From 38189d54dd1c4bc9c68f0f8f11283be7fa789350 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Tue, 13 Aug 2019 18:45:30 +0200 Subject: [PATCH 1/9] Clear ticket report when the report is deleted --- src/manage_sql.c | 1 + src/manage_sql_tickets.c | 12 ++++++++++++ src/manage_sql_tickets.h | 3 +++ 3 files changed, 16 insertions(+) diff --git a/src/manage_sql.c b/src/manage_sql.c index 6c50dc43a..778567a21 100644 --- a/src/manage_sql.c +++ b/src/manage_sql.c @@ -26242,6 +26242,7 @@ delete_report_internal (report_t report) permissions_set_orphans ("report", report, LOCATION_TABLE); tags_remove_resource ("report", report, LOCATION_TABLE); + tickets_remove_report (report); /* Update the task state. */ diff --git a/src/manage_sql_tickets.c b/src/manage_sql_tickets.c index 967d7e38d..4233963e2 100644 --- a/src/manage_sql_tickets.c +++ b/src/manage_sql_tickets.c @@ -1624,6 +1624,18 @@ tickets_remove_task (task_t task) sql ("UPDATE tickets_trash SET task = -1 WHERE task = %llu;", task); } +/** + * @brief Remove a report from all tickets. + * + * @param[in] report Report. + */ +void +tickets_remove_report (report_t report) +{ + sql ("UPDATE tickets SET report = -1 WHERE report = %llu;", report); + sql ("UPDATE tickets_trash SET report = -1 WHERE report = %llu;", report); +} + /** * @brief Remove all of a user's tasks from all tickets. * diff --git a/src/manage_sql_tickets.h b/src/manage_sql_tickets.h index 8b189984a..f7cbf1fc4 100644 --- a/src/manage_sql_tickets.h +++ b/src/manage_sql_tickets.h @@ -68,6 +68,9 @@ inherit_tickets (user_t, user_t); void tickets_remove_task (task_t); +void +tickets_remove_report (report_t); + void tickets_remove_tasks_user (user_t); From 1de04e8dccc3e2235c830d980c324e5151d2a008 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Tue, 13 Aug 2019 18:55:54 +0200 Subject: [PATCH 2/9] Include report in orphan check --- src/manage_sql_tickets.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/manage_sql_tickets.c b/src/manage_sql_tickets.c index 4233963e2..4bd0a6866 100644 --- a/src/manage_sql_tickets.c +++ b/src/manage_sql_tickets.c @@ -167,7 +167,7 @@ ticket_status_name (ticket_status_t status) { "iso_time (fix_verified_time)", NULL, KEYWORD_TYPE_STRING }, \ { "fix_verified_time", "fix_verified", KEYWORD_TYPE_INTEGER }, \ { \ - "(task = -1)", \ + "(task = -1 OR report = -1)", \ "orphan", \ KEYWORD_TYPE_INTEGER \ }, \ @@ -236,7 +236,7 @@ ticket_status_name (ticket_status_t status) { "iso_time (fix_verified_time)", NULL, KEYWORD_TYPE_STRING }, \ { "fix_verified_time", "fix_verified", KEYWORD_TYPE_INTEGER }, \ { \ - "(task = -1)", \ + "(task = -1 OR report = -1)", \ "orphan", \ KEYWORD_TYPE_INTEGER \ }, \ From 6f279aa20333b1733de8cb47e09622c358d043e3 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Tue, 13 Aug 2019 19:26:31 +0200 Subject: [PATCH 3/9] Clear ticket_results references when deleting report --- src/manage_sql_tickets.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/manage_sql_tickets.c b/src/manage_sql_tickets.c index 4bd0a6866..98a9eb5ef 100644 --- a/src/manage_sql_tickets.c +++ b/src/manage_sql_tickets.c @@ -1634,6 +1634,15 @@ tickets_remove_report (report_t report) { sql ("UPDATE tickets SET report = -1 WHERE report = %llu;", report); sql ("UPDATE tickets_trash SET report = -1 WHERE report = %llu;", report); + + sql ("UPDATE ticket_results" + " SET report = -1, result = -1" + " WHERE report = %llu;", + report); + sql ("UPDATE ticket_results_trash" + " SET report = -1, result = -1" + " WHERE report = %llu;", + report); } /** From f40a1c1e8b50d9fb52387a6df3f0efc273f38e49 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Tue, 13 Aug 2019 19:27:54 +0200 Subject: [PATCH 4/9] Exclude deleted results when getting ticket results --- src/manage_sql_tickets.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/manage_sql_tickets.c b/src/manage_sql_tickets.c index 98a9eb5ef..e9698afa4 100644 --- a/src/manage_sql_tickets.c +++ b/src/manage_sql_tickets.c @@ -543,6 +543,7 @@ init_ticket_result_iterator (iterator_t *iterator, const gchar *ticket_id, " result_uuid" " FROM ticket_results%s" " WHERE ticket = %llu" + " AND report > 0" " ORDER BY id;", trash ? "_trash" : "", ticket); From c7656629879e5e2fb03207305d94b9bebb5ee0ab Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 14 Aug 2019 10:48:50 +0200 Subject: [PATCH 5/9] Clear references of existing tickets on deleted reports --- CMakeLists.txt | 2 +- src/manage_migrators.c | 41 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 9c810c609..74edf966f 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -113,7 +113,7 @@ include (CPack) ## Variables -set (GVMD_DATABASE_VERSION 216) +set (GVMD_DATABASE_VERSION 217) set (GVMD_SCAP_DATABASE_VERSION 15) diff --git a/src/manage_migrators.c b/src/manage_migrators.c index c2421e059..1ee595fe0 100644 --- a/src/manage_migrators.c +++ b/src/manage_migrators.c @@ -1244,6 +1244,46 @@ migrate_215_to_216 () return 0; } +/** + * @brief Migrate the database from version 216 to version 217. + * + * @return 0 success, -1 error. + */ +int +migrate_216_to_217 () +{ + sql_begin_immediate (); + + /* Ensure that the database is currently version 216. */ + + if (manage_db_version () != 216) + { + sql_rollback (); + return -1; + } + + /* Update the database. */ + + /* Ticket references to reports and results are now cleared when the + * report is deleted. */ + + sql ("UPDATE tickets" + " SET report = -1" + " WHERE report NOT IN (SELECT id FROM reports);"); + + sql ("UPDATE ticket_results" + " SET report = -1, result = -1" + " WHERE report NOT IN (SELECT id FROM reports);"); + + /* Set the database version to 217. */ + + set_db_version (217); + + sql_commit (); + + return 0; +} + #undef UPDATE_DASHBOARD_SETTINGS /** @@ -1266,6 +1306,7 @@ static migrator_t database_migrators[] = { {214, migrate_213_to_214}, {215, migrate_214_to_215}, {216, migrate_215_to_216}, + {217, migrate_216_to_217}, /* End marker. */ {-1, NULL}}; From ef23dd45599b45f67c9a253d02a27b73a528abff Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 14 Aug 2019 14:15:02 +0200 Subject: [PATCH 6/9] Remove CHANGES-OLD --- CHANGES-OLD | 2507 --------------------------------------------------- 1 file changed, 2507 deletions(-) delete mode 100644 CHANGES-OLD diff --git a/CHANGES-OLD b/CHANGES-OLD deleted file mode 100644 index efdf31d71..000000000 --- a/CHANGES-OLD +++ /dev/null @@ -1,2507 +0,0 @@ -SUMMARY OF RELEASE CHANGES FOR GREENBONE VULNERABILITY MANAGER -============================================================== - -For detailed code changes, please visit - https://github.com/greenbone/gvmd/commits/master -or get the entire source code repository and view log history: -$ git clone https://github.com/greenbone/gvmd.git -$ cd gvmd && git log - -Changelog for versions before gvmd-8.0.0 -Please refer to CHANGELOG.md for the newer versions. - -gvmd 8.0+beta2 (2018-12-05) - -This is the second beta release of the gvmd module 8.0 for the Greenbone -Vulnerability Management (GVM) framework. - -It was renamed from gvm to gvmd (Greenbone Vulnerability Manager daemon). - -Apart from the new name, the module covers a number of significant advances -and clean-ups compared to the previous version. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Christian Fischer, Matthew Mundell, Timo Pollmeier, -Bjoern Ricks, Jan-Oliver Wagner and Michael Wiegand. - -Main changes compared to gvm 8.0+beta1: -* Classic report format HTML has been removed from predefined report formats. -* External tool openvasmr has been renamed to gvmcg. -* Size of result description and diff text in GMP has been limited. -* Support for creating filters for vulnerabilities has been added. -* .deb and .rpm LSC package generation has been improved. -* SNMP and ESXi Authorization in the scan config have been hidden. -* Support for using configurable GPG and S/MIME encryption keys for Email Alerts - has been added. -* Script copyright and script version have been removed. -* Vhosts handling has been improved. -* User tags can now refer to multiple resources for easier bulk tagging. -* Elements host_start and host_end have been removed - from the report element of response from get_reports. -* The task status "Internal Error" has been replaced by "Interrupted", which - can also occur in case of errors that previously set tasks to "Stopped". -* "OpenVAS Classic" has been removed from the list of predefined severity - classification schemes. -* A results trashcan table has been added for performance reasons. -* The prognostic type has been removed from GET_REPORTS and from the - report element. -* An issue related to credential creation and modification has been addressed. -* Several improvements and fixes related to reports have been done. -* Documentation has been updated. -* Several memory management aspects have been improved. -* Various code cleanups and improvements. - - -gvm 8.0+beta1 (2018-04-30) - -This is the first beta release of the gvm module 8.0 for the Greenbone -Vulnerability Management (GVM) framework. - -It was renamed from openvas-manager to gvm (greenbone vulnerability manager). - -Apart from the new name, the module covers a number of significant advances -and clean-ups compared to the previous version 7.0. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Antony Falegkos, Christian Fischer, Matthew Mundell, Juan -Nicola, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. - -Main changes compared to the 7.0 series: -* The central service component "OpenVAS-Manager" has been renamed to - "Greenbone Vulnerability Manager". Subsequently, the central binary has been - renamed from "openvasmd" to "gvmd". Also any other occurrence of "OpenVAS - Manager" or related terms has been renamed accordingly, including the API from - "OMP" to "GMP". -* The new GMP command GET_VULNS allows for a view on found vulnerabilities with - quantities on results and hosts, across all reports. -* The required minimum version of new dependency GVM Libraries is 1.0 and - the dependency to the openvas-libraries module has been removed. Therefore - many include directives have been adapted to the new source code. -* The gmvd proctitle is set for each process to indicate what the process - is doing. -* The elements host_start and host_end has been removed from report element, - which eliminate redundant information since there are already available in the - host element. -* iCal standard (RFC2445) support has been introduced for "schedule" objects. -* The gvm daemon automatically detects new SCAP and CERT data as well as when new - NVTs are available from the OpenVAS Scanner and will load/update the database - accordingly. Therefore the --rebuild, --update and --progress options have - been removed. -* Transition from global objects to ownerless-predefined objects: The possibility - to configure users, groups or roles to have arbitrary - permissions over pre-defined objects has been added. - For example, a role could be configured with only one specific Scan Config, - Scanner or Port List to use. The default permissions, however, do not change. -* The update of SCAP and CERT data has been changed from external scripts - into internal routines of gvmd. This makes the process faster - and consumes less resources. -* Documentation has been updated. -* Several memory management aspects have been improved. -* Various code cleanups and improvements. -* The CMake building process was improved. -* The minimum required version of GLib has been raised to 2.42. -* The minimum required version of CMake has been raised to 3.0. - -openvas-manager 7.0.0 (2016-11-09) - -This is the first release of the openvas-manager 7.0 module for the Open -Vulnerability Assessment System release 9 (OpenVAS-9). The OpenVAS Manager is -the central management service between the actual security scanners and the -user clients. - -OpenVAS Manager 7.0 introduces an explicit asset management and the built-in -CVE scanner. It also replaces the 'Slaves' type by the new Scanner type -'OMP Slave'. Please see the comprehensive list below for more details. - -Please make sure to read the INSTALL file for important installation and -migration information, even and especially if you have used OpenVAS Manager -before. - -Many thanks to everyone who has contributed to this release: -Benoît Allard, Hani Benhabiles, Sven Haardiek, Matthew Mundell, Timo Pollmeier, -Jan-Oliver Wagner and Michael Wiegand. - -Main changes compared to the 6.0 series: -* Added asset management for hosts and operating systems. -* Added internal CVE Scanner. -* Added SecInfo alerts. -* The type 'Slaves' was replaced by the 'Scanner' type 'OMP Slave'. -* The OMP protocol version is now OMP 7.0. -* Added support for communicating via Unix domain sockets with OTP scanners - and with clients. -* GET_REPORTS now uses regular powerfilter. -* Authentication configuration (for example LDAP) is now handled within - the database and not in a separate file ('auth.conf') anymore. -* Several new OMP commands and some changes/renaming to existing commands. - Please refer to the OMP documentation for details about new and changed - commands. -* Consolidation of credentials into the the type Credentials. -* New Alerts 'SCP' and TCP upload. -* Improved OSP support, permissions management, QoD handling, built-in - report formats, alerts. -* Merging openvas-scapdata-sync into greenbone-scapdata-sync. -* Merging openvas-certdata-sync into greenbone-certdata-sync. -* Minimum required version GnuTLS raised to 3.2.15. -* Minimum required version GLib raised to 2.32. -* Minimum required version CMake raised to 2.8. - -Main changes since 6.1+beta3: -* The concept of slaves has been replaced by OMP slaves. -* The OMP protocol version is now OMP 7. -* Support for grouping data by two columns has been added. -* Support for the new 'SNMP' alert method has been added. -* A new "Max Rows Per Page" setting has been introduced which defaults to 1000, - please see the INSTALL file for details. -* The handling of Internal Errors has been made more consistent. -* A support scripts for gathering statistics on the SQLite3 back-end has been - added. -* Credentials are now consistently handled as credential objects. -* Support for sorting by multiple fields in OMP command GET_AGGREGATES has been - added. -* The process title of processes handling scans will now contain the report - UUID. -* Resuming of scheduled slave scans has been improved. -* Internal use of logging has been made more consistent. -* Support for migrating data from an SQLite3 database to a PostgreSQL database - has been improved. -* Handling of slave scans has been improved. -* The handling of report format plugins has been improved. -* The LDAP CA certificate is now stored in the internal database instead as a - separate file on disk. -* The predefined target 'Localhost' has been removed. -* Users are now allowed to access feed descriptions. -* Support for including the result of one report format in the result of another - report format has been added. -* The 'Anonymous_XML' report format now strips even more potentially sensitive - information. -* Support for custom predefined report formats has been improved. -* Support for communicating via Unix domain sockets has been added and now is - the default for communication with OTP scanners and with clients. -* NVTs in the ACT_SETTINGS family are no longer automatically enabled. -* Log messages have been improved to include the resource name wherever - possible. -* The 'openvas-manage-certs' support script has been moved here from OpenVAS - Scanner. -* The minimum required version of the GnuTLS library has been raised to 3.2.15 - in order to enforce the presence of newer (more secure) TLS and ciphers. -* The minimum required version of the OpenVAS libraries has been raised to - 9.0.0. -* The minimum required version of the GLib library has been raised to 2.32 in - order to allow the use of newer API elements. -* The minimum required version of the CMake build framework has been raised to - 2.8. -* Numerous code cleanups. -* The build process has been improved. -* Code documentation has been updated. -* Support for PostgreSQL has been improved. - - -openvas-manager 6.1+beta3 (2016-04-14) - -This is the third beta version of the upcoming 6.1 release of the -OpenVAS Manager. It will be part of the upcoming OpenVAS-9 release. -This module is the central management service between -security scanners and user clients. - -This release adds various alerts, consolidates credentials and -applies the standard powerfilter now also for the report results -to name just a few of the improvements. - -Many thanks to everyone who has contributed to this release: -Benoît Allard, Hani Benhabiles, Sven Haardiek, Matthew Mundell, -Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. - -Main changes since 6.1+beta2: -* Consolidation of credentials: Introduce various types of credentials and - use these reseources whenever a credential is required. Also the migration - will handle this properly. -* Add task preference for auto deleting reports. -* Add credential type "client certificate". -* Add SNMP credential type. -* Make login information of slaves a credentials resource. -* Add SNMP credentials to targets. -* Add new alert conditions "Filter count at least" and "Filter count changed". -* Add alert method "Send", for sending the report to a TCP listener. -* Add new alert method 'SCP'. -* Add alert event "New NVTs arrived". -* Add event type "Updated NVTs arrived". -* Add support for SecInfo type in SecInfo alerts. -* Add SYNC_CONFIG OMP command. -* Introduce Scan Configs for OSP scanners. -* Make GET_REPORTS command use the normal powerfilter and remove some - redundant command attributes and now unused functions. -* Prevent concurrent NVT cache updates from being initiated via SIGHUP. -* Add "ISM Control Description" parameter to "Verinice ISM" report format. -* Ensure sequences for automatically assigning primary key ids in - PostgreSQL are consistent with table contents on startup. -* Remove any special handling of a tag "risk_factor". -* When using SQLite, ensure that all three databases are in WAL mode. -* Merging openvas-certdata-sync into greenbone-certdata-sync - in order to maintain only a single sync script instead - of two mostly identical ones. -* Merging openvas-scapdata-sync into greenbone-scapdata-sync - in order to maintain only a single sync script instead - of two mostly identical ones. -* Add --check-alerts, which runs any SecInfo alerts that are due. -* Various database performance improvements. -* Various code improvements. - - -openvas-manager 6.1+beta2 (2015-10-21) - -This is the second beta version of the upcoming 6.1 release of the -OpenVAS Manager. It is the central management service between the actual -security scanners and various user clients. - -This release adds explicit asset management for hosts and operating -systems, first OSP 1.1 features, started consolidation of Credentials - -to name just a few of the many improvements. - -Many thanks to everyone who has contributed to this release: -Benoît Allard, Hani Benhabiles, Sven Haardiek, Matthew Mundell, -Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. - -Main changes since 6.1+beta1: -* Add asset management for hosts and operating systems via new OMP - commands CREATE_ASSET, GET_ASSETS, MODIFY_ASSET and DELETE_ASSET. -* Make it possible to import OSP scan configs. -* Allow specifying multiple data columns via elements in the OMP command - GET_AGGREGATES and change the response to list statistics grouped for - each data_column. -* Add new alert method "Start Task". -* Replace the LSC_CREDENTIAL type with CREDENTIAL type. -* Handle free-form text in Postgres sorting of hosts, instead of - requiring IPs. -* Add new OMP command MOVE_TASK to move a task to a new slave, even - when it is running. -* Add support for some of the upcoming OSP 1.1 features. -* Extend CREATE_GROUP with option to create "super on self" permission - for the group, so that all member resources are shared. -* Updated the HTML report format plugin with slightly lighter design and - better performance. -* Add "subject" and "message" method data for email alerts, so that the - user can set these fields. Also add various variables for the message - via various variables. -* Add options to have a user inherit resources from a user being - deleted. -* Add new setting "Default Severity". -* Record in each report in the db whether the task was started by the - scheduler. Use this info to prevent the scheduler from stopping - manually started tasks. -* For slave tasks, add the host details of finished hosts, even if the - task is still running. -* Add a "word_counts" mode to the GET_AGGREGATES OMP command. -* If NVT cannot be found for dynamic severity without overrides, use - static severity instead. -* Add host and result counts to task iterators and add "text columns" - option to get_aggregates. -* Allow dot (.) in username. -* Give up when doing the nvti cache update check and the database is - busy, because this is done in the main omp service loop, so it could - delay the service of OMP clients. -* Add params ignore_pagination and schedules_only for OMP GET_TASKS. -* Improved certificate checks. -* Simplify project version setting. Use SVN version at build time in - binary instead of SVN version at configuration time. -* Various code improvements. - - -openvas-manager 6.1+beta1 (2015-07-17) - -This is the first beta version of the upcoming 6.1 release of the OpenVAS -Manager. It is the central management service between the actual security -scanners and various user clients. - -This release moves authentication configuration from file based function to the -Manager database. It also adds support for CVE scanning and contains a number of -other improvements. - -Please make sure to read the INSTALL file for important installation and -migration information, even and especially if you have used OpenVAS Manager -before. - -Many thanks to everyone who has contributed to this release: -Benoît Allard, Hani Benhabiles, Sven Haardiek, Matthew Mundell, Timo Pollmeier and Michael Wiegand. - -Main changes since 6.0 series: -* The required minimum version of OpenVAS Libraries has been raised to 8.1.0. -* Authentication checks are now handled locally instead of file based OpenVAS - Libraries functions. -* Permission management has been improved. -* OSP support has been improved. -* Support for CVE scanning has been added. -* Handling of QoD information has been improved. -* PostgreSQL support has been improved. -* Internal improvements. -* The built-in LaTeX report format has been improved. -* Support for running cppcheck from the build environment has been added. -* A number of issues discovered through static code analysis have been - addressed. -* Documentation has been updated. - - -openvas-manager 6.0.1 (2015-04-01) - -This is the first maintenance release of the openvas-manager 6.0 module for -the Open Vulnerability Assessment System release 8 (OpenVAS-8). - -This release addresses various improvements and bug fixes of which -none is particularly outstanding, but not all just minor either. - -Many thanks to everyone who contributed to this release: -Matthew Mundell, Timo Pollmeier and Michael Wiegand. - -Main changes compared to 6.0.0: -* Treat missing filter keywords owner and permission as if they had the - value "any". The old default behavior can be reproduced by using the - keywords with an empty value. -* Task severity: Consider based on QoD default (70%) instead of 0%. - This way the task severity matches the results severity when using - defaults. -* Allow the user to create a permission if the user has "modify" access - to the subject. This allows users to create permissions on roles owned - by other users, for example. -* Bugfix to enable autoamtic update of CERT-Bund. -* Bugfix to re-add the cvss base vector of NVTs. -* Bugfixes/improvements about object management for objects - with dependencies dependencies (for example: target has - credentials). -* Always set trust as "yes" for predefined report formats. -* Bugfix: Quote timezones as these can have multiple words. -* Bugfix: Get results severity based on user, not based on owner. -* Improved package config and build routine. -* Various minor bugfixes. - - -openvas-manager 6.0.0 (2015-03-17) - -This is the first release of the openvas-manager 6.0 module for the Open -Vulnerability Assessment System release 8 (OpenVAS-8). The OpenVAS Manager is -the central management service between the actual security scanner and various -user clients. - -OpenVAS Manager 6.0 introduces a large number of new and improved features, for -example scanner management, the alternative use of PostgreSQL as database back -end and Quality of Detection (QoD) information. It also introduces the new roles -"Guest", "Monitor" and "Super Admin". Please see the comprehensive list below -for more details. - -Please make sure to read the INSTALL file for important installation and -migration information, even and especially if you have used OpenVAS Manager -before. - -Many thanks to everyone who has contributed to this release: -Benoît Allard, Michal Ambroz, Hani Benhabiles, Henri Doreau, Michael Meyer, -Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. - -Main changes compared to the 5.0 series: -* OpenVAS Manager now supports the alternative use of PostgreSQL as database - back end instead of SQLite3. -* Support for Scanner Management has been added. This includes the configuration - part for scanners accompanied with a new set of OMP commands (create_scanner, - get_scanners, modify_scanner, delete_scanner and verity_scanner). Next, it - covers the extensions of tasks with the selected scanner type and the - extension of Scan Configurations to reflect different scanner types. -* Support for the new SecInfo subtype CERT-Bund Advisory (CERT_BUND_ADV) has - been added. -* Support for QoD (Quality of Detection) information has been added. -* Support for mixing objects owned by different users has been extended. -* Support for a "Guest" role has been added. -* Support for a "Monitor" role has been added. -* Support for a "Super Admin" role has been added. -* Support for associating ESXi credentials with targets has been added. -* The new OMP command "GET_AGGREGATES" has been added in order to deliver data - tables for use in diagrams. -* Support for task charts has been added. -* Support for filtering NVTs based on their script_tags has been added. -* A new "Modify Task" wizard has been added. -* Support for displaying solution type information has been added. -* Support for internal database optimization has been added. -* Support for ownership of users, roles, groups and permissions has been - introduced. -* Support for the changing of user names has been added. -* Support for Once-off schedules has been added. -* Support for limiting the number of times a task runs with a periodic schedule - has been added. -* Support for splitting the CPE dictionary has been added to the SCAP data - synchronization script. -* The "xml_split" helper script for splitting SCAP data is now installed by - default. -* Report powerfilters now support the "timezone" keyword. -* The OMP version is now included in reports. -* Tasks on slaves are now stopped when the controlling master is terminated. -* Alterable task now stay alterable even when their last report has been - removed. -* Solution type information is now included in report formats. -* OpenVAS Manager will no longer abort if previous attempts to the rebuild or - update the database have failed. -* The results table and the OMP results objects have been extended. -* The "Anonymous XML" report format has been added. -* Support for displaying host authentication results has been added to the - LaTeX, PDF and HTML reports. -* The GET_INFO command can now be used for NVTs as well. -* Support for "openvasrc" files has been removed from OMP. -* For SSH credentials, the certificate is now extracted from private key when - needed. -* Preemptive Scanner connecting has been removed. Manager now only connects on - NVT cache update or task starting, resuming and stopping. This improves - response time. -* Support for the task pausing feature has been removed. This includes the - removal of OMP commands "pause_task" and "resume_paused_task". -* Support for the target locators feature has been removed. This includes the - removal of the OMP command "get_target_locators". -* The "--slisten" and "--sport" command line options have been removed as they - are now part of the scanner properties. -* An issue which caused individual NVT timeout values to not be transferred - to slaves has been fixed. -* The "--list-users" command line option has been renamed to "--get-users". -* The "--role" command line option now applies to "--get-users" as well. -* The "get_results" OMP command now behaves more consistent with other get_... - OMP commands. -* The task name is now included in more report formats. -* The value of the NVT tag "affected" is now included in more report formats. -* The performance has been improved in a number of places. -* The strategy of SQL retries in high-load situation has been improved. -* The handling of user groups when dropping privileges has been improved. -* The manager will now retry starting of scheduled tasks when the start OMP fails. -* Sorting of numerical values has been improved. -* Library checks during package configuration have been improved and are now - more comprehensive and consistent. -* Signal handling has been improved. -* The OMP protocol documentation has been updated. -* Code cleanups. - -Main changes compared to 6.0+beta6: -* Solution type information is now included in report formats. -* An issue with empty scan end times has been fixed. -* Performance of report result counting has been improved. -* A check which resulted in scheduled tasks not starting at all if they could - not start within a short interval has been removed. -* Signal handling has been improved. -* Support for splitting the CPE dictionary has been added to the SCAP data - synchronization script. -* OpenVAS Manager will no longer abort if previous attempts to the rebuild or - update the database have failed. -* The "Anonymous XML" report format has been added. -* The OMP protocol documentation has been updated. -* The GET_INFO command can now be used for NVTs as well. -* Result in report results counting and caching functions now use a default - minimum QoD of 70 for consistency. -* Support for displaying host authentication results has been added to the - LaTeX, PDF and HTML reports. -* Support for CERT-Bund advisories has been improved. -* An issues which caused a segmentation fault when rebuilding the database of 32 - bit installations under certain circumstances has been fixed. -* The "xml_split" helper script for splitting SCAP data is now installed by - default. -* Support for mixing of the current user's targets and tasks, with other - people's targets and tasks has been added. -* Support for mixing of the current user's configs and tasks, with other - people's configs and tasks has been added. -* Support for mixing of the current user's scanners and tasks, with other - people's scanners and tasks has been added. -* Support for mixing of the current user's port lists and targets, with other - people's port lists and targets has been added. -* Support for mixing of the current user's credentials and targets, with other - people's credentials and targets has been added. -* Support for mixing of the current user's report formats and alerts, with other - people's report formats and alerts has been added. -* Support for mixing of the current user's filters and alerts, with other - people's filters and alerts has been added. -* Code cleanups. - - -openvas-manager 6.0+beta6 (2015-02-11) - -This is the sixth beta version of the upcoming 6.