Openvas Versions Save

This repository contains the scanner component for Greenbone Community Edition.

v23.2.0

1 week ago

23.2.0 - 2024-04-30

Added

  • implement http2 nasl builtin function in rust b421babe

v23.1.0

1 week ago

23.1.0 - 2024-04-29

Added

  • notus support for windows (#1626) 0917d574
  • release tag toml 7ac85c17
  • entrypoint for Scan Preferences to openvasd e211b6f2
  • get scan preference to scanner API specification 462a4949
  • Add used licenses for the Rust code to rust/COPYING 20d1b4c6
  • builtin NASL hash functions (#1616) 5575c0f2
  • env REDIS_URL to set redis-url 68eeeb12
  • support for HTTP/2 (#1610) fc30c997
  • handle scan status for openvas (no ospd) (#1606) 6addc38e

Changed

  • libhiredis version for docker testing image (#1625) 14a9193c

Bug Fixes

  • rename scanner_preference to scan_preference 4ba1b814
  • OpenVASD: add path on hashsum failure 8da5f154
  • TLS support (#1617) fcd57941
  • openvasd endpoint /vts?information=1 d5de945a
  • openvas-nasl can not read KB when forking (#1621) 12f7eedb
  • crash when client_cert dir is not available. 527040c6
  • not rescheduling on connection fail when using openvas 34016b41
  • configure different redis url within openvas and openvasd 5834881f
  • add redis to the storage options for clap 5c18918a
  • response message and internal data on scan start request 7c978e85

v23.0.1

1 month ago

23.0.1 - 2024-03-19

Bug Fixes

  • scannerctl option name and redis-storage distaptcher (#1604) 3da335c5

v23.0.0

1 month ago

23.0.0 - 2024-03-13

Breaking Changes

  • Fix issues in progress calcualtion resulting in interrupted scans. See #952
    • Migration: Upgrade to ospd-openvas >= 22.7.0.
  • Remove feed sync script in favor of greenbone-feed-sync (#1589).
    • Migration: If the old script is not actively used nothing needs to be done. The new script is already used in gvmd and the official Greenbone Community Documentation) since some time.
  • Rename executable nasl-cli to scannerctl.
    • Migration: scannerctl is not used by other GVM components currently which means that if you do not actively use it nothing needs to be done.

Added

  • add nasl ssh function to select a netconf ssh subsystem (#1594) a9048b33
  • notus command to nasl-cli a1e7f8f2
  • notus only mode 10f1b0cc
  • log message, when notus is disabled in openvas (#1596) 17068be8
  • scan scheduler 51a03d6e
  • integrate openvasctl into openvasd and make it configurable 668ef9e2
  • scheduler for handling start and stop request for openvas ff4b4202
  • privilege credential for SSH authenticated scans (#1576) 9e751be5
  • Result collector (#1574) 703e7da7
  • Preference handler for openvasctl (#1567) bcdaa29a
  • get_vts path for getting vts from redis cache (#1562) 9d1e74d2
  • openvasctl crate for controling openvas scans 774d8ae6
  • nasl-cli notus update subcommand (#1558) d399537e
  • support authenticated connection to MQTT broker (#1545) 9ecb6aba
  • contributor agreement workflow (#1540) c3a7386e
  • Notus rust implementation and integrate it into openvasd 7bf3fa7f
  • document nasl grammar and predefined constants (#1526) e398a54b

Removed

Changed

  • hide warning message in standalone mode (#1591) 0a768cd7
  • Rename nasl-cli to scannerctl e904a94c
  • Send a message with excluded hosts count to ospd. (#1528) cefbebc3
  • break on insufficient memory 22215d68
  • sanitize openvasd config a32a282f
  • adds a Lambda scanner for easier testing 90ecc3a6
  • formatting c5b4321d
  • fix typos 7692b230
  • openvasctl library to openvas 2842dcf2
  • set Scan ID of Scan Model to non-optional a050b988
  • remove scanconfig library d12d21a1
  • move osp specific Scanner implementation from openvasd into osp bb7ae5be
  • move scanner trait to models library d7880143
  • remove FetchResult in favor of ScanResults b5be4326
  • stream response buffers one extra element e9b71a73
  • set Scan ID of Scan Model to non-optional a765d22e
  • make async the methods for preference handling. (#1572) c7418574
  • doc: on delete we return a 204 not 200 9b193b45
  • ci: add head -n 1 to be more explicit a785ad2d
  • rust: cargo fmt f7abe57b
  • Ci: cleaning up and restructure gh actions bfb86fea
  • openvasd: stream responses (#1566) 11fe4cd0
  • update hyper to version 1 (#1563) 7bfe3ee0
  • Drop parsing of $Date (#1552) 476cc3f9
  • Adjust host details (#1557) b12152bc
  • toggle smoketest e2a5c9d8
  • clippy warnings cee5d9fd
  • helm: rename server-private-key to ingress-certificate b59233c4
  • refactor nasl-cli d9a9f537
  • Ci: on release set app version a902bf90
  • renaming of advisories to product and advisory to vt (#1539) 27179f39
  • Update OpenVASD Helm Chart YAML configurations c942d22e
  • ci: remove build-docs d80a8652
  • nasl-syntax: benchmark tests iterate (#1534) f70fd537

Bug Fixes

  • flatten assets f8318505
  • signing options are used incorrectly 6a404e9e
  • Ci: on release use given token and set repository on pontos 22c10ade
  • clippy warnings about deprectated functions in chrono crate. (#1601) 207e843e
  • escape char for data type (#1599) 29e2939a
  • broken workflow status badge (#1593) bf7de1cb
  • set status to Stopped if the scan was successfully stopped (#1587) cef0e8fe
  • Set scan status to failed, if scan cannot be started fb77d8cc
  • use tokio interval instead of std sleep 40e9f9d0
  • memory check handling in scheduler 6e826f93
  • version updates based on audit findings 0a933793
  • multiple verbose entries in nasl-cli (#1582) ca7bb8bf
  • install libhiredis on openvas image instead of using gvm-libs 3af26097
  • helm: notus-data uses a tar.gz file 2919f115
  • Spread log level over all crates (#1535) 64d30353
  • docker: add libcurl3-gnutls 473389ff
  • ci: remove helm version upgrade (#1536) ba8f5cab

Thank You

Thanks a lot for the contributors to the openvas-scanner project.

  • @Zercerium: Fixed the CI badge in the READEME.md as well as an issue in the example of how to use the contribution agreement.

v22.7.9

5 months ago

22.7.9 - 2023-11-30

Bug Fixes

  • nasl-cli/openvasd: stack overflow on prefix-statement (#1530) 0fa13e9b

Thank You

Thanks a lot for the contributors to the openvas-scanner project.

Issue reporting

  • @sepehrdaddev: Reported a vulnerability in the new Rust based NASL interpreter implementation which was fixed with 0fa13e9b. As nasl-cli is not used in our GSM appliances or community containters those are not affected.

v22.7.8

5 months ago

22.7.8 - 2023-11-28

Added

Bug Fixes

  • nasl-cli/openvasd: possible stackoverflow on End::Continue a4cbe5e3

Thank You

Thanks a lot for the contributors to the openvas-scanner project.

Issue reporting

  • @sepehrdaddev: Reported a vulnerability in the new Rust based NASL interpreter implementation which was fixed with a4cbe5e3. As nasl-cli is not used in our GSM appliances or community containters those are not affected.

v22.7.7

5 months ago

22.7.7 - 2023-11-20

Added

  • Prototype for Plugin Scheduler c2ffb43e
  • dep-graph library for scheduler 868623fc
  • client authorization on endpoints (#1521) 6af3aab2
  • full installation guide for development c4c8e4f4
  • health endpoints to openAPI (#1515) a08fa02a
  • Verify signature of sha256sums file (#1505) 0899d3fc

Changed

  • ingress example within openvasd (#1516) b97e4977
  • add a dummy item in the redis storage for backward compatibility (#1514) 34d380a1

Bug Fixes

  • use %zu instead of %lu when print size_t of count (#1522) 3f1ea08b
  • panic when trying to append empty results (#1518) bef154c7

v22.7.6

6 months ago

22.7.6 - 2023-10-11

Added

  • permission pull-requests write into update-header.yml (#1510) 6022fd84
  • script for calculate and display coverage of the rust implementation of nasl builtin-functions 510005c1
  • Proposal for reverse scanner API (#1462) 5288b8a4
  • Smoketest for the scanner API (#1480) 4640a511
  • possibility to add C encapsuled functionality eb2ca349
  • infisto as a file storage solution (#1482) aac7ce8c

Removed

  • greenbonebot token from update-header.yml 71301dfb

Changed

  • use println! for NASL display function ce252c9d
  • helm chart and smoketest. be2b7024
  • accept symlinks For helm deployment, secrets are stored and the volume is mounted as symlink bddc7e6a
  • Group Dependabot updates into single PR (#1498) fb6790e4

Bug Fixes

  • fix an issue which produces an interrupted scan, originated on a wrong count of excluded hosts. (#1509) 9542a1c6
  • send the right command to ospd (#1485) 3315881d
  • various clippy warnings 4b332b48

v22.7.5

8 months ago

22.7.5 - 2023-08-31

Bug Fixes

  • Allow to override the variable BUILD_WITH_NETSNMP (#1481) 04851b1a
  • OpenAPI specification 5df33a67

v22.7.4

8 months ago

22.7.4 - 2023-08-25

Added

  • missing qod_type (#1475) b0c9f949
  • read timeout setting to the ospd (#1474) 99902e30
  • documentation about Mutual TLS configuration. (#1472) 4fe18dc0
  • openvasd: range to results f503dd4c
  • openvasd: encryption of credentials and results 086a7fc2
  • nasl-cli: scan-config command c78d7a30
  • openvasd: example to start a discovery scan (#1454) 6fe9bef0

Changed

  • Show message about running Notus only if pre-conditions are met. (#1470) 120c4e6e
  • improve handling of sensitive data (#1461) b6802ebe
  • Various minor text updates to the NASL description (#1432) cab4d7c3
  • nasl-cli: scan-config: allow multiple scan-configs 57b4d29d
  • Docker: remove python3-impacket 43a18b78
  • send results as stream (#1458) 501837a4
  • Send the oid as stream (#1452) a8c73b29

Bug Fixes

  • CI test. (#1473) 7346ddaf
  • override an existing scan (#1460) 755f7e9c
  • security alert atty potential unaligned read adbc7cda
  • automagic dependency on netsnmp that is not required. (#1463) c9ba348e
  • openvasd: return 200 on HEAD 187f1e15
  • nasl-cli: display on data input 8f77a14d