openvas-libraries 4.0.3 (2011-03-03)
This is the third maintenance release of the openvas-libraries 4.0 module for
the Open Vulnerability Assessment System (OpenVAS).
This release fixes a bug which lead to an incorrect dependency resolution when
scheduling NVTs due to considering only the first dependency. It also fixes an
issue which caused WMI requests to fail.
Many thanks to everyone who has contributed this release:
Chandrashekhar B and Michael Wiegand.
Main changes compared to 4.0.2:
* A bug which caused only the first NVT dependency to be considered has been fixed.
* A bug which caused WMI connects to fail has been fixed.
openvas-libraries 4.0.2 (2011-02-23)
This is the second maintenance release of the openvas-libraries 4.0 module for
the Open Vulnerability Assessment System (OpenVAS).
This release ensures that a file required by OpenVAS Manager and OpenVAS Client
to build credential packages for Local Security Checks (LSCs) is installed
properly. Releases >= 4.0+rc3 failed to install this file.
Many thanks to everyone who has contributed this release:
Michael Wiegand and Felix Wolfsteller.
Main changes compared to 4.0.1:
* The LSC RPM creator support script is now installed correctly.
openvas-libraries 4.0.1 (2011-02-21)
This is the first maintenance release of the openvas-libraries 4.0 module for
the Open Vulnerability Assessment System (OpenVAS).
This release features improvements to the build environment, fixes an issue with
IPv6 support on older systems and makes the check for administrative privileges
more strict.
Many thanks to everyone who has contributed this release:
Chandrashekhar B, Matthew Mundell and Michael Wiegand.
Main changes compared to 4.0.0:
* The build environment has been consolidated.
* A bug which could cause a segmentation fault when using IPv6 under certain
circumstances has been fixed.
* The check for administrative user privileges has been made more strict.
openvas-libraries 4.0.0 (2011-02-03)
This is the first release of the openvas-libraries 4.0 module for the Open
Vulnerability Assessment System (OpenVAS). Compared to the previous major
release it contains a major cleanup of code, build process and installation.
This increases the efficiency of the OpenVAS Libraries, makes the build easier
for and the installation compliant with the Filesystem Hierarchy Standard (FHS
2.3).
Feature wise this release adds support for a network scan level, improves
support for remote LDAP authentication, adds support for the extended OMP 2.0
protocol and introduced numerous other features request from the OpenVAS user
community.
Many thanks to everyone who has contributed to the 4.0.0 release:
Stephan Kleine, Sooraj KS, Christian Kuersteiner, Matthew Mundell, Michael
Wiegand, Jan-Oliver Wagner and Felix Wolfsteller.
Main changes compared to 3.1.x:
* NVT meta data management has been improved, resulting in a smaller memory
footprint of the scanner.
* Network level scan support. For example a initial port scan across a whole
network segment is possible now.
* Improved and fixed remote LDAP authentication which allows to manage
OpenVAS users in a central LDAP service.
* Former binary ".nes" NVTs "find_service", "openvas_tcp_scanner"
and "synscan" are now built-in NASL methods.
* Superfluous log messages regarding file uploads have been removed.
* Further code analysis has resulted in a number of fixes to the code and the
build environment in an effort to make the code even more secure and
compatible across a wider range of platforms.
* The former autotools build environment has been replaces with a build process
using cmake and using pkgconfig for dependency checks.
Main changes compared to last release candidate 4.0+rc4:
* Setting file handling has been updated to match changes in openvas-scanner.
* Support for pkg-config has been (re-)introduced.
* File locations have been adjusted to conform to the Filesystem Hierarchy
Standard.
openvas-libraries 4.0+rc4 (2011-01-26)
This release is the fourth release candidate for the next major release of the
OpenVAS Libraries module. It will be part of the upcoming "OpenVAS 4".
It features a number of fixes to the build environment and updated
documentation.
Many thanks to everyone who has contributed to this release:
Stephan Kleine, Christian Kuersteiner, Michael Wiegand, Jan-Oliver Wagner and
Felix Wolfsteller.
Main changes compared to 4.0+rc3:
* The build environment has fixed in a number of places to restore expected
behaviour after the move to cmake.
* The documentation has been updated to match the changes in the build
environment.
openvas-libraries 4.0+rc3 (2011-01-20)
This release is the third release candidate for the next major release of
Libraries module. It will be part of the upcoming "OpenVAS 4".
It features a complete exchange of the build process which now
is cmake-based. Also, numerous code elements were removed
of which it was unclear whether they have still practical relevance.
Many thanks to everyone who has contributed to this release:
Matthew Mundell, Michael Wiegand, Jan-Oliver Wagner and Felix Wolfsteller.
Main changes compared to 4.0+rc2:
* Improved and fixed remote LDAP authentication.
* Former binary ".nes" NVTs "find_service", "openvas_tcp_scanner"
and "synscan" are now built-in NASL methods.
* Any autotools-related build environment was removed.
* At top-level a cmake-based build environment was introduced.
* libopenvas_omp: Activated escaping of characters so that
special characters can more save be allowed for some OMP commands.
* example_auth.conf was updated with more sensible values.
* Bug fix on Credential creation.
* this package now initially creates required directories in the
installation directory (if not present). This was done by other
modules previously (mostly openvas-scanner)
* Many old code paths for certain operting system environments
have been removed. Most likely, HPUX, Solaris and similar
won't compile this code anymore.
openvas-libraries 4.0+rc2 (2011-01-10)
This release is the second release candidate for the next major release of
openvas-libraries. It will be part of the upcoming "OpenVAS 4".
It features a more robust user creation process and address further compiler
warnings.
Many thanks to everyone who has contributed to this release:
Matthew Mundell, Michael Wiegand and Felix Wolfsteller.
Main changes compared to 4.0+rc1:
* The user creation process has been made more robust.
* More compiler warnings have been addressed.
openvas-libraries 4.0+rc1 (2010-12-20)
This release is the first release candidate for the next major release of
openvas-libraries. It will be part of the upcoming "OpenVAS 4".
It features updated documentation, addresses a number of compiler warning and
fixes an incorrect warning in setuid environments.
Many thanks to everyone who has contributed to this release:
Jan-Oliver Wagner and Michael Wiegand.
Main changes compared to 4.0+beta2:
* The documentation in the INSTALL_README file has been updated.
* A number of compiler warnings by gcc 4.4 has been addressed.
* A incorrect error message during user creation that only occurred in setuid
environments has been removed.
openvas-libraries 4.0+beta2 (2010-12-01)
This release is the second beta version of the next major release of
openvas-libraries. It will be part of the upcoming "OpenVAS 4".
It features improved handling of finished GnuTLS session, more consistent NASL
functions for SMB and WMI connections and a number of fixes to the code and the
build environment in an effort to make the code even more secure and more
compatible.
Many thanks to everyone who has contributed to this release:
Sooraj KS, Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand.
Main changes compared to 4.0+beta1:
* Further code analysis has resulted in a number of fixes to the code and the
build environment in an effort to make the code even more secure and
compatible across a wider range of platforms.
* The arguments for the NASL functions for WMI and SMB connections have been
made more consistent.
* The handling of finished GnuTLS sessions has been improved, eliminating
superfluous log messages.
openvas-libraries 4.0+beta1 (2010-11-18)
This release is the first beta version of the next major release
of openvas-libraries. It will be part of the upcoming "OpenVAS 4".
Main new feature and other changes of 4.0 compared to 3.1 include:
Support of a network scan level, reduced memory consumption,
cleanup and reduction of code base and support of upcoming protocol
OMP 2.0.
Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand.
Main changes compared to 3.1.3:
* Network level scan support.
* The code for providing OMP functionality has been cleaned up.
* Further code cleanup has lead to the removal of more than 3,500 lines of
unused code.
* A bug which tried to free memory that was not allocated before under some
circumstances has been fixed.
* Superfluous log messages regarding file uploads have been removed.
* NVT meta data management has been improved, resulting in a smaller memory
footprint of the scanner.
* The install path for header files has been made more consistent.
openvas-libraries 3.1.3 (2010-09-10)
This is the 3.1.3 release of the openvas-libraries module for the Open
Vulnerability Assessment System (OpenVAS).
It fixes primarily a significant memory leak that will
improve high load performance by about 40%.
This release is recommended for anyone using OpenVAS
for large scans to improve performance.
Many thanks to everyone who has contributed to this release:
Chandrashekhar B, Matthew Mundell, Thomas Reinke
(the memory leak fixes), Michael Wiegand.
Main changes compared to 3.1.1:
* Significant memory leaks are closed.
* Bug fix for handling shared file descriptors that now
prevents unnecessary use of new file descriptors under
certain circumstances.
* Little fix in the nasl wmi api.
openvas-libraries 3.1.2 (2010-08-04)
This is the 3.1.2 release of the openvas-libraries module for the Open
Vulnerability Assessment System (OpenVAS).
It fixes a build issue that was discovered after the release of
openvas-libraries 3.1.1.
Many thanks to everyone who has contributed to this release:
Michael Wiegand.
Main changes compared to 3.1.1:
* A bug in the WMI interface stub which caused the build to fail when configured
without WMI has been fixed.
openvas-libraries 3.1.1 (2010-08-03)
This is the 3.1.1 release of the openvas-libraries module for the Open
Vulnerability Assessment System (OpenVAS).
It clarifies a number of licensing issues, updates the WMI infrastructure and
documentation and adds cross compile support for mingw32 to
openvas-libraries/base.
Many thanks to everyone who has contributed to this release:
Raimund Renkert, Jan-Oliver Wagner and Michael Wiegand.
Main changes compared to 3.1.0:
* Cross compile support for mingw32 has been added to openvas-libraries/base.
* Missing copyright and license information has been added to a number of files.
* The COPYING file has been updated to better indicate the licenses of
individual files and the full text for all licenses has been added.
* The WMI infrastructure has been updated to match necessary changes in the API
of the WMI patch.
* The documentation on using WMI in openvas-libraries has been updated.
openvas-libraries 3.1.0 (2010-07-14)
This is the 3.1.0 release of the openvas-libraries module for the Open
Vulnerability Assessment System (OpenVAS).
It adds a number of new features, for example support for NTLMSSP, for LDAP
authentication, for preference file uploads to memory, for logging messages to
syslog and for scanning virtual web hosts.
Many thanks to everyone who has contributed to this release:
Tim Brown, Geoff Galitz, Stephan Kleine, Goran Licina, Michael Meyer, Matthew
Mundell, Raimund Renkert, Preeti Subramanian, Jan-Oliver Wagner, Michael Wiegand
and Felix Wolfsteller.
Main changes compared to 3.0.5:
* Code cleanup: Code from openvas-administrator and openvas-manager which could
be more appropriately placed in openvas-libraries has been moved here.
* Initial support for LDAP authentication has been added.
* IPv6 support has been improved.
* Support for building parts of openvas-libraries on Windows has been added.
* Support for reading preference file uploads from memory instead of from disk
has been added.
* Support for NTLMSSP has been added.
* Authentication mechanism extended to support LDAP and ADS.
* An issue which caused SSH logins with RSA keys on remote systems to fail under
certain circumstances has been fixed.
* Support for logging to syslog has been added.
* Support for scanning virtual web hosts has been added.
openvas-libraries 3.1.0.rc3 (2010-07-01)
This is the third release candidate of the openvas-libraries module for the
Open Vulnerability Assessment System (OpenVAS) 3.1 series.
It fixes a build issue Gentoo GNU/Linux systems, addresses a compiler warning in
the NTLMSSP code and ensure the most recent releases of openvas-client,
openvas-cli and openvas-manager build with openvas-libraries 3.1.0.
Many thanks to everyone who has contributed to this release:
Preeti Subramanian and Michael Wiegand.
Main changes compared to 3.1.0.rc2:
* An issue which caused the build to fail on Gentoo GNU/Linux systems has been
fixed.
* An issue which caused openvas-client, openvas-cli and openvas-manager to fail
to build with openvas-libraries has been fixed.
openvas-libraries 3.1.0.rc2 (2010-06-28)
This is the second release candidate of the openvas-libraries module for the
Open Vulnerability Assessment System (OpenVAS) 3.1 series.
It extends the authentication mechanism to support LDAP and ADS and introduces
support for logging messages to syslog and scanning virtual web hosts.
Many thanks to everyone who has contributed to this release:
Tim Brown, Goran Licina, Matthew Mundell, Raimund Renkert, Preeti Subramanian,
Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.
Main changes compared to 3.1.0.rc1:
* QA: A number of compiler warnings have been addressed.
* Authentication mechanism extended to support LDAP and ADS.
* An issue which caused SSH logins with RSA keys on remote systems to fail under
certain circumstances has been fixed.
* A bug which caused segmentation faults when using NTLMSSP authentication in
openvas-libraries built with WMI supports has been fixed.
* Support for logging to syslog has been added.
* Support for scanning virtual web hosts has been added.
openvas-libraries 3.1.0.rc1 (2010-05-19)
This is the first release candidate of the openvas-libraries module for the
Open Vulnerability Assessment System (OpenVAS) 3.1 series.
It adds support for NTLMSSP, for LDAP authentication, for preference file
uploads to memory and for building some parts of openvas-libraries on Windows.
Many thanks to everyone who has contributed to this release:
Geoff Galitz, Stephan Kleine, Michael Meyer, Matthew Mundell, Raimund Renkert,
Preeti Subramanian, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.
Main changes compared to 3.0.5:
* Code cleanup: Code from openvas-administrator and openvas-manager which could
be more appropriately placed in openvas-libraries has been moved here.
* Initial support for LDAP authentication has been added.
* A bug which caused WMI support to be disabled in the standalone NASL
interpreter has been fixed.
* IPv6 support has been improved.
* Support for building parts of openvas-libraries on Windows has been added.
* Support for reading preference file uploads from memory instead of from disk
has been added.
* Support for NTLMSSP has been added.
openvas-libraries 3.0.5 (2010-04-13)
This is the fifth maintenance release of the openvas-libraries module for the
Open Vulnerability Assessment System (OpenVAS) 3.0 series.
It contains support for resuming tasks, improved packet forgery support for IPv6
environments and a reworked internal build infrastructure.
Many thanks to everyone who has contributed to this release:
Tim Brown, Stephan Kleine, Vlatko Kosturjak, Matthew Mundell, Mareike
Piechowiak, Preeti Subramanian, Jan-Oliver Wagner, Michael Wiegand and Felix
Wolfsteller.
Main changes compared to 3.0.4:
* The build infrastructure for the hg and misc modules has been switch to CMake
from autoconf.
* Support for resuming tasks has been added to OMP.
* Packet forgery support for IPv6 has been improved.
* A build issue on Mandriva has been fixed.
openvas-libraries 3.0.4 (2010-03-03)
This is the fourth maintenance release of the openvas-libraries module for the
Open Vulnerability Assessment System (OpenVAS) 3.0 series.
It fixes several build issues, adds support for Windows registry hives and for
using parts of openvas-libraries with C++.
Many thanks to everyone who has contributed to this release:
Chandrashekhar B, Stephan Kleine, Matthew Mundell, Jan-Oliver Wagner, Michael
Wiegand and Felix Wolfsteller.
Main changes compared to 3.0.3:
* Several build issues on Mandriva have been fixed.
* Support for using openvas-libraries in C++ code has been introduced for some
OMP libraries.
* The openvas-nasl standalone NASL interpreter is now linked dynamically.
* A bug which caused some GnuTLS error messages to be printed to stderr instead
of to the logs had been fix.
* Support for registry hives has been added to the WMI registry functions.
* Support for detecting libraries in non-standard locations during the
configuration process has been added.
* Support for multiple levels of subdirectories in the NVT directory has been
improved.
openvas-libraries 3.0.3 (2010-02-04)
This is the third maintenance release of the openvas-libraries module for the
Open Vulnerability Assessment System (OpenVAS) 3.0 series.
It improves support for OMP parsing, adds initial support for dropping
privileges, and adds new crypto functions and support for SMB NTLMv1 and NTLMv2.
Many thanks to everyone who has contributed to this release:
Chandrashekhar B, Tim Brown, Matthew Mundell, Michael Wiegand and Felix
Wolfsteller.
Main changes compared to 3.0.2:
* Initial support for dropping privileges.
* New crypto functions and support for SMB NTLMv1 and NTLMv2.
openvas-libraries 3.0.2 (2010-01-19)
This is the second maintenance release of the openvas-libraries module for the
Open Vulnerability Assessment System (OpenVAS) 3.0 series.
It adds support for modifying the scanner configuration file through API calls,
for example for use in the openvas-administrator.
Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.
Main changes compared to 3.0.1:
* Support for modifying scanner configuration files has been added.
* The API for retrieving settings has been improved.
openvas-libraries 3.0.1 (2010-01-11)
This is the first maintenance release of the openvas-libraries module for the
Open Vulnerability Assessment System (OpenVAS) 3.0 series.
It contains an update to the OMP API and solves an issue that raised the version
dependency on GnuTLS unnecessarily.
Many thanks to everyone who has contributed to this release:
Matthew Mundell, Michael Wiegand and Felix Wolfsteller
Main changes compared to 3.0.0:
* The OMP API has been updated.
* An unnecessary GnuTLS call has been removed.
* Minor code cleanups.
openvas-libraries 3.0.0 (2009-12-18)
This is the 3.0.0 release of the openvas-libraries module for the Open
Vulnerability Assessment System (OpenVAS). It introduces a significantly
improved and changed source code architecture and therefore introduces a
new API for the other OpenVAS components.
OpenVAS 3.0 introduces a new architecture where openvas-libraries now
includes openvas-libnasl as well as redundant code from openvas-client.
Also, openvas-server is renamed to openvas-scanner and includes any
platform-dependent elements of openvas-plugins. As a result of this, the
source code line count has been reduced even though new features have
been added. Also, for running the scanner now only 2 modules are
required (instead of 4 as for OpenVAS 2.0).
New features of OpenVAS include support for IPv6 and WMI-Clients.
Version 3.0 also supports the new OpenVAS Manager and OpenVAS
Administrator as optional extensions. This combination leverages the
vulnerability scanner to a comprehensive vulnerability management
solution.
Many thanks to everyone who has contributed to the 3.0.0 release:
Chandrashekhar B, Marcus Brinkmann, Tim Brown, Vlatko Kosturjak, Michael
Meyer, Matthew Mundell, Laban Mwangi, Srinivasa NL, Jan Wagner,
Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.
Main changes compared to 2.0.x:
* IPv6 support
* WMI-Client support (optional)
* Integration of openvas-libnasl
* New library "base"
* New library "omp"
* Former libopenvas renamed to libopenvas_misc
* New NVT cache implementation to overcome limitations
* Several files from openvas-client integrated
* Use of "cmake" to build base, omp and nasl
* glib dependency raised from 2.6 to 2.12
Main changes compared to 3.0.0-rc1:
* A small number of potential resource leaks have been fixed.
* IPv6 support has been improved.
* Initial support for reading configuration files in the keyfile format
has been added.
openvas-libraries 3.0.0-rc1 (2009-12-07)
This release is the first release candidate of openvas-libraries
leading up to the upcoming 3.0 release of OpenVAS.
It introduces a significantly improved and changed source
code architecture and therefore introduces a new API for the
other OpenVAS components.
OpenVAS 3.0 will introduce a new architecture where openvas-libraries
now includes openvas-libnasl as well as redundant code from openvas-client
and where openvas-server is renamed to openvas-scanner and includes any
platform-dependent elements of openvas-plugins. As a result of this,
the source code will shrink, though new features will be added. Also,
for running the scanner now only 2 modules are required (instead of 4
as for OpenVAS 2.0).
New features of OpenVAS include support for IPv6 and WMI-Clients.
Version 3.0 prepares the new OpenVAS Manager and OpenVAS Administrator
as optional extension. This combination leverages the vulnerability
scanner to a comprehensive vulnerability management solution.
The "release candidate" releases are intended to allow testing of the upcoming
3.0 series. It should be kept separate from OpenVAS 2.0 installations
and not be used in a production environment.
Unless serious bugs are discovered, this release candidate will become the final
OpenVAS 3.0 release. Users are encouraged to test this release and to report
bugs to the OpenVAS bug tracker located at http://bugs.openvas.org/ .
Many thanks to everyone who has contributed to the 3.0.0 release:
Chandrashekhar B, Marcus Brinkmann, Tim Brown, Vlatko Kosturjak, Michael Meyer,
Matthew Mundell, Laban Mwangi, Srinivasa NL, Jan Wagner, Jan-Oliver Wagner,
Michael Wiegand and Felix Wolfsteller.
Main changes compared to 2.0.x:
* IPv6 support
* WMI-Client support
* Integration of openvas-libnasl
* New library "base"
* New library "omp"
* Former libopenvas renamed to libopenvas_misc
* New NVT cache implementation to overcome limitations
* Several files from openvas-client integrated
* Use of "cmake" to build base, omp and nasl
* glib dependency raised from 2.6 to 2.12
* Minimum cmake version raised from 2.4 to 2.6
Main changes compared to 3.0.0-beta7:
* A number of build issues on openSUSE 11.2 has been fixed.
* 64 bit compatibility has been improved. (Fixes: #1194, #1196)
* Temporary files created by NVTs are now correctly placed in the system
directory for temporary file (i.e. /tmp). (Fixes: #1170)
* The standalone NASL interpreter now supports relative paths. (Fixes: #1101).
openvas-libraries 3.0.0-beta7 (2009-11-23)
This release is the seventh beta version of openvas-libraries
leading up to the upcoming 3.0 release of OpenVAS.
It introduces a significantly improved and changed source
code architecture and therefore introduces a new API for the
other OpenVAS components.
OpenVAS 3.0 will introduce a new architecture where openvas-libraries
now includes openvas-libnasl as well as redundant code from openvas-client
and where openvas-server is renamed to openvas-scanner and includes any
platform-dependent elements of openvas-plugins. As a result of this,
the source code will shrink, though new features will be added. Also,
for running the scanner now only 2 modules are required (instead of 4
as for OpenVAS 2.0).
New features of OpenVAS include support for IPv6 and WMI-Clients.
Version 3.0 prepares the new OpenVAS Manager and OpenVAS Administrator
as optional extension. This combination leverages the vulnerability
scanner to a comprehensive vulnerability management solution.
The "beta" releases are intended to allow testing of the upcoming
3.0 series. It should be kept separate from OpenVAS 2.0 installations
and not be used in a production environment.
Many thanks to everyone who has contributed to the 3.0.0 release:
Chandrashekhar B, Marcus Brinkmann, Tim Brown, Vlatko Kosturjak, Michael Meyer,
Matthew Mundell, Laban Mwangi, Srinivasa NL, Jan Wagner, Jan-Oliver Wagner,
Michael Wiegand and Felix Wolfsteller.
Main changes compared to 2.0.x:
* IPv6 support
* WMI-Client support
* Integration of openvas-libnasl
* New library "base"
* New library "omp"
* Former libopenvas renamed to libopenvas_misc
* New NVT cache implementation to overcome limitations
* Several files from openvas-client integrated
* Use of "cmake" to build base, omp and nasl
* glib dependency raised from 2.6 to 2.12
Main changes compared to 3.0.0-beta6:
* IPv6 support has been improved.
openvas-libraries 3.0.0-beta6 (2009-11-09)
This release is the sixth beta version of openvas-libraries
leading up to the upcoming 3.0 release of OpenVAS.
It introduces a significantly improved and changed source
code architecture and therefore introduces a new API for the
other OpenVAS components.
OpenVAS 3.0 will introduce a new architecture where openvas-libraries
now includes openvas-libnasl as well as redundant code from openvas-client
and where openvas-server is renamed to openvas-scanner and includes any
platform-dependent elements of openvas-plugins. As a result of this,
the source code will shrink, though new features will be added. Also,
for running the scanner now only 2 modules are required (instead of 4
as for OpenVAS 2.0).
New features of OpenVAS include support for IPv6 and WMI-Clients.
Version 3.0 prepares the new OpenVAS Manager and OpenVAS Administrator
as optional extension. This combination leverages the vulnerability
scanner to a comprehensive vulnerability management solution.
The "beta" releases are intended to allow testing of the upcoming
3.0 series. It should be kept separate from OpenVAS 2.0 installations
and not be used in a production environment.
Many thanks to everyone who has contributed to the 3.0.0 release:
Chandrashekhar B, Marcus Brinkmann, Tim Brown, Vlatko Kosturjak, Michael Meyer,
Matthew Mundell, Laban Mwangi, Srinivasa NL, Jan Wagner, Jan-Oliver Wagner,
Michael Wiegand and Felix Wolfsteller.
Main changes compared to 2.0.x:
* IPv6 support
* WMI-Client support
* Integration of openvas-libnasl
* New library "base"
* New library "omp"
* Former libopenvas renamed to libopenvas_misc
* New NVT cache implementation to overcome limitations
* Several files from openvas-client integrated
* Use of "cmake" to build base, omp and nasl
* glib dependency raised from 2.6 to 2.12
Main changes compared to 3.0.0-beta5:
* XML parsing has been made more robust.
openvas-libraries 3.0.0-beta5 (2009-10-26)
This release is the fifth beta version of openvas-libraries
leading up to the upcoming 3.0 release of OpenVAS.
It introduces a significantly improved and changed source
code architecture and therefore introduces a new API for the
other OpenVAS components.
OpenVAS 3.0 will introduce a new architecture where openvas-libraries
now includes openvas-libnasl as well as redundant code from openvas-client
and where openvas-server is renamed to openvas-scanner and includes any
platform-dependent elements of openvas-plugins. As a result of this,
the source code will shrink, though new features will be added. Also,
for running the scanner now only 2 modules are required (instead of 4
as for OpenVAS 2.0).
New features of OpenVAS include support for IPv6 and WMI-Clients.
Version 3.0 prepares the new OpenVAS Manager and OpenVAS Administrator
as optional extension. This combination leverages the vulnerability
scanner to a comprehensive vulnerability management solution.
The "beta" releases are intended to allow testing of the upcoming
3.0 series. It should be kept separate from OpenVAS 2.0 installations
and not be used in a production environment.
Many thanks to everyone who has contributed to the 3.0.0 release:
Chandrashekhar B, Marcus Brinkmann, Tim Brown, Vlatko Kosturjak, Michael Meyer,
Matthew Mundell, Laban Mwangi, Srinivasa NL, Jan Wagner, Jan-Oliver Wagner,
Michael Wiegand and Felix Wolfsteller.
Main changes compared to 2.0.x:
* IPv6 support
* WMI-Client support
* Integration of openvas-libnasl
* New library "base"
* New library "omp"
* Former libopenvas renamed to libopenvas_misc
* New NVT cache implementation to overcome limitations
* Several files from openvas-client integrated
* Use of "cmake" to build base, omp and nasl
* glib dependency raised from 2.6 to 2.12
Main changes compared to 3.0.0-beta4:
* Support for pidfile handling has been added.
* Support for LSC RPM creation has been added.
* API improvements.
* Code cleanup and internal reorganisation.
openvas-libraries 3.0.0-beta4 (2009-10-19)
This release is the fourth beta version of openvas-libraries
leading up to the upcoming 3.0 release of OpenVAS.
It introduces a significantly improved and changed source
code architecture and therefore introduces a new API for the
other OpenVAS components.
OpenVAS 3.0 will introduce a new architecture where openvas-libraries
now includes openvas-libnasl as well as redundant code from openvas-client
and where openvas-server is renamed to openvas-scanner and includes any
platform-dependent elements of openvas-plugins. As a result of this,
the source code will shrink, though new features will be added. Also,
for running the scanner now only 2 modules are required (instead of 4
as for OpenVAS 2.0).
New features of OpenVAS include support for IPv6 and WMI-Clients.
Version 3.0 prepares the new OpenVAS Manager and OpenVAS Administrator
as optional extension. This combination leverages the vulnerability
scanner to a comprehensive vulnerability management solution.
The "beta" releases are intended to allow testing of the upcoming
3.0 series. It should be kept separate from OpenVAS 2.0 installations
and not be used in a production environment.
Many thanks to everyone who has contributed to the 3.0.0 release:
Chandrashekhar B, Marcus Brinkmann, Tim Brown, Vlatko Kosturjak, Michael Meyer,
Matthew Mundell, Laban Mwangi, Srinivasa NL, Jan Wagner, Jan-Oliver Wagner,
Michael Wiegand and Felix Wolfsteller.
Main changes compared to 2.0.x:
* IPv6 support
* WMI-Client support
* Integration of openvas-libnasl
* New library "base"
* New library "omp"
* Former libopenvas renamed to libopenvas_misc
* New NVT cache implementation to overcome limitations
* Several files from openvas-client integrated
* Use of "cmake" to build base, omp and nasl
* glib dependency raised from 2.6 to 2.12
Main changes compared to 3.0.0-beta3:
* A number of resource and memory leaks have been identified and fixed.
* Signature verification works again.
* Command line options for the standalone NASL interpreter have been updated.
* API improvements.
openvas-libraries 3.0.0-beta3 (2009-10-06)
This release is the third beta version of openvas-libraries
leading up to the upcoming 3.0 release of OpenVAS.
It introduces a significantly improved and changed source
code architecture and therefore introduces a new API for the
other OpenVAS components.
OpenVAS 3.0 will introduce a new architecture where openvas-libraries
now includes openvas-libnasl as well as redundant code from openvas-client
and where openvas-server is renamed to openvas-scanner and includes any
platform-dependent elements of openvas-plugins. As a result of this,
the source code will shrink, though new features will be added. Also,
for running the scanner now only 2 modules are required (instead of 4
as for OpenVAS 2.0).
New features of OpenVAS include support for IPv6 and WMI-Clients.
Version 3.0 prepares the new OpenVAS Manager and OpenVAS Administrator
as optional extension. This combination leverages the vulnerability
scanner to a comprehensive vulnerability management solution.
The "beta" releases are intended to allow testing of the upcoming
3.0 series. It should be kept separate from OpenVAS 2.0 installations
and not be used in a production environment.
Many thanks to everyone who has contributed to the 3.0.0 release:
Chandrashekhar B, Marcus Brinkmann, Tim Brown, Vlatko Kosturjak, Michael Meyer,
Matthew Mundell, Laban Mwangi, Srinivasa NL, Jan Wagner, Jan-Oliver Wagner,
Michael Wiegand and Felix Wolfsteller.
Main changes compared to 2.0.x:
* IPv6 support
* WMI-Client support
* Integration of openvas-libnasl
* New library "base"
* New library "omp"
* Former libopenvas renamed to libopenvas_misc
* New NVT cache implementation to overcome limitations
* Several files from openvas-client integrated
* Use of "cmake" to build base, omp and nasl
* glib dependency raised from 2.6 to 2.12
Main changes compared to 3.0.0-beta2:
* Minimum cmake version raised from 2.4 to 2.6
* Internal library reorganisation
* Proctitle now contains the correct binary name for openvas-scanner
* Configured values for the local state directory and for the system
configuration directory are now honoured correctly during build time
openvas-libraries 3.0.0-beta2 (2009-09-28)
This release is the second beta version of openvas-libraries
leading up to the upcoming 3.0 release of OpenVAS.
It introduces a significantly improved and changed source
code architecture and therefore introduces a new API for the
other OpenVAS components.
OpenVAS 3.0 will introduce a new architecture where openvas-libraries
now includes openvas-libnasl as well as redundant code from openvas-client
and where openvas-server is renamed to openvas-scanner and includes any
platform-dependent elements of openvas-plugins. As a result of this,
the source code will shrink, though new features will be added. Also,
for running the scanner now only 2 modules are required (instead of 4
as for OpenVAS 2.0).
New features of OpenVAS include support for IPv6 and WMI-Clients.
Version 3.0 prepares the new OpenVAS Manager and OpenVAS Administrator
as optional extension. This combination leverages the vulnerability
scanner to a comprehensive vulnerability management solution.
The "beta" releases are intented to allow testing of the upcoming
3.0 series. It should be kept separate from OpenVAS 2.0 installations
and not be used in a production environment.
Many thanks to everyone who has contributed to the 3.0.0 release:
Chandrashekhar B, Marcus Brinkmann, Tim Brown, Vlatko Kosturjak, Michael Meyer,
Matthew Mundell, Laban Mwangi, Srinivasa NL, Jan Wagner, Jan-Oliver Wagner,
Michael Wiegand and Felix Wolfsteller.
Main changes compared to 2.0.x:
* IPv6 support
* WMI-Client support
* Integration of openvas-libnasl
* New library "base"
* New library "omp"
* Former libopenvas renamed to libopenvas_misc
* New NVT cache implementation to overcome limitations
* Several files from openvas-client integrated
* Use of "cmake" to build base, omp and nasl
* glib dependency raised from 2.6 to 2.12
Main changes compared to 3.0.0-beta1:
* Removed any packaging files as they are kept separately.
* Extended and cleaned up API (especially "include"'s)
* Consistent name scheme for libraries (libopenvas_XXX) where
XXX is base, omp, misc, hg and nasl.
* New structure of installed header files (subdirectory for
each library, except for misc)
* Fixed and improved build system (e.g. correct use of DESTDIR)
openvas-libraries 3.0.0-beta1 (2009-09-22)
This release is the first beta version of openvas-libraries
leading up to the upcoming 3.0 release of OpenVAS.
It introduces a significantly improved and changed source
code architecture and therefore introduces a new API for the
other OpenVAS components.
OpenVAS 3.0 will introduce a new architecture where openvas-libraries
now includes openvas-libnasl as well as redundant code from openvas-client
and where openvas-server is renamed to openvas-scanner and includes any
platform-dependent elements of openvas-plugins. As a result of this,
the source code will shrink, though new features will be added. Also,
for running the scanner now only 2 modules are required (instead of 4
as for OpenVAS 2.0).
New features of OpenVAS include support for IPv6 and WMI-Clients.
Version 3.0 prepares the new OpenVAS Manager and OpenVAS Administrator
as optional extension. This combination leverages the vulnerability
scanner to a comprehensive vulnerability management solution.
The "beta" releases are intented to allow testing of the upcoming
3.0 series. It should be kept separate from OpenVAS 2.0 installations
and not be used in a production environment.
Many thanks to everyone who has contributed to this release:
Chandrashekhar B, Marcus Brinkmann, Tim Brown, Vlatko Kosturjak, Michael Meyer,
Matthew Mundell, Laban Mwangi, Srinivasa NL, Jan Wagner, Jan-Oliver Wagner,
Michael Wiegand and Felix Wolfsteller.
Main changes compared to 2.0.x:
* IPv6 support
* WMI-Client support
* Integration of openvas-libnasl
* New library "base"
* New library "omp"
* Former libopenvas renamed to libopenvas_misc
* New NVT cache implementation to overcome limitations
* Several files from openvas-client integrated
* Use of "cmake" to build base, omp and nasl
* glib dependency raised from 2.6 to 2.12
openvas-libraries 2.0.3 (2009-06-10)
This is the third maintenance release of the openvas-libraries module for the
Open Vulnerability Assessment System (OpenVAS) 2.0 series.
It fixes a small number of issues discovered after the release of
openvas-libraries 2.0.2 and introduces new functionality designed to enable
improvements in other OpenVAS modules.
Main changes since 2.0.2:
* Support for localized security messages (e.g. umlauts) has been re-enabled.
* New functions for GnuTLS-based communication were added.
* New functions for authentication were added.
* An improved caching framework has been added ("NVT Info objects").
Many thanks to everyone who has contributed to this release: Matthew Mundell,
Jan Wagner, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.
openvas-libraries 2.0.2 (2009-03-06)
This is the second maintenance release of the openvas-libraries module for the
Open Vulnerability Assessment System (OpenVAS) 2.0 series.
It fixes a number of issues discovered after the release of openvas-libraries
2.0.1.
Main changes since 2.0.1:
* A bug which caused plugins to hang or freeze under certain circumstances due
to a blocking pcap device has been fixed.
* A bug which caused openvas-libraries to send a truncated HTTP version
identifier when constructing HTTP requests has been fixed.
* A bug which broke the linking process under certain circumstances has been
fixed.
Many thanks to everyone who has contributed to this release: Tim Brown, Vlatko
Kosturjak, Michael Meyer, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.
openvas-libraries 2.0.1 (2009-02-06)
This is the first maintenance release of the openvas-libraries module for the
Open Vulnerability Assessment System (OpenVAS) 2.0 series.
It fixes a number of issues discovered after the release of openvas-libraries
2.0.0 and introduces support for upcoming features. Thanks to the continuing
audit of the code, a number of obsolete, unused and/or unnecessary functions
were identified and removed. The amount and the quality of the source code
documentation has been improved as well.
Effect when installing this version: The cache of NVT descriptions (located in
plugin_folder/.desc/) will be rebuild at next start of openvasd.
The cache files used to have the suffix ".desc" instead of ".nasl", e.g.
"x.desc" corrsponds to "x.nasl". Now, the suffix ".desc" is appended, e.g.
"x.nasl.desc" corresponds to "x.nasl". This also prevents that e.g. "x.nasl"
and "x.nes" (or "x.oval") will overwrite each others' cache file.
Recommendation: Clean the entire cache directory before restarting openvasd. If
you don't do this, the .desc/ directory will contain all cache files twice.
Other than unnecessary disk space consumption this has no bad effect.
Main changes since 2.0.0:
* Renamed caching files to conflict-free scheme
* Prepared support for sub-directories in plugins_folder in accordance with
Change Request #24 (http://www.openvas.org/openvas-cr-24.html)
* Support for improved management of SSH credentials has been added in
accordance with Change Request #20 (http://www.openvas.org/openvas-cr-20.html)
* Established automated source code documentation. HTML-Version is available
under http://www.openvas.org/src-doc/openvas-libraries/2.0.1/index.html
Bugfixes:
* A configuration issue which caused the build process to fail on Mac OS X has
been fixed. (Solves: #761)
* Missing includes which caused the build process to fail on Darwin and NetBSD
have been added. (Solves: #860, #862)
Many thanks to everyone who has contributed to this release: Tim Brown,
Stjepan Gros, Jan-Oliver Wagner, Felix Wolfsteller and Michael Wiegand.
openvas-libraries 2.0.0 (2008-12-17)
This is the 2.0.0 release of OpenVAS.
If you have used the 2.0-beta1, -beta2 or -rc1 release, we recommend that you
update all your OpenVAS modules (openvas-libraries, openvas-libnasl,
openvas-server and openvas-client) to 2.0.0.
If you are currently using the 1.0.x branch and want to evaluate OpenVAS 2.0.0,
we recommend that you install 2.0.0 separately from your OpenVAS 1.0
installation. Instructions on how to do this are available from the OpenVAS
website.
Main changes since 2.0-rc1:
* A bug causing segmentation faults on server startup has been fixed.
* The build environment has been updated.
Main changes since 1.0.2:
* Support for the new script_tag command in NASL scripts has been added.
* 64-bit compatibility has been considerably improved.
* Support for transferring NVT signature information to the client has been added.
* Switch from Nessus plugin IDs to OIDs.
* Switch from Nessus Transfer Protocol 1.2 to OpenVAS Transfer Protocol 1.0.
Many thanks to everyone who has contributed to this release: Tim Brown, Stjepan
Gros, Matthew Mundell, Vlatko Kosturjak, Jan Wagner, Jan-Oliver Wagner, Felix
Wolfsteller and Michael Wiegand.
openvas-libraries 2.0-rc1 (2008-12-05)
This release is the first release candidate for the upcoming 2.0 release of OpenVAS.
Unless serious bugs are discovered, this release candidate will become the final
OpenVAS 2.0 release. Users are encouraged to test this release and to report
bugs to the OpenVAS bug tracker located at http://bugs.openvas.org/ .
If you have used the 2.0-beta2 release, we recommend that you update all your
OpenVAS modules (openvas-libraries, openvas-libnasl, openvas-server and
openvas-client) to 2.0-rc1.
If you are currently using the stable 1.0.x branch and want to take part in
testing this release candidate, we recommend that you install 2.0-rc1 separately
from your OpenVAS 1.0 installation. Instructions on how to do this are available
from the OpenVAS website.
Main changes since 2.0-beta2:
* Support for the new script_tag command in NASL scripts has been added.
* Code quality has been improved; a number of potential buffer overflows have been fixed.
* Minor bugfixes.
Many thanks to everyone who has contributed to this release: Tim Brown, Matthew
Mundell, Felix Wolfsteller and Michael Wiegand.
openvas-libraries 2.0-beta2 (2008-11-14)
This release is the second beta version of the upcoming 2.0 release of OpenVAS.
It contains improved 64-bit compatibility, support for transferring NVT
signature information to the client and various improvements.
This release is intended to contain all features intended for the final OpenVAS
2.0 release. Users are encouraged to test this release and to report bugs to the
OpenVAS bug tracker located at http://bugs.openvas.org/ .
If you have used the 2.0-beta1 release, we recommend that you update all your
OpenVAS modules (openvas-libraries, openvas-libnasl, openvas-server and
openvas-client) to 2.0-beta2.
If you are currently using the stable 1.0.x branch and want to take part in the
beta phase for 2.0, we recommend that you install 2.0-beta2 separately from your
OpenVAS 1.0 installation. Instructions on how to do this are available from the
OpenVAS website.
Main changes since 2.0-beta1:
* 64-bit compatibility has been considerably improved.
* Debian packaging files have been updated.
* Support for transferring NVT signature information to the client has been added.
* Bugfixes.
* Various code cleanups.
Many thanks to everyone who has contributed to this release: Tim Brown, Stjepan
Gros, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.
openvas-libraries 2.0-beta1 (2008-09-23)
This release is a first beta version of the upcoming 2.0 release of OpenVAS.
This is the first release of openvas-libraries to fully implement OID support
and marks the switch from the Nessus Transport Protocol (NTP) to the improved
and cleaned up OpenVAS Transport Protocol (OTP). In addition, this release
contains minor bug fixes and updates to distribution files.
OpenVAS 2.0 will introduce a full set of new modules for OpenVAS Server
(openvas-libraries, openvas-libnasl and openvas-server) and the a new
OpenVAS-Client. The only module OpenVAS 1.0 and OpenVAS 2.0 will share is
openvas-plugins. This means that the OpenVAS NVT Feed is compatible with both
generations of OpenVAS.
However, in case you plan to try out the new generation of OpenVAS, you should
install it separately from OpenVAS 1.0 installation. Instructions on how to do
this will be added to the OpenVAS homepage after all relevant modules are
released as 2.0-beta1. A separate announcement will officially start the beta
testing phase for OpenVAS 2.0.
Main changes in this release:
* Fix to incorrect library usage that prevented building RPM packages under
certain circumstances.
* Updates of Debian packaging files.
* Switch from Nessus plugin IDs to OIDs.
* Switch from Nessus Transport Protocol 1.2 to OpenVAS Transport Protocol 1.0.
* Fix to incorrect usage of string functions that could have lead to buffer
overflows under certain circumstances.
Many thanks to everyone who has contributed to this release: Tim Brown, Vlatko
Kosturjak, Jan Wagner, Jan-Oliver Wagner and Michael Wiegand
openvas-libraries 1.0.2 (2008-06-30)
This release contains improvements to plugin handling and to the packaging files
for various distributions as well as minor bug fixes and cleanups.
Apart from this, this release prepares OID support for OpenVAS.
It is recommended to update to this release, because future releases
of openvas-libnasl and openvas-libnasl will require openvas-libraries 1.0.2
as minimum version.
* Updates of the OpenSUSE, Fedora and Debian packaging files.
* Preparation for support for OpenVAS OIDs.
* Increased internal storage space for plugin preferences to allow for plugins
with a large number of options.
* Fixed a bug that resulted in incorrect memory allocation on certain 64bit
installations.
* Removed support for unencrypted communication with the client.
* Fixed a configuration issue that broke the build process on certain 64bit
installations.
* Various code cleanups.
openvas-libraries 1.0.1 (2008-04-01)
Comprehensive code-reduction, include- and config-change release.
The changes might cause compile failures
or other defects for various operating systems.
Reports on problems are appreciated.
* Replaced inclusion of includes.h for many modules by respective
separate include files.
* Configure checks for libresolv have been improved but still fail
on some systems.
* File includes.h is not installed anymore.
* Compile option "--enable-bpf-sharing" and corresponding
functionalityx has been removed.
* Added several include files which will be installed under include/openvas/
These have been extracted from libopenvas.h which, for convenience,
still includes all of the single new include files.
* Removed various unused modules and functions.
* Various fixes to reduce flawfinder warnings.
* Various fixes to reduce compiler warnings.
* Updates of the Debian packaging files.
openvas-libraries 1.0.0 (2007-10-12)
First stable release.
* Now installs header files hosts_gatherer.h and hg_utils.h.
* More code cleanups.
openvas-libraries 0.9.1 (2007-09-13)
Further cleanups release.
Changes since 0.9.0 (2007-09-13):
* Renamed libhosts_gatherer to libopenvas_hg to
resolved the last remaining filename conflict
with nessus-libraries.
* Introduced its own versioning (independent of
the other OpenVAS modules).
* Internal package improvements for less conflicts
with nessus-libraries and less conflicts with LFSH.
* Switched on all compile-time warnings.
* Fixed some code warnings.
openvas-libraries 0.9.0 (2007-07-27)
The first initial release of openvas-libraries
after the fork from Nessus 2.2.x.
Main changes are:
* Replace OpenSSL by GNU/TLS (therefore it is allowed now to distribute
binary packages with SSL-support)
* SSL now mandatory.
* Removed libpcap-nessus entirely. Now the system one is to be used.
* Many cleanups of ancient remains (still many to come)
* Removed various W32-specific elements, because W32 isn't
a taget system anyway.
* Lots of renaming to avoid conflicts with parallel
Nessus installation
