Vuls v0.4.0 Release Notes

Release Date: 2017-08-25 // over 6 years ago
  • Full Changelog

    Implemented enhancements:

    • Output changelog in report, TUI and JSON for RHEL #367
    • ๐Ÿง Output changelog in report, TUI and JSON for Amazon Linux #366
    • ๐Ÿ‘Œ Improve scanning accuracy by checking package versions #256
    • ๐Ÿ‘Œ Improve SSH #415
    • Enable to scan even if target server can not connect to the Internet #258
    • SSH Hostkey check #417 (kotakanbe)
    • v0.4.0 #449 (kotakanbe)
    • ๐Ÿ”„ Change default ssh method from go library to external command #416 (kotakanbe)
    • โž• Add containers-only option to configtest #411 (knqyf263)

    ๐Ÿ›  Fixed bugs:

    • Running Vuls tui before vuls report does not show vulnerabilities checked by CPE #396
    • ๐Ÿ“ฆ With a long package name, Local shell mode (stty dont' work) #444
    • ๐Ÿ‘Œ Improve SSH #415
    • ๐Ÿ“ฆ Report that a vulnerability exists in the wrong package #408
    • ๐Ÿ“ฆ With a long package name, a parse error occurs. #391
    • ๐Ÿ“ฆ Ubuntu failed to scan vulnerable packages #205
    • CVE-ID in changelog can't be picked up. #154
    • v0.4.0 #449 (kotakanbe)
    • ๐Ÿ›  Fix SSH dial error #413 (kotakanbe)
    • โšก๏ธ Update deps, Change deps tool from glide to dep #412 (kotakanbe)
    • ๐Ÿ›  fix report option Loaded error-info #406 (hogehogehugahuga)
    • โž• Add --user root to docker exec command #389 (PaulFurtado)

    Closed issues:

    • ๐Ÿง README.md.ja not include "Oracle Linux, FreeBSD" #465
    • โšก๏ธ Can't scan remote server - (centos 7 - updated) #451
    • An abnormality in the result of vuls tui #439
    • compile faild #436
    • Can't install vuls on CentOS 7 #432
    • ๐Ÿ“ฆ Vuls scan doesn't show severity score in any of the vulnerable packages #430
    • Load config failedtoml: cannot load TOML value of type string into a Go slice #429
    • โšก๏ธ vuls scan not running check-update with sudo for Centos 7 #428
    • โœ… options for configtest not being activated #422
    • "could not find project Gopkg.toml, use dep init to initiate a manifest" when installing vuls #420
    • go get not get #407
    • ๐Ÿณ Failed to scan via docker. err: Unknown format #404
    • โšก๏ธ Failed to scan - kernel-xxx is an installed security update #403
    • 169.254.169.254 port 80: Connection refused #402
    • vuls scan --debug cause invalid memory address error #397
    • ๐Ÿ’ป Provide a command line flag that will automatically install aptitude on debian? #390

    ๐Ÿ”€ Merged pull requests:


Previous changes from v0.3.0

  • Full Changelog

    Implemented enhancements:

    • ๐Ÿ”„ Changelog parsing fails when package maintainers aren't consistent regarding versions #327
    • ๐Ÿณ Docker scan doesn't report image name #325
    • vuls report -to-email only one E-Mail #295
    • ๐Ÿ‘Œ Support RHEL5 #286
    • Continue scanning even when some hosts have tech issues? #264
    • Normalization of JSON output #259
    • โž• Add report subcommand, change scan subcommand options #239
    • scan localhost? #210
    • โšก๏ธ Can Vuls show details about updateable packages #341
    • Scan all containers except #285
    • ๐Ÿ”” Notify the difference from the previous scan result #255
    • ๐Ÿ‘ EC2RoleCreds support? #250
    • Output confidence score of detection accuracy and detection method to JSON or Reporting #350 (kotakanbe)
    • Avoid null slice being null in JSON #345 (kotakanbe)
    • โž• Add -format-one-email option #331 (knqyf263)
    • ๐Ÿ‘Œ Support Raspbian #330 (knqyf263)
    • โž• Add leniancy to the version matching for debian to account for versioโ€ฆ #328 (jsulinski)
    • โž• Add image information for docker containers #326 (jsulinski)
    • Continue scanning even when some hosts have tech issues #309 (kotakanbe)
    • โž• Add -log-dir option #301 (knqyf263)
    • ๐Ÿ‘‰ Use --assumeno option #300 (knqyf263)
    • โž• Add local scan mode(Scan without SSH when target server is localhost) #291 (kotakanbe)
    • ๐Ÿ‘Œ Support RHEL5 #289 (kotakanbe)
    • โž• Add LXD support #288 (jiazio)
    • โž• Add timeout option to configtest #400 (kotakanbe)
    • ๐Ÿ”” Notify the difference from the previous scan result #392 (knqyf263)
    • โž• Add Oracle Linux support #386 (Djelibeybi)
    • ๐Ÿ”„ Change container scan format in config.toml #381 (kotakanbe)
    • ๐Ÿ‘ Obsolete CentOS5 support #378 (kotakanbe)
    • ๐Ÿ—„ Deprecate prepare subcommand to minimize the root authority defined by /etc/sudoers #375 (kotakanbe)
    • ๐Ÿ‘Œ Support IAM role for report to S3. #370 (ohsawa0515)
    • โž• Add .travis.yml #363 (knqyf263)
    • Output changelog in report, TUI and JSON for Ubuntu/Debian/CentOS #356 (kotakanbe)

