Группа :: Other
Пакет: cve-manager
навигация по пакетам
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
15 октября 2018 Alexey Appolonov <alexey at altlinux.org> 0.18.0-alt1
- Names of avalible branches are section names of the conf;
- Each branch now have a set of params;
- Renaming 'paths' section of the conf to 'common';
- Skipping repetition of branch sections in conf;
- There is no cve-import's "--space" param anymore;
- Russian manual.
- Running downloader without 'noreplace' flag in auto mode;
- Fix of the 'cve-monitor --map' command;
- Printing with TPrinter of the libcontrol++.
- Prescribed mapping;
- Detecting 'relative' packages at the import stage
and using information about them as mapping attribute; - Handling FSTEC vulnerabilities within current cve-issues concept;
- cve-monitor is working OK within current cve-issues concept;
- Revised comparison of versions that happens at the issues-detection stage;
- Revised packages-filtering function;
- Removing duplicates of src packages names at import stage
and corresponding bin-packages names, not vice versa; - Not importing CPEs of 'hardware' part;
- Not importing Mitre list by default;
- Common bin package for conf file & common py module;
- Own config file for cve-monitor.
- Versions of vulnerable programs are now taken into account when figuring out
the 'fix' entries of *_issues table; - Ability to compare 'fix' entries of different branches;
- c7.1 and c8.1 branches are avalible for cve-manager;
- Fix of monitoring of the selected packages;
- Only members of the 'cve' group can run modules that modify
the vulnerabilities DB.
- Proper output when running with 'tee' in auto mode;
- Correction in mapping algorithm, including 1) check if there are some
CPE/FSTEC names left to map, 2) additional break condition of the mapping
loop, so there could be no infinite loop, 3) fix of the wrong behavior
emerging for a names that differ only by number at the end, 4) avoidance of
complete match for the duplicates, 5) fix of the RemoveMapDups function; - Ability to disable bin partial match;
- Filtering the package lists with distro list;
- Fix of the import of the last NVD CVE list;
- Working realisation of the 'packs' option of the cve-import;
- No more verbose output option in cve-import;
- cve-import's UI now looks more like UI of the py-modules;
- Introducing refs and const modifier wherever possible for the cve-import.
- Aligning columns for the output of existing issues;
- Ability to omit the download of the old lists;
- Fixing the 'Fixes' entries matching in cve-issues.
- Handling the situation when the DB does not exist (by all modules).
- Ability to choose mapping type (FSTEC or CPE by now);
- Reducing bin packages dict before mapping if '--packages' option is used
(similar to src list reduction).
- Correction of the cve-fixes module;
- Checking DB-users grp existence before creating it at the postinstall stage.
- Fix of the 'plain' output mode.
- Ability to state beginning and ending steps for auto mode;
- Ability to state custom '/space' path;
- Ability to retrieve 'Fixes' entries for the given packages names;
- NVD CVE lists import fix;
- cpe-map infinite loop fix that was possible with some input data;
- Improved logic for the cve-monitor's user interface.
- Correction of params for cve-issues in auto mode.
- Ability to set starting step for auto mode in main module;
- Usage examples for cve-download;
- Arguments handling fix in cve-issues;
- Only root can modify cve-manager.conf.
- New module cve-backup;
- Ability to prepare database in auto mode.
- Full integration of the FSTEC vulnerabilities list;
- Bin packages matching fix;
- Ability to use custom mapping application;
- Memory leakage fix.
- New module cve-download.py
- "Fixes" entries now stored in *_src tables;
- Importing bin lists;
- Enhanced mapping algorithm;
- Unescaping URL codes from CPE in cve-import;
- More flexibility in cve-import tables recreation;
- Ability to disable entireline output in cve-import;
- Catching run modes with cve-manager-common.py;
- Using argparse in majority of modules;
- cve-fixes new features;
- Monitoring CVE issues table and monitoring CVE descriptions for the packages;
- Single path for CVE lists and CPE dict import that specified
in configuration file.
- Improved output format;
- CPE dict names import with sections separation;
- Fixed and improved mapping algorithm;
- Fixes-extraction parts completely removed from cve-import;
- Working version of cve-linker module under new name "cve-issues.py";
- New cve-monitor functionality;
- Various fixes and improvements in py-modules.
- New cve-manager-common.py features and improvements;
- New module cve-linker.py;
- New module cve-fixes.py;
- Fixes tables structure changed;
- Error handling correction when applying configuration for cve-import module.
- Taking CPE name from "name" attribute of the "cpe-item" tag,
not from "cpe-23:cpe23-item" tag; - CPE dictionary can be imported directly, without creating CSV file,
just like NVD XML can be; - New cve-manager-common.py functionality;
- Sending cpe-packages map to the database;
- Monitoring mapped packages.
- CPE dictionary import;
- New cve-manager-common.py module with common functions and classes
used by other cve-manager py-modules; - cve-monitor rewritten with the use of cve-manager-common.py;
- CPE mapper (cpe-map.py) first draft;
- Changes in cve-manager.py debug mode.
- New version of main module written in Python;
- New module "cve-monitor";
- Minor fixes.
- common* and conf* files was removed from the project because
they are included in dynamically linked libcontrol++.
- What previously known as "cve-manager" now became
"cve-import" module of the cve-manager toolkit
with "cve-manager" script as top level module.
- Fixing usage of branches flags from configuration file;
- Changes in display output for the operations status.
- Chmod of configuration file (only system administrator
should know MySQL DB password); - MySQL authentication bug fixed;
- Handling the situation when packages lists can not be found;
- Removing formed CSV file with NVD CVE list right after import to DB.
- Initial release.