Openvas Versions Save

22.7.3 - 2023-07-17

Added

• openvas-scanner debian testing (#1450) 1be834d4
• Docker: openvasd, helm template (#1449) dfc7cab5
• Implement packet forgery nasl functions in rust. (#1416) 193d5e81
• support for host_details within the osp crate (#1445) df882be4
• CI check for building with debian old-stable (#1442) b802eab3
• Register builder to add predefined nasl variables (#1438) 212d3eaf

Changed

• Handle errors properly (#1447) 843e3332
• remove defaults on parameters 66423665
• config default values and adjust example and README 42501a22
• read log level from config instead of env 8a134717
• from Scanner Parameter to Preference for the new API (#1440) 84cde499
• rs: nasl-builtin functions separation 8c39d218
• rename queued to stored 5ca587b6

Bug Fixes

• issue parsing json string get from ipc (#1455) a150f689
• openvasd: add missing header informations f11a9dfd
• error handling, when ospd socket was not found 220af627
• example files c079084c
• change all occurrences of sensord to openvasd 4fae250c
• Fix conventional commits workflow da26233d
• docker: add glib to openvas-image to fix g_memdup2 not found c612d7ba
• CI (#1436) 4579efea

22.7.2 - 2023-06-02

Added

• rust: osp-crate 56d28d52

Changed

• switiching from rocket to hyper 756fb6c4

Bug Fixes

• Docker: x86_64 nasl-cli d9196312

22.7.1 - 2023-05-24

Added

• store the oid under the redis key 'filename' (#1428) 631b66f5

Changed

• Typo in index (#1429) e6ea3008

Bug Fixes

• CI: signature of tar balls, trigger release without tag (#1430) 7ad69745

22.7.0 - 2023-05-16

Changed

• Make the NVT Tag member a BTreeMap instead of HashMap 68bf4de1

Bug Fixes

• debian patch on release uses wrong path 24bd00ca
• allow/deny hosts. (#1420) c4ca8042
• Docker: aarch64: missing libz.so and libpcap.so.0.8 cd1b40a2
• frame_forgery.nasl (#1414) 388de3ae

22.6.2 - 2023-05-04

Added

• webserver for HTTP API (#1385) 8eb92344

Changed

• use [{"start": 22, "end": 24}] to define a port range instead of 22-24 42719737
• serde optional behind feature toggle ece68df9

Bug Fixes

• greenbone-nvt-sync: set feed version to 22.04 (#1415) eeda955d
• use target() from Context (#1406) 1263b309
• Set permission on conventional commits workflow 699d39b8
• Docker: aarch64: debian uses openssl-1.1.1 not 3.0 (#1411) 47207ee4
• prod.Dockerfile multi-arch support and fix container build workflows 0d68b804
• CI: broken link on getting source code bb6e2696

22.6.1 - 2023-05-02

Changed

• error handling in HashSumNameLoader ce372d78

22.6.0 - 2023-05-02

Added

• nasl-cli execute --target option (#1400) e0f51021
• support nasl SSH functions (#1368) 2783f53a
• Add action for reporting the conventional commits 9ae0116a

Changed

• Deprecate greenbone-nvt-sync script 952e9563

Bug Fixes

• function signature 49be12a4
• ksba (#1388) 28944f2b

22.5.0 - 2023-04-18

Added

• initial version of nasl-cli
• alive test ea85f408
• scan ID to log reference (#1314) 178be6ff
• documentation for NASL plugin_run_find_service dc6d0842
• tool to see the coverage of the NASL built-in functions 125f0d2c
• documentation for NASL built-in plugin functions fb447b22
• documentation for built-in nasl Raw IP functions 67afd920
• Auto-generated table of content for built-in nasl functions 94b77540
• script to auto-generate table of content for NASL documentation bfa75a31
• documentation for NASL SMB functions (#1278) df40c897
• documentation for NASL WMI functions (#1276) 63accde4
• documentation for NASL string functions (#1274) 7df37fd3
• documentation for NASL ISO time functions (#1273) 2f1c4880

Changed

• make [sign] option the default for wmi_connect* (#1355) f0caa6cc
• Improve stop_denial. Test the host if still alive with boreas (#1345) d73cae3f
• try first pkg-config and then with find_library for ksba and gpgme (#1339) 19c12ef2
• Use a single workflow file for releases (#1325) 92859ced

Bug Fixes

• memory leak in pcap related functions (#1338) b59f09bd
• Make sure repository license can be correctly detected (#1333) 65c5aafa
• NASL documentation get_host_name 80bc0e79
• TOC -> TABLE OF CONTENT e5e82934

22.4.1 - 2023-01-09

Added

• documentation for NASL cert-functions (#1272) c32044e3
• documentation for NASL snmp-functions (#1270) d7168b5f
• document Networking function in the NASL manual (#1256) 395b3a8f
• documentation for NASL host-functions (#1264) 934f70da
• documentation for built-in nasl HTTP Functions 32ca0d99
• NASL documentation for unsafe functions 8ca6e91f
• documentation for NASL ssh-functions 40276ede
• Initial rust NASL interpreter (#1234) d5e9f103
• documentation 4828d140
• more documentation 4a93a372
• more documentation 1965054b
• more documentation 36e1afc4
• documentation for nasl functions ee2084eb
• convertion from string timestamp to second since epoch for cration_time and last_modification tags 5adeb7fe
• handle wrong plugin path error 14a7ca0d
• Implement Display trait for Category This allows to convert the category directly to a string. 263411f5
• Document which Nvt members and methods are used during the plugin upload 2a692598
• store references in the redis cache. 2affab75
• function get_prefs() to get the a vector of string representing the script preferences, as they have to be stored in the redis cache 93a70b17
• get the references from the nvt structure and store it in the redis cache 1e8b375b
• function get_refs() 2b822a08
• function for returning NvtRef members ef20279c
• test for add_nvt 172a1697
• function redis_add_nvt() to add a new nvt to the current redis namespace a22b44e5
• functions to add preferences, references and severities to the Nvt structure 8e3b570d
• Default trait for Nvt. Also fix the new() to retunr the initialized Nvt. Adjust format. 38936941
• function add_tag() 89803411
• and change documentation cdfc94ae
• RedisValueHandler to handle the different value types in a Redis Result. It was added first for handling Nil, e.g. when a key is not found. 6f9d9321
• Function for set and get the nvtcache key. This should contain the feed version Also a function for resetting the nvtcache (delete and release). b8595215
• wrap function for setting keys with generic values. This is done for making the RedisCtx::kb member private. so is not accesible from outside the module. 921124e3
• Tooling for documentation manual and NASL man (#1194) 5478e0d6
• |, && to nasl-syntax-parser b84419a5
• !, != and !~ operations into nasl-syntax-parser 4e4d61d4
• • handling 60117599
• missing scanneraux.c file, which includes de destroy_scan_globals() ab20dab3
• document two new scanner preferences for alive tests (#1204) 9a05f630
• documentation for LSC IPC data type 0c8c8c3d
• documentation for IPC protocol db8cff22
• inter process communication e3716515
• fork observing mechanism (#1165) c72b6df5

Removed

• unnecessary mut 5608984c
• nvt::destroy(). Not necessary 26d2287c
• Remove unnecessary sleep used for debugging (#1219) 931f757f
• unnecessary code in libs CMakeLists.txt files (#1156) b614dbd6
• script_bugtraq_id completely (#1124) 8f1dfff4

Changed

• Use action for release Workflow fbd51e7b
• Update creating tags for container images (#1263) 31791b5a
• Use redis pipeline for writing a batch of commands at once 23adeef0
• check if there are preferences before add them 95ee9d40
• Split the function add_nvt. Now the duplicated oid check is performed in a private function 5a1b30cb
• Get the key string as reference, so it is not consumed 35d3d117
• use globally stored main_kb instead of passing it around faf8fe57
• typo 9c7faec5
• rename kb_check*() functions to kb_item_*_with_main_kb_check. 641f2b84
• Improve integration test 5cfcac38
• set_oid() funtion doesn't need to return anything 352bcbae
• make the tag member in the Nvt structure a Vector of (key,val) tuples. 260ccb18
• Split the strings and use vector of strings instead where necessary 6dd0a8e0
• better error handling. Embeed the RedisError instead of wrapping it. Also defined more DbError types. 18aaf2a4
• Improve display implementation for Catefory dc7040dd
• Use Vec instead of LinkedList for refs, prefs and severities db988443
• Don't return Results for nvt::set_() functions. Don't return a Result, but a &str from nvt::get_() functions 33dc3540
• dont use constants. Use environment variables instead, with default fallback, instead b8ba2baf
• small code improvemente 3a98b57d
• use the right redis cmd, to add the fields in the right order 34ea4422
• Use the globally defined variable NVTICACHE e8ba4477
• fix nvtcache::add_nvt() 26f065c3
• get functions. Return a clone of the Nvt members O Otherwise, the Nvt struct was borrowed here and it can't be borrowed again later. 0f0c12be
• make structs publics. efa3d30c
• abort on found db inconsistency 96a3daec
• add quoteable string to Tokenizer 501f558f
• add unquoteable string to tokenizer 4caee914
• add tokenizing of triple and four character tokens 94d9631e
• add more double tokens into Tokenizer 82a8a51d
• switch build_token to macro, create macro to build double_tokens a9fe6ea6
• add tokenizer for single character tokens cf380783
• rename bump to advance d8053f29
• crsr to cursor to be more readable 5a2b79a3
• add cursor to move char wise within source code f77185fa
• Apply suggested changes bf8c1bf9
• make error message clearer when chdir fails e29c588c
• Split creating build and production images b5bfee64
• Build container images for pull requests too 54da5972
• Use docker/meta-action for container tags and labels 3c086d2b
• Use return instead of exit in openvas.c (#1155) 3ac3f51f
• more useful logging for socket_negotiate_ssl (#1132) 149ccc21

Bug Fixes

• Stop scan (#1252) e9167809
• logic. Now the UA will be saved. dbb492be
• parse every json string in the IPC pipe. 8b2f5878
• set the main kb during init openvas-nasl. 25d2a3aa
• initialize ipc data structure (#1245) cf2f0679
• test 12f40433
• Reset main kb link after fork()'ing 2fa8ea8d
• plugin upload when signature check is enabled. acf53f76
• index.md for report-functions b30aa246
• add the nvt after the checks calling the recently added redis_add_nvt(). ef1e910f
• NASL does not do it as a that just (a = 1) returns 0991e672
• missing NASL dependency netstat 4e6ff767
• use main_kb to verify scan_id for inconsistencies 11e06e4e
• convert len1 and len2 to size_t, since the function returns a size_ value. Also, convert_string_ntlmssp uses (size_t) -1 as error code, so checking for it as well. 77d15729
• adjust format with clang-format 6ca43e34
• Multiple bugs reported by the clang static analyzer. 72ef8763
• Bug reported by the clang static analyzer. 099487df
• Bug reported by the clang static analyzer. 8e06fe99
• Bug reported by the clang static analyzer. 35f307af
• Bug reported by the clang static analyzer. efe513ee
• Bug reported by the clang static analyzer. 9dabe7b2
• Bug reported by the clang static analyzer. ef2340ba
• Bug reported by the clang static analyzer. c7b3e9de
• warning detected via ccc-analyzer. eaf0b756
• memory leak. Free trace buffer on error 6033cc54
• warning detected via ccc-analyzer 4c7a6648
• memory leak detected by ccc-analyzer Free on error. 36bb7525
• memory leak Always free name. 69b93de6
• memory leak detected via ccc-analyzer Finally free the ipc context. 845380f4
• warning detected via ccc-analyzer warning: Assigned value is garbage or undefined 815c1a26
• null check. It has never closed the child process because a wrong logic. d145331b
• warning detected via ccc-analyzer Initialize strutct 58747a95
• more memory leaks in nasl_snmp.c 8f0be39c
• memory leak. Make a copy of result to be returned as tree_cell and free result. Add destroy_snmp_result() function 44d969e2
• more memory leaks found via ccc-analyzer 8b2558ba
• possible memory leak detected via ccc-analyzer Allocate memory later and fix possible memory leak f9298a02
• possible memory leak detected via ccc-analyzer Free request on error. 7a312d8a
• possible memory leak detected via ccc-analyzer Move memory allocation inside 'if' block and avoid memory leak e3fef974
• possible memory leak detected via ccc-analyzer Free frame, allocated in forge_frame. Members don't need to be free()'d. 6073025f
• possible memory leak detected via ccc-analyzer Fix null check fc35c871
• possible memory leak detected via ccc-analyzer Destroy ipc ctx when fork fails. 134ee40b
• warning detected via ccc-analyzer e935e0a1
• warning reported by ccc-analyzer 9009246f
• memory leaks in ipc_openvas.c 5e1e6129
• Solve warning detected by ccc-analyzer f55c05ca
• initialize global_max_hosts and global_max_checks from config file (#1210) 2d536948
• cleanup children pluginlaunch_wait_for_free_process a9483735
• Could not fork too many open files 354c42a1
• set transport again if falls back in a unecrypted connection (#1190) c4f5a8c1
• duplicate destroy call 4aefb831
• change ipc_exec_as_process to use copy instead of pointer 1db7508b
• use newdir as a path in message when verification failure (#1182) 476201e4
• determine SSL/TLS support on services (#1176) 710066d4
• PLugin process keeps scanning after manually stopping task (#1164) c080bdd5
• process handler deadlock and signal handler c9b9e8d6
• sync Notus for enterprise feed. (#1150) 39094ec5
• openvas-nasl should not exit when forked 1dcb23e0

22.4.0 - 2022-07-18

Added

• smoketest for openvas-nasl-lint (#1125) 0122d0d6
• authenticator for gcm/ccm en- and decryption ad75ffe1
• openvas-nasl-lint informs about include error on function calls 6e3a09ff
• smb_cmac_aes_signature, smb_gmac_aes_signature 45d777c5
• aes_mac_gcm for SMBv3.1.1 b09e301e
• SHA512 09e7f95d
• aes-256 ccm and gcm algorithm for en- and decryption 27a36a49
• support for MAC_CMAC_AES (AES-128/192/256-CMAC) hash function 1574628a
• SMB3KDF for SMB3 support b42420d7
• aes128-gcm decryption b7fb98aa
• aes128-CCM en- and decryption a3dd09a7
• possibility to fallback to LEGACY:%COMPAT:%UNSAFE_RENEGOTIATION 57a1fd65
• support for nasl snmp getnext (#1047) 0bbf0470
• Warning on nasl_send when UDP payload may too large and get_mtu e64e5f6d
• Extend nasl_ssh_shell_read() (#964) be5a0af8
• Add nasl function nasl_send_arp_request(). (#939) d1a7c6bf
• wait for notus to finish (#917) 4abc01f7
• Add function to get the local mac address (#922) b85698bd
• Notus integration (#903) 5343d87b
• Add nasl functions for checking ssl/tls secure renegotiation and performing re-handshake. (#889) 641ab331

Removed

• wincmd (winexe) dependency (#1074) 1c4bcf7b
• remove MD5 support from feed integrity check (#1059) 893c2b2e

Changed

• smb_gmac_aes_signature add IV d1fd8807
• encrypt functin can also decrypt 66d59377
• extend nasl_wmi_connect*() functions. (#1073) fc0f08b3
• nasl linter error count message (#1060) 46b3c2c1
• Use sha256sum instead of md5 for checks (#1056) d19c7e2e
• consider a malformed regex as a nasl parse error for built-in RE_MATCH and RE_NOMATCH (#1057) 986f2c67
• Check for malloc_trim() support. (#1054) b8d22c4b
• extended the nasl functions ereg(), egrep(), eregmatch(). (#1044) 30915be8
• support error recovery during nasl parsing (#1042) b55ffd58
• remove unnecessary variable in nasl/CMakeLists.txt (#1045) 28724866
• handle Fatal alert during handshake. (#1035) 21680c31
• Don't wrap-up the scan. (#1030) f1e8f208
• key for notus package list a3302f4d
• extend cert_query() nasl function to get the public key algorithm (#995) 9b1925b4
• Only log SSL/TLS failure once per script dfe74735
• Make OPENVAS_ENCAPS_TLSv13 visible for nasl scripts (#914) 315ea401
• Update digest algo OID to string mapping 95e8eef6
• Instead of using g_memdup2 set deprecation for it as warning 824238ac

Bug Fixes

• result len of aes{128,256}gcm{encrypt,decrypt}_auth 0736d6ce
• segmentation fault in md4 calculation (#1135) aa3655e6
• segmentation fault and false positive on empty function body (#1102) 776a0cdf
• smb3kdf buffer a42c77be
• smb3kdf set the correct size 6773b166
• crypt_data set the correct size 24bb5b46
• nasl lint error count a04e2205
• enable notus only if mqtt is enabled (#1095) 329d58b9
• case sensitive linting (#1079) 2481d172
• script_mandatory_keys usage (#1067) 06ce7976
• sigsegv backtrace log (#1048) 72a1981a
• starting notus-scanner after stop-scan (#1031) 0e483c54
• Check 'reader' for NULL before trying to unreference it during cleanup (#997) 0e7d2f3e
• Handle string encoding converison fail (#996) 15f04b48
• Fixing isotime_add and add zero padding for isotime [#919] e7f4daf1
• security check that open is called basedd on previous lstat check 90521724