    ๐Ÿ›  Fixed bugs:

    • ๐Ÿณ Debian scans failing in docker #323
    • Local CVE DB is still checked, even if a CVE Dictionary URL is defined #316
    • vuls needs gmake. #313
    • patch request for FreeBSD #312
    • ๐Ÿณ Report: failed to read from json (Docker) #294
    • -report-mail option does not output required mail header #282
    • PackInfo not found error when vuls scan. #281
    • Normalize character set #279
    • โšก๏ธ The number of Updatable Packages is different from the number of yum check-update #373
    • โšก๏ธ sudo is needed when exec yum check-update on RHEL7 #371
    • 123-3ubuntu4 should be marked as ChangelogLenientMatch #362
    • ๐Ÿ“ฆ CentOS multi package invalid result #360
    • โšก๏ธ Parse error after check-update. (Unknown format) #359
    • ๐Ÿ›  Fix candidate to confidence. #354 (kotakanbe)
    • ๐Ÿ› Bug fix: not send e-mail to cc address #346 (knqyf263)
    • ๐Ÿ”„ Change the command used for os detection from uname to freebsd-version #340 (kotakanbe)
    • ๐Ÿ›  Fix error handling of detectOS #337 (kotakanbe)
    • ๐Ÿ›  Fix infinite retry at size overrun error in Slack report #329 (kotakanbe)
    • 0๏ธโƒฃ aptitude changelog defaults to using more, which is not interactive aโ€ฆ #324 (jsulinski)
    • Do not use sudo when echo #322 (knqyf263)
    • โฌ‡๏ธ Reduce privilege requirements for commands that don't need sudo on Ubuntu/Debian #319 (jsulinski)
    • Don't check for a CVE DB when CVE Dictionary URL is defined #317 (jsulinski)
    • ๐Ÿ›  Fix typo contianer -> container #314 (justyns)
    • ๐Ÿ›  Fix the changelog cache logic for ubuntu/debian #305 (kotakanbe)
    • ๐Ÿ›  Fix yum updateinfo options #304 (kotakanbe)
    • โšก๏ธ Update glide.lock to fix create-log-dir error. #303 (kotakanbe)
    • ๐Ÿ›  Fix a bug in logging (file output) at scan command #302 (kotakanbe)
    • โž• Add -pipe flag #294 #299 (kotakanbe)
    • ๐Ÿ›  Fix RHEL5 scan stopped halfway #293 (kotakanbe)
    • ๐Ÿ›  Fix amazon linux scan stopped halfway #292 (kotakanbe)
    • ๐Ÿ›  Fix nil-ponter in TUI #388 (kotakanbe)
    • ๐Ÿ›  Fix Bug of Mysql Backend #384 (kotakanbe)
    • ๐Ÿ›  Fix scan confidence on Ubuntu/Debian/Raspbian #362 #379 (kotakanbe)
    • ๐Ÿ›  Fix updatalbe packages count #373 #374 (kotakanbe)
    • โšก๏ธ sudo yum check-update on RHEL #372 (kotakanbe)
    • ๐Ÿ”„ Change ssh option from -t to -tt #369 (knqyf263)
    • Increase the width of RequestPty #364 (knqyf263)

    Closed issues:

    • โœ… vuls configtest --debugใŒsudoใฎใƒใ‚งใƒƒใ‚ฏใงๆญขใพใฃใฆใ—ใพใ† #395
    • โž• Add support for Oracle Linux #385
    • error on install - Ubuntu 16.04 #376
    • Unknown OS Type #335
    • mac os 10.12.3 make install error #334
    • assumeYes doesn't work because there is no else condition #320
    • Debian scan uses sudo where unnecessary #318
    • โž• Add FreeBSD 11 to supported OS on documents. #311
    • ๐Ÿณ docker fetchnvd failing #274
    • โœ… Latest version of labstack echo breaks installation #268
    • fetchnvd Fails using example loop #267

    ๐Ÿ”€ Merged pull requests: