿ‘‰ Use RFC3339 timestamps in the results #265 (Code0x58)

    ๐Ÿ›  Fixed bugs:

    • vuls prepare failed to centos7 #275
    • Failed to scan on RHEL5 #94
    • ๐Ÿ›  Fix container os detection #287 (jiazio)
    • โž• Add date header to report mail. #283 (ymomoi)
    • โž• Add Content-Type header to report/mail.go . #280 (hogehogehugahuga)
    • Keep output of "vuls scan -report-*" to be same every times #272 (yoheimuta)
    • ๐Ÿ›  Fix JSON-dir regex pattern #265 #271 (kotakanbe)
    • ๐Ÿ Stop quietly ignoring --ssh-external on Windows #263 (Code0x58)
    • ๐Ÿ›  Fix non-interactive apt-get install #251 #253 (Code0x58)

    Closed issues:

    • gocui.NewGui now takes a parameter #261
    • โž• Add a --yes flag to bypass interactive prompt for vuls prepare #260
    • vuls prepare doesn't work on Debian host due to apt-get confirmation prompt #251

    ๐Ÿ”€ Merged pull requests:

  • v0.1.7 Changes

    November 08, 2016

    Full Changelog

    Implemented enhancements:

    • ๐Ÿณ Enable to scan only docker container, without docker host #122
    • โž• Add -skip-broken option [CentOS only] #245 #248 (kotakanbe)
    • Display unknown CVEs to TUI #244 (kotakanbe)
    • โž• Add the XML output #240 (gleentea)
    • โž• add '-ssh-external' option to prepare subcommand #234 (mykstmhr)
    • โ†” Integrate OWASP Dependency Check #232 (kotakanbe)
    • โž• Add support for reading CVE data from MySQL. #225 (oswell)
    • โœ‚ Remove base docker image, -v shows commit hash #223 (sadayuki-matsuno)
    • ๐Ÿ‘Œ Support ignore CveIDs in config #222 (kotakanbe)
    • Confirm before installing dependencies on prepare #219 (kotakanbe)
    • โœ‚ Remove all.json #218 (kotakanbe)
    • โž• Add GitHub issue template #217 (kotakanbe)
    • ๐Ÿ‘Œ Improve makefile, -version shows git hash, fix README #216 (kotakanbe)
    • ๐Ÿ”„ change e-mail package from gomail to net/smtp #211 (sadayuki-matsuno)
    • โž• Add only-containers option to scan subcommand #122 #190 (kotakanbe)
    • ๐Ÿ›  Fix -results-dir option of scan subcommand #185 (kotakanbe)
    • ๐Ÿ‘‰ Show error when no scannable servers are detected. #177 (kotakanbe)
    • โž• Add sudo check to prepare subcommand #176 (kotakanbe)
    • ๐Ÿ‘Œ Supports yum --enablerepo option (supports only base,updates for now) #147 (kotakanbe)

    ๐Ÿ›  Fixed bugs:

    • ๐Ÿ“ฆ Debian 8.6 (jessie) scan does not show vulnerable packages #235
    • panic: runtime error: index out of range - ubuntu 16.04 + vuls history #180
    • ๐Ÿšš Moved golang.org/x/net/context to context #243 (yoheimuta)
    • ๐Ÿ›  Fix changelog cache bug on Ubuntu and Debian #235 #238 (kotakanbe)
    • โž• add '-ssh-external' option to prepare subcommand #234 (mykstmhr)
    • ๐Ÿ›  Fixed error for the latest version of gocui #231 (ymd38)
    • ๐Ÿ”จ Handle the refactored gocui SetCurrentView method. #229 (oswell)
    • ๐Ÿ›  Fix locale env var LANG to LANGUAGE #215 (kotakanbe)
    • ๐Ÿ›  Fixed bug with parsing update line on CentOS/RHEL #206 (andyone)
    • ๐Ÿ›  Fix defer cache.DB.close #201 (kotakanbe)
    • ๐Ÿ›  Fix a help message of -report-azure-blob option #195 (kotakanbe)
    • ๐Ÿ›  Fix error handling in tui #193 (kotakanbe)
    • ๐Ÿ›  Fix not working changelog cache on Container #189 (kotakanbe)
    • ๐Ÿ›  Fix release version detection on FreeBSD #184 (kotakanbe)
    • ๐Ÿ›  Fix defer cahce.DB.close() #183 (kotakanbe)
    • ๐Ÿ›  Fix a mode of files/dir (report, log) #182 (kotakanbe)
    • ๐Ÿ›  Fix a error when no json dirs are found under results #180 #181 (kotakanbe)
    • โœ… ssh-external option of configtest is not working #178 #179 (kotakanbe)

    Closed issues:

    • --enable-repos of yum option #246
    • --skip-broken at yum option #245
    • ๐Ÿ— Recent changes to gobui cause build failures #228
    • ๐Ÿณ https://hub.docker.com/r/vuls/go-cve-dictionary/ is empty #208
    • Not able to install gomail fails #202
    • No results file created - vuls tui failed #199
    • ๐Ÿณ Wrong file permissions for results/*.json in official Docker container #197
    • Failed: Unknown OS Type #196
    • โœ… Segmentation fault with configtest #192
    • ๐Ÿ”ง Failed to scan. err: No server defined. Check the configuration #187
    • โœ… vuls configtest -ssh-external doesnt work #178
    • โšก๏ธ apt-get update: time out #175
    • scanning on Centos6, but vuls recognizes debian. #174
    • ๐Ÿ›  Fix READMEja #164 #173

    ๐Ÿ”€ Merged pull requests:

  • v0.1.6 Changes

    September 12, 2016

    Full Changelog

    Implemented enhancements:

    ๐Ÿ›  Fixed bugs:

    • ๐Ÿณ Failed to setup vuls docker #170
    • โšก๏ธ yum check-update error occurred when no reboot after kernel updating #165
    • ๐Ÿ— error thrown from 'docker build .' #157
    • CVE-ID is truncated to 4 digits #153
    • โšก๏ธ 'yum update --changelog' stalled in 'vuls scan'. if ssh user is not 'root'. #150
    • Panic on packet scan #131
    • โšก๏ธ Update glide.lock #170 #171 (kotakanbe)
    • ๐Ÿ›  Fix detecting a platform on Azure #168 (kotakanbe)
    • ๐Ÿ›  Fix parse error for yum check-update #165 #166 (kotakanbe)
    • ๐Ÿ›  Fix bug: Vuls on Docker #159 (tjinjin)
    • ๐Ÿ›  Fix CVE-ID is truncated to 4 digits #155 (usiusi360)
    • ๐Ÿ›  Fix yum update --changelog stalled when non-root ssh user on CentOS #150 #151 (kotakanbe)

    Closed issues:

    • ๐Ÿ‘Œ Support su for root privilege escalation #44
    • ๐Ÿ‘Œ Support FreeBSD #34

    ๐Ÿ”€ Merged pull requests:

  • v0.1.5 Changes

    August 16, 2016

    Full Changelog

    Implemented enhancements:

    • Enable to scan without running go-cve-dictionary as server mode #84
    • ๐Ÿ‘Œ Support high-speed scanning for CentOS #138 (tai-ga)
    • โž• Add configtest subcommand. skip un-ssh-able servers. #134 (kotakanbe)
    • ๐Ÿ‘Œ Support -report-azure-blob option #130 (kotakanbe)
    • โž• Add optional key-values that will be outputted to JSON in config #117 (kotakanbe)
    • ๐Ÿ”„ Change dir structure #115 (kotakanbe)
    • โž• Add some validation of loading config. user, host and port #113 (kotakanbe)
    • ๐Ÿ‘Œ Support scanning with external ssh command #101 (kotakanbe)
    • Detect Platform and get instance-id of amazon ec2 #95 (kotakanbe)
    • โž• Add -report-s3 option #92 (kotakanbe)
    • โž• Added FreeBSD support. #90 (justyntemme)
    • โž• Add glide files for vendoring #89 (kotakanbe)
    • ๐Ÿ›  Fix README, change -cvedbpath to -cve-dictionary-dbpath #84 #85 (kotakanbe)
    • โž• Add option for it get cve detail from cve.sqlite3. #81 (ymd38)
    • โž• Add -report-text option, Fix small bug of report in japanese #78 (kotakanbe)
    • โž• Add JSONWriter, Fix CVE sort order of report #77 (kotakanbe)

    ๐Ÿ›  Fixed bugs:

    • ๐Ÿณ Docker: Panic #76
    • ๐Ÿ›  Fix apt command to scan correctly when system locale is not english #149 (kit494way)
    • ๐Ÿ”’ Disable -ask-sudo-password for security reasons #148 (kotakanbe)
    • ๐Ÿ›  Fix no tty error while executing with -external-ssh option #143 (kotakanbe)
    • ๐Ÿ“ฆ wrong log packages #141 (sadayuki-matsuno)
    • ๐Ÿ›  Fix platform detection. #137 (Rompei)
    • ๐Ÿ›  Fix nil pointer when scan with -cve-dictionary-dbpath and cpeNames #111 (kotakanbe)
    • โœ‚ Remove vulndb file before pkg audit #110 (kotakanbe)
    • โž• Add error handling when unable to connect via ssh. status code: 255 #108 (kotakanbe)
    • Enable to detect vulnerabilities on FreeBSD #98 (kotakanbe)
    • ๐Ÿ›  Fix unknown format err while check-update on RHEL6.5 #93 (sadayuki-matsuno)
    • ๐Ÿ›  Fix type of SMTP Port of discovery command's output #88 (kotakanbe)
    • ๐Ÿ›  Fix error msg when go-cve-dictionary is unavailable #84 #86 (kotakanbe)
    • ๐Ÿ›  Fix error handling to avoid nil pointer err on debian #83 (kotakanbe)
    • ๐Ÿ›  Fix nil pointer while doing apt-cache policy on ubuntu #76 #82 (kotakanbe)
    • ๐Ÿ›  fix log import url #79 (sadayuki-matsuno)
    • ๐Ÿ›  Fix error handling of gorequest #75 (kotakanbe)
    • ๐Ÿ›  Fix freezing forever when no args specified in TUI mode #73 (kotakanbe)
    • mv version.go version/version.go to run main.go without compile #71 (sadayuki-matsuno)

    Closed issues:

    • SSh password authentication failed on FreeBSD #99
    • ๐Ÿ› BUG: -o pipefail is not work on FreeBSD's /bin/sh. because it isn't bash #91
    • ๐Ÿ‘‰ Use ~/.ssh/config #62
    • SSH ciphers #37

    ๐Ÿ”€ Merged pull requests:

  • v0.1.4 Changes

    May 24, 2016

    Full Changelog

    Implemented enhancements:

    • ๐ŸŽ‰ Initial fetch from NVD is too heavy (2.3 GB of memory consumed) #27
    • Enable to show previous scan result #69 (kotakanbe)
    • โž• Add ignore-unscored-cves option #68 (kotakanbe)
    • ๐Ÿ‘Œ Support dynamic scanning docker container #67 (kotakanbe)
    • โž• Add version flag #65 (kotakanbe)
    • โšก๏ธ Update Dockerfile #57 (theonlydoo)
    • โšก๏ธ Update run.sh #56 (theonlydoo)
    • ๐Ÿ‘Œ Support Windows #33 (mattn)

    ๐Ÿ›  Fixed bugs:

    • vuls scan -cvss-over does not work. #59
    • panic: runtime error: invalid memory address or nil pointer dereference when scan CentOS5.5 #58
    • It rans out of memory. #47
    • ๐Ÿ› BUG: vuls scan on CentOS with Japanese environment. #43
    • yum --color=never #36
    • โšก๏ธ Failed to parse yum check-update #32
    • Pointless sudo #29
    • Can't init database in a path having blanks #26
    • ๐Ÿ›  Fix pointless sudo in debian.go #29 #66 (kotakanbe)
    • ๐Ÿ›  Fix error handling of httpGet in cve-client #58 #64 (kotakanbe)
    • ๐Ÿ›  Fix nil pointer at error handling of cve_client #58 #63 (kotakanbe)
    • Set language en_US. #61 (pabroff)
    • ๐Ÿ›  Fix -cvss-over flag #59 #60 (kotakanbe)
    • ๐Ÿ›  Fix scan on Japanese environment. #55 (pabroff)
    • ๐Ÿ›  Fix a typo: replace Depricated by Deprecated. #54 (jody-frankowski)
    • ๐Ÿ›  Fix yes no infinite loop while doing yum update --changelog on root@CentOS #47 #50 (pabroff)
    • ๐Ÿ›  Fix $servername in output of discover command #45 (kotakanbe)
  • v0.1.3 Changes

    April 21, 2016

    Full Changelog

    Implemented enhancements:

    ๐Ÿ›  Fixed bugs:

    • โšก๏ธ Issues updating CVE database behind https proxy #39
    • โšก๏ธ Vuls failed to parse yum check-update #24
    • ๐Ÿ›  Fix yum to yum --color=never #36 #42 (kotakanbe)
    • ๐Ÿ›  Fix parse yum check update #40 (kotakanbe)
    • ๐Ÿ›  fix typo #31 (blue119)
    • ๐Ÿ›  Fix error while parsing yum check-update #24 #30 (kotakanbe)

    Closed issues:

    • Unable to scan on ubuntu because changelog.ubuntu.com is down... #21
    • err: Not initialize(d) yet.. #16
    • Errors when using fish shell #8
  • v0.1.2 Changes

    April 12, 2016

    Full Changelog

    ๐Ÿ›  Fixed bugs:

    • Maximum 6 nodes available to scan #12
    • panic: runtime error: index out of range #5
    • ๐Ÿ›  Fix sudo option on RedHat like Linux and change some messages. #20 (kotakanbe)
    • โšก๏ธ Typo fix and updated readme #19 (EuanKerr)
    • โœ‚ remove a period at the end of error messages. #18 (kotakanbe)
    • ๐Ÿ›  fix error while yum updateinfo --security update on rhel@aws #17 (kotakanbe)
    • ๐Ÿ›  Fixed typos #15 (radarhere)
    • Typo fix in error messages #14 (Bregor)
    • ๐Ÿ›  Fix index out of range error when the number of servers is over 6. #12 #13 (kotakanbe)
    • Revise small grammar mistakes in serverapi.go #9 (cpobrien)
    • ๐Ÿ›  Fix error handling in HTTP backoff function #7 (kotakanbe)
  • v0.1.1 Changes

    April 06, 2016

    Full Changelog

    ๐Ÿ›  Fixed bugs: