All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog.
21.10 (unreleased)
- Validate port list to be sent to openvas. #411
- Validate credentials to be sent to openvas. #416
- New Credentials for SSH to get su privileges. #419
- Integrate Sentry. #421
- Add dry run support. Generate 10 fake results per host. #424
- Remove source_iface preferences. #418
- Fix pylint warnings. Remove u prefix for strings, no longer necessary. #495
21.4.1 (unreleased)
- Fix timeout preference handling. #486
- Remove some special handling for Consider Alive alive test. #413
- Add dedicated port list for alive detection (Boreas only) as scanner preference if supplied via OSP. #327
- Add methods for adding VTs to the redis cache. #337
- Add support for supplying alive test methods via separate elements. #331
- Add support CVSSv3 and accept new tags for severity vector, origin, date. #346
- Use better defaults for for ospd-openvas settings #454
- Improved error logging while trying to acquire a lock file #458
20.8.2 - 2021-06-24
- Check for scanner error messages before leaving. #395
- Don't crash with non-ascii chars in openvas.conf. #381
20.8.1 - 2021-02-01
- Add debug level log messages. #373
- Improve logging for unsatisfied vts dependencies. #336
- Do not use busy wait when waiting for the openvas scan process to finish. #360
- The description field of the systemd ospd-openvas.service file was updated. #372
- Improve logging for unexpected data in script_xref tags. #374
- Fix nvticache name for stable version from sources. #317
- Fix stop scan during preferences handling, before spawning OpenVAS. #332
- Fix alive test preferences when a non default method is selected. #334
- Check for empty vts preferences list. #340
- Fix progress calculation when the host count differs from the target string count. #343
- Retry host progress update if the progress is still below 100 percent. #390
20.8.1 (2021-02-01)
- Add debug level log messages. #373
- Improve logging for unsatisfied vts dependencies. #336
- Do not use busy wait when waiting for the openvas scan process to finish. #360
- The description field of the systemd ospd-openvas.service file was updated. #372
- Improve logging for unexpected data in script_xref tags. #374
- Fix nvticache name for stable version from sources. #317
- Fix stop scan during preferences handling, before spawning OpenVAS. #332
- Fix alive test preferences when a non default method is selected. #334
- Check for empty vts preferences list. #340
- Fix progress calculation when the host count differs from the target string count. #343
- Don't crash with non-ascii chars in openvas.conf. #391
20.8.0 (2020-08-12)
- Add solution method to solution of vt object. #131
- Add typing to daemon.py, nvticache.py and db.py. #161#162#163
- Add support for alive test settings. #182
- Add missing scan preferences expand_vhosts and test_empty_vhost. #184
- Set reverse lookup options. #185
- Check if the amount of vts in redis is coherent. #195 #197
- Add support for test_alive_hosts_only feature of openvas. #204
- Use lock file during feed update to avoid corrupted cache. #207
- Add details parameter to get_vt_iterator(). #215
- Add pontos as dev dependency for managing the version information in ospd-openvas #238
- Pass store directory to OSPDaemon init #266
- Add URI field to results for file path or webservice URL #271
- Add element to OSPD_PARAMS entries to indicate visibility for client. #293
- Less strict checks for the nvti cache version #150 #165 #166
- Set self.vts to None if there is a pending feed. #172
- Use the new method clear() from Vts class. #193
- Start server before initialize the vts. #196
- Get vts metadata from redis and reduce stored data in cache. #205
- Update license to AGPL-3.0+ #228
- Replaced pipenv with poetry for dependency management.
poetry install
works a bit different thenpipenv install
. It installs dev packages by default and also ospd in editable mode. This means after running poetry install ospd will directly be importable in the virtual python environment. #235 - Don't send host details and log messages to the client when Boreas is enabled. #252
- Progress bar calculation do not takes in account dead hosts. #252
- Host progress is stored as integer. #256
- Use flock for the feed lock file. #257
- Improvements for fetching results from redis. #282
- Add RW permission to the group on the feed lock file. #300 #301
- Check vt_aux for None before trying to access it. #177
- Fix snmp credentials. #186
- Escape script name before adding the result in an xml entity. #188
- Fix handling of denied hosts. #263
- Fix handling of special chars in credentials. #294
- Fix type and default value of optimize_test preference. #302
- Fix deploy and upload to pypi. #315
- Fix ospd version dependency. #316
- Remove use_mac_addr, vhost_ip and vhost scan preferences. #184
- Handling of finished host for resume task. #252
- Don't release vts explicitly. #261
- Drop handling of network_scan. #265
- Check the vt's preference value for type 'file'. #130.
- Check for malformed credentials. #160.
- Send messages generated by the scannner main process. #171.
- Exit with exit code 1 if it was not possible to connect to redis. #133
- Return None if the scan finished successfully. #137
- Improve redis clean out when stopping a scan. #128
- Improve error handling when creating vts xml elements. #139
- Init the superclass with kwargs. #141
- Avoid ospd-openvas to crash if redis is flushed during vt dictionary creation. #146
1.0.0 (2019-10-11)
This is the first release of the ospd-openvas module for the Greenbone Vulnerability Management (GVM) framework.