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanners and various user clients. - -This release improves support for OSP scanner and introduces support for -Quality of Detection (QoD) information. It also adds support for once-off -schedules, for limiting the number of times a task runs with a periodic -schedule and for more resource mixing between users. It also contains a number -of bug fixes and various other improvements. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Michael Wiegand. - -Main changes since 6.0+beta5: -* Support for OSP host details has been added. -* Support for modifying an existing scanner has been added. -* Support for Once-off schedules has been added. -* Support for limiting the number of times a task runs with a periodic schedule - has been added. -* Enable mixing of the current user's alerts, schedules and tasks, with other - people's alerts, schedules and tasks, when permissions allow it. -* Support for Quality of Detection (QoD) information has been introduced. -* A segmentation fault which occurred when deleting users using the - "--delete-user" parameter has been fixed. -* An issue which caused individual NVT timeout values to not be transferred - to slaves has been fixed. -* An issue with NVT counting in scan configs has been fixed. -* Incorrect column name in the SCAP database have been fixed. -* An issue with result counting when using certain filters has been fixed. -* An issue which prevented the Super Admin from cloning certain objects has been - fixed. -* An issue with running scheduled tasks with durations has been fixed. -* Tasks on slaves are now stopped when the controlling master is terminated. -* Alterable task now stay alterable even when their last report has been - removed. -* The default value for the "autofp" setting used for alerts has been changed - to 0 for consistency with other views. -* Report lists now ensure that a apply_overrides value is set. -* Sorting of numerical values has been improved. -* Handling of missing report format plugins for alerts has been made more - consistent. -* Library checks during package configuration have been improved and are now - more comprehensive and consistent. -* OSP support has been improved. -* PostgreSQL support has been improved. -* The OMP documentation has been updated. -* Documentation of database optimization has been improved. -* Code cleanups. - - -openvas-manager 6.0+beta5 (2015-01-12) - -This is the fifth beta version of the upcoming 6.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanners and various user clients. - -This release improves support for the "Super Admin" permission, introduce -ownership for users, roles and groups, allow sharing of sensors and task -between users, adds a `--optimize` command line option, start work on -consolidation of the different RESUME_* OMP commands as well as fixes various -smaller issues. - -Many thanks to everyone who has contributed to this release: -Timo Pollmeier, Jan-Oliver Wagner, Matthew Mundell, Michael Wiegand and Hani -Benhabiles. - -Main changes since 6.0+beta4: -* Add settings for default resource selections on the "New Task" and "New - Target" pages in GSA and get settings in Advanced Task Wizard. -* LaTeX report format improvement -* Retry starting of scheduled tasks when the start OMP fails. -* Add new "Modify Task" wizard. -* Add RESOURCE/TYPE to CREATE_PERMISSION, so that Super permissions can be - created on Roles, Groups and Users. -* Add RESOURCE/TYPE to MODIFY_PERMISSION, so that editing of Super - permissions works. -* Allow severity to be null in CERT-Bund and DFN-CERT Advisories, CPEs and OVAL - definitions if no severity is available from CVEs. -* Performance improvement for GET_REPORTS. -* Add solution_type column to NVTs. -* Enable mixing of the current user's slaves and tasks, with other people's - slaves and tasks, when permissions allow it. -* Add command line option --optimize, with arguments "analyze" and "vacuum". -* Add indices for NVTs, CVEs and CPEs and change init_aggregate_iterator to use - them. Remove unused features from init_aggregate_iterator for simplicity. -* Make --role apply to --get-users too. -* Introduce ownership of users, roles and groups. -* Major rewrite of the RESUME_* OMP commands. -* Introduce ownership of permissions. -* Account for Super permissions in asset reports. -* Add NEW_NAME to OMP MODIFY_USER, to allow changing of user names. - - -openvas-manager 6.0+beta4 (2014-11-21) - -This is the fourth beta version of the upcoming 6.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanners and various user clients. - -This release establishes support for PostgreSQL as an alternative database -backend. It also adds support for a "Super Admin" role and contains a number of -smaller improvements. - -Many thanks to everyone who has contributed to this release: -Benoît Allard, Michal Ambroz, Hani Benhabiles, Henri Doreau, Michael Meyer, -Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand. - -Main changes since 6.0+beta3: -* OpenVAS Manager now supports the alternative use of PostgreSQL as database - backend instead of SQLite3. -* Support for a "Super Admin" role has been added. -* Performance for iterating over host details has been improved. -* The handling of SIGABRT signals has been improved, ensuring an appropriate - exit code if such a signal occurs. -* The handling of task end times has been improved. -* The strategy of SQL retries in high-load situation has been improved. -* Support for filtering NVTs based on their script_tags has been added. -* Logging has been improved. -* The handling of user groups when dropping privileges has been improved. -* Timezone usage has been improved. -* The build process has been adjusted for changes in OpenVAS Libraries. -* The OMP version is now included in reports. -* Code cleanups. - - -openvas-manager 6.0+beta3 (2014-10-14) - -This is the third beta version of the upcoming 6.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanners and various user clients. - -This release continues the efforts towards PostgreSQL support and support of -multiple scanners. It also introduces support for a "Monitor" role and for the -"timezone" keyword in report powerfilters and harmonizes the handling of the -creation time for the different SecInfo object types. A workaround for an issue -with SQLite versions before 3.8.3 is included as is support for task charts. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Michael Wiegand. - -Main changes since 6.0+beta2: -* Further steps towards alternative use of PostgreSQL as database backend - instead of SQLite3. The PostgreSQL support does not yet cover all of the - OpenVAS Manager functionalities. -* Further steps for Scanner Management. -* Support for task charts has been added. -* Report powerfilters now support the "timezone" keyword. -* Handling of different SecInfo object creation times has been harmonized. -* Support for a "Monitor" role has been added. -* A workaround for an issue with concurrent SQLite processes when using SQLite - versions older than 3.8.3 has been added. -* PostgreSQL support has been added to the various support scripts. -* Code cleanups. - - -openvas-manager 6.0+beta2 (2014-09-23) - -This is the second beta version of the upcoming 6.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanners and various user clients. - -This release continues the efforts towards PostgreSQL support and support of -multiple scanners. It also introduces support for a "Guest" role and for -associating ESXi credentials with targets, along with a number of smaller -improvements and code cleanup. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael -Wiegand. - -Main changes since 6.0+beta1 series: -* Further steps towards alternative use of PostgreSQL as database backend - instead of SQLite3. The PostgreSQL support does not yet cover all of the - OpenVAS Manager functionalities. -* Further steps for Scanner Management. -* Support for a "Guest" role has been added. -* Support for associating ESXi credentials with targets has been added. -* The get_results command now behaves more consistent with other get_... OMP - commands. -* The task name is now included in more report formats. -* The value of the NVT tag "affected" is now included in more report formats. -* GPLv2+ licence notices now contain the exact wording suggested by the Free - Software Foundation. -* Code cleanups. - - -openvas-manager 6.0+beta1 (2014-08-23) - -This is the first beta version of the upcoming 6.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanners and various user clients. - -This release introduces first steps towards multi-scanner support, adds support -for SecInfo type "CERT-Bund" and extends the results object. Apart from this -the alternative support for PostgreSQL works to some extend but is not -complete yet. - -Please make sure to read the INSTALL file for important installation and -migration information, even and especially if you have used OpenVAS Manager -before. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Michael Wiegand - -Main changes since 5.0 series: -* Added first steps for Scanner Management. This includes the configuration part - for scanners accompanied with a new set of OMP commands (create_scanner, - get_scanners, modify_scanner, delete_scanner and verity_scanner). Next, - it covers the extensions of tasks with the selected scanner type and the - extension of Scan Configurations to reflect different scanner types. -* First steps towards alternative use of PostgreSQL as database backend instead - of SQLite3. The PostgreSQL support does not yet cover all of the OpenVAS Manager - functionalities. -* Added new SecInfo subtype CERT-Bund Advisory (CERT_BUND_ADV). -* Added new OMP command GET_AGGREGATES in order to deliver data tables for - use in diagrams. -* Extended results table and OMP results objects. -* Removed openvasrc file support from OMP. -* For SSH credentials, the public part is now extracted from private key - when needed. -* Removed preemptive Scanner connecting. Connect only on NVT cache update - or task starting, resuming and stopping. This improves response time. -* Removed task pausing feature. This includes the removal of OMP commands - pause_task and resume_paused_task. -* Removed target locators feature. This includes the removal of the - OMP command get_target_locators. -* First steps towards a QoD (Quality of Detection) concept as an attribute - of the results. -* Rebuild CERT database as version 6 to apply fix for problems with CVEs - in older DFN-CERT advisories. -* Increased limit of max number of hosts specified in user Host Access - Control to 16,777,216. -* Removed --slisten and --sport options. -* Renamed --list-users to --get-users. -* Added --get-scanners. -* Added --create-scanner with --scanner-host, --scanner-port and - --scanner-type options. -* Added --delete-scanner option. -* Added --verify-scanner option. -* Added --scanner-ca-pub, --scanner-key-pub and --scanner-key-priv - command-line arguments. -* Added options --max-email-attachment-size and --max-email-include-size. -* Various minor improvements. -* Code cleanups. - - -openvas-manager 5.0.0 (2014-04-23) - -This is the first release of the openvas-manager 5.0 module for the Open -Vulnerability Assessment System release 7 (OpenVAS-7). The OpenVAS Manager is -the central management service between the actual security scanner and various -user clients. - -OpenVAS Manager 5.0 introduces a large number of new and improved features, for example -the entire user management is now done in OpenVAS Manager, tagging of objects, -"Severity" concept to replace "Threat" concept, Alive-Test property of Targets, -a number of new command line parameter, extended access control with groups, roles -and permissions. For a complete list of changes, please refer to the list below. -The whole functionality is available via the extended protocol OMP 5.0. - -Please make sure to read the INSTALL file for important installation and -migration information, even and especially if you have used OpenVAS Manager -before. - -Many thanks to everyone who has contributed to this release: -Benoît Allard, Hani Benhabiles, Henri Doreau, Rodolfo Gouveia, Andre Heinecke, -Werner Koch, Matthew Mundell, Timo Pollmeier, Stefan Schwarz, Stefan Sperling, -Jan-Oliver Wagner and Michael Wiegand. - -Main changes since 4.0.x: -* User management has been consolidated in OpenVAS Manager. It was moved - from OpenVAS Scanner and OpenVAS Administrator into OpenVAS Manager. -* New: Groups, Roles and Permissions. -* New: Tags. -* New: Default scan configurations "Discovery", "Host Discovery" and - "System Discovery". -* New: Support for searching in the complete SecInfo data. -* New: Support for regular expression searching in the powerfilter. -* New: New "Severity" concept to replace "Threat" concept. -* Removed: OTP port forwarding. -* Removed: Support for obsolete scanner preferences. -* Improved: Support for the new host management offered by Scanner has been added. -* Improved: Schedule handling during long running operations. -* Changed: Simplified host access control replaces old rules-based concept. -* New: Support for Alterable Tasks. -* New: Support for Source Interface access control has been added. -* New: Alive Test property to Targets, which can override the scan config - settings. -* Remove NVTs 810002 "CPE Inventory" and 810003 "Host Summary" from predefined - configs. -* Orphaned results are now removed from the database when starting. -* The speed of retrieving a task details overview has been improved. -* Database rebuild performance has been improved. -* Performance with large databases has been improved. -* Updated: Verinice ISM report format plugin. -* Updated: The NBE report format plugin. -* New: Predefined report format CSV Hosts. -* New: Predefined report format CSV Results. -* New: Report format plugin for exporting TLS mapping results into a CSV file. -* New: User setting for preferred interface language. -* Logging has been improved and made more consistent. -* OpenVAS Manager will now attempt to reduce database fragmentation. -* Use UTF-8 for OTP. -* Report scanner loading progress to client/GSA. -* New: Support for user defined OVAL repositories in private subdirectories. -* The scripts for SCAP and CERT data synchronization have been improved. -* Handling of NVT risk factors has been removed as this is handled via CVSS scores now. -* The handling of the obsolete "subnet" element in the results has been - removed. -* NVT descriptions are no longer stored separately in the database and thus no - longer duplicate information already present in the NVT tags. -* The credential encryption keyring is now placed in var/lib/openvas/gnupg - instead of etc/openvas/gnupg. -* Support for changing a user password on the command line has been added. -* New option --max-ips-per-target. -* New option --delete-user. -* New option --create-user. -* Add option --role, which allows to set the role with --create-user. -* The --migrate option now also migrates SCAP and CERT databases. -* New option "--list-users". -* Made --migrate succeed when the database has not yet been initialised. -* Add --gnutls-priorities option. -* Add --dh-params command-line option. -* The command line parameter "--disable-scheduling" has been added. -* The required minimum GnuTLS version has increased to 2.8. -* The required minimum OpenVAS Libraries version has increased to 7.0.0. -* Signature verification now uses the "gpgv" command. -* Make --rebuild and --update wait for scanner when scanner is busy - loading NVTs. This matches the behaviour when rebuild is called via - SIGHUP. -* Startup speed has been improved. -* Add a utility to split huge xml files in a memory efficient way -* The handling of missing, inaccessible or corrupt database files has been - improved. -* Moved some functions to openvas-libraries. -* Large number of small fixes and speed improvements. -* Code cleanup. - -And additionally changes compared to 5.0+beta13: -* Added HELP permission check. -* New: Role "Info". -* Clean up of OMP and OMP documentation. - - -openvas-manager 5.0+beta13 (2014-04-10) - -This is the thirteenth beta version of the upcoming 5.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and its various user clients. - -This release further improves role management and adds the MODIFY_ROLE OMP -command. It also features an improved startup speed and an updated OMP -documentation as well as improvements to the alive test and wizard -functionalities. - -Many thanks to everyone who contributed to this release: -Matthew Mundell, Timo Pollmeier and Michael Wiegand. - -Main changes since 5.0+beta12: -* The OMP command MODIFY_ROLE has been added. -* Role management has been improved. -* The OMP documentation has been updated. -* The handling of unavailable commands in the quick_task wizard has been - improved. -* The command line parameter "--disable-scheduling" has been added. -* Startup speed has been improved. -* The alive test "TCP Service Ping" has been renamed to "TCP-ACK Service Ping". -* The alive test "TCP-SYN Service Ping" has been added. - - -openvas-manager 5.0+beta12 (2014-03-28) - -This is the twelfth beta version of the upcoming 5.0 release of the OpenVAS -Manager. it is the central management service between the actual security -scanner and its various user clients. - -This release add an OMP DELETE_ROLE commands and a --dh-params command-line -option to specify Diffie-Hellman ciphers parameters. - -Many thanks to everyone who contributed to this release: -Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Jan-Oliver Wagner - -Main changes since 5.0+beta11: -* Add OMP DELETE_ROLE. -* Add --dh-params command-line option. -* code cleanup - - -openvas-manager 5.0+beta11 (2014-03-26) - -This is the eleventh beta version of the upcoming 5.0 release of the OpenVAS -Manager. it is the central management service between the actual security -scanner and its various user clients. - -This release adds a --gnutls-priorities option to specify the cipher priority -as well as adds a CREATE_ROLE OMP command and solve a number of small issues. - -Many thanks to everyone who contributed to this release: -Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Jan-Oliver Wagner - -Main changes since 5.0+beta10: -* Get tags for resources by ROWID instead of UUID. Make iterator functions for - active and orphan fields return int. -* Rename "attach_id" to "resource_uuid", "attach_type" to "resource_type" add - resource rowid "resource" and "resource_location" to tags tables. Hence - increase database version to 117. Add database migration from version 116 to - 117. -* Change tag OMP elements accordingly and make them more consistent with the - resource in permissions overall. Allow tags to be attached to resources in - trash. Rename "orphaned" in tags to "orphan". -* Add OMP CREATE_ROLE. -* Remove NVTs 810002 "CPE Inventory" and 810003 "Host Summary" from predefined - configs. Hence increase database version to 116. Add database migration - from version 115 to 116. -* Drop sign_key_ids column from nvts table. Hence increase database version to - 115. Add database migration from version 114 to 115. -* Add alive test "Consider Alive". -* Add --gnutls-priorities option to Manager. -* Report scanner loading progress to client/GSA. -* Added regex-based parameter validation and support of alternative run modes, - e.g. an init mode to get resource lists to display in the client, to wizards. -* Switch the type check on the filters associated with alerts from "report" to - "result". Alerts were migrated from "report" to "result" in db version 92. -* Code cleanup. - - -openvas-manager 5.0+beta10 (2014-03-18) - -This is the tenth beta version of the upcoming 5.0 release of the OpenVAS -Manager. it is the central management service between the actual security -scanner and its various user clients. - -This release Correct the behavior of the manager when called with --rebuild, ---update or --migrate in order to produce a more consistent experience, as -well as solve a number of small issues. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Matthew Mundell and Jan-Oliver Wagner. - -Main changes since 5.0+beta9: -* Remove handling of CERTIFICATES otp command. -* Make --rebuild and --update wait for scanner when scanner is busy - loading NVTs. This matches the behaviour when rebuild is called via - SIGHUP. -* Add scan-time record of slave and source interface to reports. -* Remove handling of PLUGINS_DEPENDENCIES OTP command and get_dependencies - OMP command. -* Make --migrate succeed when the database has not yet been initialised. -* Code cleanup. - - -openvas-manager 5.0+beta9 (2014-03-12) - -This is the ninth beta version of the upcoming 5.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and its various user clients. - -This release introduces the new "System Discovery" config, improves handling of -the OpenVAS Scanner connection and fixes two issues related to UTF-8 encoded -text in overrides and notes and to result counts. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Matthew Mundell and Michael Wiegand. - -Main changes since 5.0+beta8: -* A new predefined "System Discovery" config has been added. -* The handling of the connection to the OpenVAS Scanner has been improved. -* An issue which caused a segmentation fault due to incorrect truncation of - UTF-8 encoded text in overrides and notes has been fixed. -* An issue which caused incorrect result counts has been fixed. - - -openvas-manager 5.0+beta8 (2014-03-06) - -This is the eighth beta version of the upcoming 5.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and its various user clients. - -This release adjusts the built-in Report Format Plugins (RFPs) to expect NVT -information to be in the new style. It also removes sections of unused code, -improves Host Discovery handling and fixes a password generation issue. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Matthew Mundell and Michael Wiegand. - -Main changes since 5.0+beta7: -* NVTs are expected to be in the new style by the built-in RFPs. -* Host Discovery will now fall back on more Ping Host defaults. -* An issue which resulted in unusable passwords for LSC credentials being - generated in rare circumstances has been fixed. - - -openvas-manager 5.0+beta7 (2014-02-27) - -This is the seventh beta version of the upcoming 5.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and its various user clients. - -This release fixes a large number of small issues. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Timo Pollmeier and Hani Benhabiles. - -Main changes since 5.0+beta6: -* Update documentation about the alive tests property. -* Increase the OMP version to 5.0. -* Prevent targets currently used to be modified. -* Remove need for all elements to be given in MODIFY_TARGET. -* Large number of small fixes and improvements. - - -openvas-manager 5.0+beta6 (2014-02-16) - -This is the sixth beta version of the upcoming 5.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release adds user language setting, Alive Test property for Targets -and fixes a large number of small bugs. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Michael Wiegand -and Jan-Oliver Wagner - -Main changes since 5.0+beta5: -* Add an Alive Test property to Targets, which can override the scan config - settings. -* Added user setting for preferred interface language. -* Removed column "Most Severe Result(s)" from LaTeX/PDF report format plugin. -* New option "--list-users". -* Moved some functions to openvas-libraries. -* Severity classes added to report XML. -* Large number of small fixes and improvements. - - -openvas-manager 5.0+beta5 (2014-01-28) - -This is the fifth beta version of the upcoming 5.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release improves the reports to include a new results section. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Timo Pollmeier, Michael Wiegand, Benoît Allard, and Jan-Oliver -Wagner - -Main changes since 5.0+beta4: -* Update reports to use the new results sections. -* Add a utility to split huge xml files in a memory efficient way -* Large number of small fixes and improvements - - -openvas-manager 5.0+beta4 (2014-01-15) - -This is the fourth beta version of the upcoming 5.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release adds a couple of new command line options and report format -plugins. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Henri Doreau, Matthew Mundell Timo Pollmeier, -Jan-Oliver Wagner and Michael Wiegand. - -Main changes since 5.0+beta3: -* Use UTF-8 for OTP. -* New option --max-ips-per-target. -* New predefined report format CSV Hosts. -* New predefined report format CSV Results. -* Extended report format plugin for verinice. -* New report format plugin for exporting TLS mapping results into a CSV file. -* Add option --delete-user. -* Rename option --first-user to --create-user. -* Add option --role, which allows to set the role with --create-user. -* New predefined config Host Discovery. -* Large number of small fixes and improvements, especially - regarding permissions. -* The --migrate option now also migrates SCAP and CERT databases. - - -openvas-manager 5.0+beta3 (2013-11-22) - -This is the third beta version of the upcoming 5.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release adds support for Alterable Tasks and Source Interface access -control and features a reworked host access control concept replacing the old -rules based concept. It also features further integration of the new concepts -for severity and permission checks as well as numerous small improvements. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Andre Heinecke, Matthew Mundell, Timo Pollmeier, Stefan -Schwarz and Michael Wiegand. - -Main changes since 5.0+beta2: -* Support for Alterable Tasks has been added. -* Support for Source Interface access control has been added. -* The host access control concept has been reworked, resulting in a removal of - the old rules based concept. -* Support for the new "Severity" concept has been added in more places. -* Resource level permission checking has been improved. -* An issue which caused new databases to be initialised improperly has been - fixed. -* NVT descriptions are no longer stored separately in the database and thus no - longer duplicate information already present in the NVT tags. -* OpenVAS Manager will now attempt to reduce database fragmentation. -* The handling of the obsolete "subnet" element in the results has been - removed. -* The NBE report format plugin has been updated. -* The verinice ISM report format plugin has been updated. -* Support for changing a user password on the command line has been added. -* Large number of small fixes and speed improvements. -* Code cleanup. -* Documentation has been updated. - - -openvas-manager 5.0+beta2 (2013-09-30) - -This is the second beta version of the upcoming 5.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release fixes an issue with autogenerated credentials being unable to -login. It adds support for new functionality added to OpenVAS Scanner since the -last OpenVAS Manager release and features a number of internal improvements -regarding performance, logging and scheduling. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Andre Heinecke, Werner Koch, Matthew Mundell, Timo Pollmeier, -Jan-Oliver Wagner and Michael Wiegand. - -Main changes since 5.0+beta1: -* An issue which caused autogenerated credentials to fail to login has been - fixed. -* Support for regular expression searching has been added to the powerfilter. -* Support for the new "Severity" concept has been added in a number of places. -* The greenbone-scapdata-sync and greenbone-certdata-sync scripts have been - updated. -* Support for the new Scanner message type "Alarm" has been added. -* Support for OTP port forwarding has been removed. -* Support for obsolete scanner preferences has been removed. -* Support for the new host management offered by Scanner has been added. -* Logging has been improved and made more consistent. -* Schedule handling during long running operations has been improved. -* Orphaned results are now removed from the database when starting. -* Database rebuild performance has been improved. -* Performance with large databases has been improved. -* The NBE report format plugin has been updated. -* The verinice ISM report format plugin has been updated. -* Code cleanup. -* Documentation has been updated. - - -openvas-manager 5.0+beta1 (2013-06-25) - -This is the first beta version of the upcoming 5.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release moves user management to OpenVAS Manager from OpenVAS Scanner and -OpenVAS Administrator, introduces group and permissions management and tag -management among other new features. - -Please note that this release changes the location of the credential encryption -key. - -Please make sure to read the INSTALL file for important installation and -migration information, even and especially if you have used OpenVAS Manager -before. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Rodolfo Gouveia, Andre Heinecke, Werner Koch, Matthew Mundell, -Timo Pollmeier, Stefan Sperling, Jan-Oliver Wagner and Michael Wiegand. - -Main changes since 4.0 series: -* The credential encryption keyring is now placed in var/lib/openvas/gnupg - instead of etc/openvas/gnupg. -* The required minimum GnuTLS version has increased to 2.8. -* The required minimum OpenVAS Libraries version has increased to 7.0.0. -* User management has been moved to OpenVAS Manager from OpenVAS Scanner and - OpenVAS Administrator. -* Support for group and permission management has been added. -* Support for managing network service port names has been added. -* Tag management has been added. -* Handling of NVT risk factors has been removed as this is handled via CVSS scores now. -* Handling of the OTP protocol has been updated to match the changes in OpenVAS - Libraries and OpenVAS Scanner. -* Support for user defined OVAL repositories in private subdirectories has been added. -* The scripts for SCAP and CERT data synchronization have been improved. -* Support for searching in the complete SecInfo data has been added. -* The speed of retrieving a task details overview has been improved. -* The handling of missing, inaccessible or corrupt database files has been - improved. -* A default "Discovery" scan configuration hase been added. -* Signature verification now uses the "gpgv" command. -* The verinice ISM report format plugin has been updated. -* Code cleanup. -* Documentation has been updated. - - -openvas-manager 4.0+beta5 (2013-02-22) - -This is the fifth beta version of the upcoming 4.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release adds support for accessing OVAL and DFN-CERT SecInfo data, -for encrypting credentials and for checking user passwords against a -policy. It also features improvements to the report performance, -Master-Slave communication and numerous smaller improvements. - -Many thanks to everyone who has contributed to this release: -Hani Benhabiles, Andre Heinecke, Werner Koch, Matthew Mundell, Timo -Pollmeier, Jan-Oliver Wagner and Michael Wiegand. - -Main changes since 4.0+beta4: -* New: Support for accessing OVAL SecInfo data. -* New: Support for accessing DFN-CERT SecInfo data. -* New: The risk factor of an NVT is now calculated from the CVSS score. -* New: Support for encrypted credentials has been added. -* New: Support for checking user passwords against a policy has been - added. -* Extended: New object management now supports for schedules, tasks, -* slaves, report formats, port lists and scan configs. -* Improved: Override management now supports Powerfilter and Trashcan. -* Improved: Additional parameters in SCAP synchronization script. -* Improved: Handling of the SCAP database. -* Improved: Classification in the report format plugin for ISMS tool "verinice". -* Improved: Performance with large database. -* Improved: Handling of client timeouts during very long operations. -* Improved: Faster report format plugins LaTeX, TXT, HTML and PDF. -* Improved: Master-Slave communication. -* Improved: IPv6 address validation. -* Some functionality has been moved to the openvas-libraries module. - This means that openvas-manager 4.0.+beta5 requires openvas-libraries - 6.0+beta5 or newer to build. - - -openvas-manager 4.0+beta4 (2012-11-05) - -This is the fourth beta version of the upcoming 4.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release reveals a large number of new and improved features. Noteworthy -are the new features Auto-FP, Wizard-Framework, Multiple Alerts and the -extended Powerfilter that also was connected to more object classes. - -Many thanks to everyone who has contributed to this release: -Sebastien Aucouturier, Andre Heinecke, Matthew Mundell, Jan-Oliver Wagner -and Michael Wiegand. - -Main changes since 4.0+beta3: -* New: Auto-FP feature to filter out likely false positives in a report. -* New: Manage closed CVEs, as reported by the Scanner (trusted vendor updates). -* New: Multiple alerts can now be attached to a task. -* New: Wizard framework with first wizard "quick_first_scan" and user setting - for wizard appearance. -* New: Management for Filter objects. -* New: Report format plugins for ISMS tool "verinice". -* New: Alert for sending results to a verinice .PRO server. -* Extended: Management for information such as CPE, including a extended SCAP - data synchronization. -* Extended: Powerfilter now available for Reports. -* Extended: Powerfilters can now be attached to Alerts. -* Improved: Task overview now faster via extra caching methods. -* Improved: Handle daylight saving in schedules. -* Improved: Extended features of Powerfilter such as sorting and result ranges. -* Improved: When importing a report, now the host details are also imported. -* Improved: Reduced database locking times during some operations so that - less blocking happens. -* Improved: Manager serves OMP even when the scanner is down. -* Improved: Notes management now supports Powerfilter and Trashcan. -* Improved: Added switch to control whether a task should contribute to asset - management. -* Improved: Report exports now also contain the comment of the respective task. -* Improved: Report exports now also contain the family of NVTs. -* Improved: Faster report format plugins LaTeX and PDF. -* The ARF report format plugin is now a pre-defined format. -* Added creation and modification times to the powerfilter. -* Added handling of OTP 1.1. -* Improved: Hostname validation. -* Simplified Report Format Plugin handling for pre-defined plugins. -* Various bug fixes and small improvements. - - -openvas-manager 4.0+beta3 (2012-05-04) - -This is the third beta version of the upcoming 4.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release adds support for disabling OMP commands and extends object -management. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Michael Wiegand. - -Main changes since 4.0+beta2: -* Object management has been extended to support creation and modification - times. -* Support for disabling OMP commands via the command line has been added. - - -openvas-manager 4.0+beta2 (2012-04-25) - -This is the second beta version of the upcoming 4.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release contains an improved powerfilter feature, updated protocol -documentation and an improved target object management. It also fixes an issue -with the port list selection. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Michael Wiegand. - -Main changes since 4.0+beta1: -* Improvements to the target object management; targets can now be edited when - they are associated with a task and the task has not yet run. -* A bug which caused the port list selection to be empty has been fixed. -* The protocol documentation has been updated. -* The powerfilter now handles spaces in index filters. - - -openvas-manager 4.0+beta1 (2012-04-16) - -This is the first beta version of the upcoming 4.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release introduces name change from Escalator to Alert and extended -handling of Target object lists. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Michael Wiegand. - -Main changes since 3.0 series: -* Renamed Escalator to Alert. -* Added keyword filter, pagination and edit to Targets. -* New command line options --listen2 and --port2 for a second - OMP address. - - -openvas-manager 3.0.0 (2012-03-26) - -This is the first release of the openvas-manager 3.0 module for the Open -Vulnerability Assessment System release 5 (OpenVAS-5). The OpenVAS Manager is -the central management service between the actual security scanner and various -user clients. - -OpenVAS Manager 3.0 represents a significantly advanced feature set. Most -notable is Asset Management, Port Lists, SecInfo Management with SCAP data, -delta reports and prognostic reports. -The whole functionality is available via the extended protocol: OMP 3.0. - -Many thanks to everyone who has contributed to this release: -Henri Doreau, Stephan Kleine, Matthew Mundell, Jan-Oliver Wagner, -Michael Wiegand and Felix Wolfsteller. - -Main changes since 2.0.x: - -* New: Configuration object 'Port Lists'. -* New: Integrated Asset Management. -* New: Security Information Database: Integrated SCAP data (CPE, CVE) including - update method via feed service. -* New: Delta reports to analyse differences between two scans. -* New: Prognostic scans based on asset data and current SCAP data. -* New: Support for individual time zones for users. -* New: Tasks can be assigned "observes" for read-only access. -* New: Role "Observer" for read-only access. -* New: Support for notes/overrides lifetimes. -* New: Trashcan. It is now possible to place some objects in a trashcan - instead of deleting them directly. -* New: Container tasks for importing reports. -* New: SSH port for Local Security Checks configurable. -* New: Product detections as reported by Scanner are handled to allow detailed - cross-referenced detection information. -* Updated builtin Report Format Plugins HTML, Text and LaTeX/PDF to reflect - various new features that are already present in GSA, including delta and - prognostic reports. -* Improved product detection information in results XML. -* Improved performance for massiv scanner results by using transaction groups. -* Improved Import of Target lists to allow comma-separated, line-by-line lists. -* Doubled entries in Target lists are now eliminated. -* New optional Report Format Plugin for ARF. -* OMP 3.0: All new functionalities form the new version 3.0 of the OpenVAS - Management Protocol (OMP) -* Changed: Report format signatures no longer contain user editable fields. -* Support for large database files on 32-bit platforms has been improved. -* A bug which caused the filter result count to be calculated incorrectly when - searching for text phrases has been fixed. -* Support for sorting results by CVSS score has been added. -* Support for importing results sent through the XML escalator has been added. -* The max_host and max_checks scan performance parameters have been moved from - scan configs to tasks. -* An issue which caused meta data for NVTs in the "Credentials" family to be not - present in the database has been fixed. -* A number of compiler warnings discovered by Stephan Kleine have been - addressed. -* Scan start and end times are now set for imported reports. -* An issue which caused the import of very large reports to fail under certain - circumstances has been fixed. -* The handling of long host lists has been improved. -* Security: Enforces strict permissions on sensitive OpenVAS Manager files. -* Security: Drop privileges before executing report format plugins if running with - elevated privileges. -* Security: Ensures report formats are trusted before executing them. -* Support for escalating result to a Sourcefire Defense Center has been added. -* Support for using an SSH key pair for SSH authentication has been added. - -And additionally changes compared to last release candidate 3.0+rc1: - -* Extra report formats work standalone. -* Observer lists now may also use ',' as separator. -* Observers may now also create notes and overrides for observed tasks. -* Opservers with with Role observer are now allowed to see single results - of the observed tasks. -* Added handling of ssh keys for authenticated tests for Master-Slave mode. -* The PID file is created earlier to avoid daemon handling believe there - is an error. -* Build improvements for modern gcc. - - -openvas-manager 3.0+rc1 (2012-03-15) - -This is the first release candidate of the upcoming 3.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release adds the Port Lists feature and updates the built-in reports -to cover delta and prognostic results. - -Many thanks to everyone who has contributed to this release: -Henri Doreau, Matthew Mundell and Michael Wiegand. - -Main changes since 3.0+beta8: -* Support for Port Lists has been added. -* Updated builtin Report Format Plugins HTML, Text and LaTeX/PDF to reflect - various new features that are already present in GSA, including delta and - prognostic reports. -* Changed signing of Report Format Plugins to exclude comment. -* Improved product detection information in results XML. -* Improved performance for massiv scanner results by using transaction groups. -* Improved Import of Target lists to allow comma-separated, line-by-line lists. -* Doubled entries in Target lists are now eliminated. -* New optional Report Format Plugin for ARF. -* Updated OMP documentation. -* Various little bugs fixed. - - -openvas-manager 3.0+beta8 (2011-12-02) - -This is the eighth beta version of the upcoming 3.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release adds support for note lifetimes and for displaying additional -information in the HTML, LaTeX and TXT report formats. It also fixes an -incorrect result count for Asset Management results. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell and Michael Wiegand. - -Main changes since 3.0+beta7: -* Support for note lifetimes has been added. -* A bug which caused an incorrect result count in the Asset Management view has - been fixed. -* Support for displaying the hostname and the note and override lifetimes has - been added to the following report formats: HTML, LaTeX and TXT. - - -openvas-manager 3.0+beta7 (2011-11-23) - -This is the seventh beta version of the upcoming 3.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release improves the handling of timestamps in reports and uses report -format signatures without the user editable fields, ensure the trust level stays -correct if these fields have been changed. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell and Michael Wiegand. - -Main changes since 3.0+beta6: -* The handling of timestamps in reports has been improved. -* Report format signatures no longer contain user editable fields. - - -openvas-manager 3.0+beta6 (2011-11-16) - -This is the sixth beta version of the upcoming 3.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release adds support for listing NVTs addressing a certain CVE and for -override lifetimes. It fixes a bug in the threat level display and improves the -handling of SCAP data. - -Many thanks to everyone who has contributed to this release: -Henri Doreau, Matthew Mundell and Michael Wiegand. - -Main changes since 3.0+beta5: -* Support for listing NVTs addressing a certain CVE has been added. -* A bug which cause the wrong threat level to be displayed for tasks with - multiple reports under rare circumstances has been fixed. -* Support for override lifetimes has been added. -* Support for displaying the SCAP update timestamp has been added. - - -openvas-manager 3.0+beta5 (2011-10-10) - -This is the fifth beta version of the upcoming 3.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release adds support for a number of new features, including asset -management, direct use of SCAP data, prognostic scans, task observers and -individual time zones for users. It also improves support for large database -files on 32-bit platforms. - -NOTE: The Manager now expects the OpenVAS Scanner to send timestamps based on -the UTC time zone. Care must be take to use UTC for the Scanner or upgrade to -OpenVAS Scanner >= 3.3+beta2, which enforces the use of UTC internally. - -Many thanks to everyone who has contributed to this release: -Henri Doreau, Matthew Mundell and Michael Wiegand. - -Main changes since 3.0+beta4: -* Support for asset management been added. -* Support for using SCAP data directly has been added. -* A support script for retrieving SCAP data has been added. -* Support for prognostic scans has been added. -* Support for large database files on 32-bit platforms has been improved. -* Support for task observers has been added. -* Support for individual time zones for users has been added. - - -openvas-manager 3.0+beta4 (2011-07-21) - -This is the fourth beta version of the upcoming 3.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release resolves a minor issue discovered after the release of OpenVAS -Manager 3.0+beta3 and adds support for sorting results by CVSS. For details, -please refer to the list of changes below. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell and Michael Wiegand. - -Main changes since 3.0+beta3: -* A bug which caused the filter result count to be calculated incorrectly when - searching for text phrases has been fixed. -* Support for sorting results by CVSS score has been added. -* Support for importing results sent through the XML escalator has been added. -* The max_host and max_checks scan performance parameters have been moved from - scan configs to tasks. - - -openvas-manager 3.0+beta3 (2011-06-24) - -This is the third beta version of the upcoming 3.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release resolves several minor issues discovered after the release of -OpenVAS Manager 3.0+beta2 and adds support for delta reports. For details, -please refer to the list of changes below. - -Many thanks to everyone who has contributed to this release: -Henri Doreau, Stephan Kleine, Matthew Mundell and Michael Wiegand. - -Main changes since 3.0+beta2: -* Support for delta reports has been added. -* An issue which caused meta data for NVTs in the "Credentials" family to be not - present in the database has been fixed. -* A number of compiler warnings discovered by Stephan Kleine have been - addressed. -* A race condition which caused empty reports from the slave when running in - master-slave mode under certain conditions has been fixed. -* Scan start and end times are now set for imported reports. - - -openvas-manager 3.0+beta2 (2011-05-19) - -This is the second beta version of the upcoming 3.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release resolves several minor issues discovered after the release of -OpenVAS Manager 3.0+beta1. For details, please refer to the list of changes -below. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell and Michael Wiegand. - -Main changes since 3.0+beta1: -* An issue which caused the import of very large reports to fail under certain - circumstances has been fixed. -* An issue which caused the date of the scan end to be missing from scans if - they were associated with an escalator created with an early Manager version - has been fixed. -* The handling of long host lists has been improved. - - -openvas-manager 3.0+beta1 (2011-03-02) - -This is the first beta version of the upcoming 3.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. - -This release introduces a number of new features. For details, please refer to -the list of changes below. - -Many thanks to everyone who has contributed to this release: -Stephan, Kleine, Matthew Mundell, Michael Wiegand and Felix Wolfsteller. - -Main changes since 2.0 series: -* New feature: Trashcan. It is now possible to place objects in a trashcan - instead of deleting them directly. -* Support for Host Details reported by OpenVAS Scanner has been added. -* Support for container task (imported reports) has been added. -* Support for specifying an SSH port for Local Security Checks has been added. -* Security: Enforces strict permissions on sensitive OpenVAS Manager files. -* Security: Drop privileges before executing report format plugins if running with - elevated privileges. -* Security: Ensures report formats are trusted before executing them. -* Support for escalating result to a Sourcefire Defense Center has been added. -* Support for using an SSH key pair for SSH authentication has been added. -* The mail addresses supplied for an email escalator are now used in the correct - order. - - -openvas-manager 2.0.2 (2011-03-02) - -This is the second maintenance release of the openvas-manager 2.0 module for the -Open Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager -is the central management service between the actual security scanner and -various user clients. - -This release closes a number of memory and resource leaks discovered after the -release of OpenVAS Manager 2.0.1, fixes the host count calculation and fixes an -issue which occurred when upgrading very old installations. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Michael Wiegand and Felix Wolfsteller. - -Main changes since 2.0.1: -* The test infrastructure has been updated. -* A bug which caused the host count to be calculated incorrectly under certain - circumstances has been fixed. -* A number of memory and resource leaks discovered by Felix Wolfsteller have - been closed. -* A bug which caused database migration to fail when upgrading very old - installations has been fixed. - - -openvas-manager 2.0.1 (2011-02-18) - -This is the first maintenance release of the openvas-manager 2.0 module for the -Open Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager -is the central management service between the actual security scanner and -various user clients. - -This release adds support for fallback system reports, changes the default value -of the "unscanned_closed" preference to "yes" for predefined configurations and -fixes an issue with signature verification in the manager. It also contains -improvements to report format signature infrastructure and fixes an issue with -the host name validation. - -Many thanks to everyone who has contributed to this release: -Stephan Kleine, Matthew Mundell and Michael Wiegand. - -Main changes since 2.0.0: -* Support for fallback system reports has been added in case where a full system - report is unavailable. -* The expected location for signatures has been updated to match the FHS related - changes in OpenVAS Scanner. -* The "unscanned_closed" preference now defaults to "yes" for predefined - configs. -* The report format signature infrastructure has been improved. -* A bug which caused valid host names to be reject under certain circumstances - has been fixed. - - -openvas-manager 2.0.0 (2011-02-08) - -This is the first release of the openvas-manager 2.0 module for the Open -Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager is -the central management service between the actual security scanner and various -user clients. - -OpenVAS Manager 2.0 represents a significantly advanced feature set. Most -notable is the new plugin-based report format framework which allows to produce -arbitrary scan reports (text, graphs, maps, connectors etc.). The new -master-slave mode allow to network multiple Manager instances. The whole -functionality is available via the extended protocol: OMP 2.0. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller. - -Main changes since 1.0.x: - -* Report Format plugin framework. All previous reporting features were converted - to plugins. The XML representation of a report is now the base for any plugin - and thus consistency of reports is improved. - - Report Format Plugins can be set active so that they appear in the selection - lists. Selections can consider content types so that for example only the - plugins with content type "text" are offered as email body. - - It is possible to use parameters for the plugins so the user can adjust the - behaviour of the Report Format to the individual preferences or needs. - - A verification method allows to distribute signatures for valid plugins via - the NVT Feed. - -* New default Report Format: TXT for simple text. - -* New default Report Format: LaTeX for LaTeX source. - -* New sample Report Format: Simple Bar Chart. - Demonstrates how to use Gnuplot for graphical reports. - -* New sample Report Format: Simple Topo Plot. - Demonstrates how to use Graphviz for graphical reports. - -* New sample Report Format: Simple Pie Chart. - Demonstrates how to use PyChart for graphical reports. - -* New sample Report Format: Simple Map Plot. - Demonstrates how to use MapServer and GDAL for graphical reports. - -* New sample Report Format: Sourcefire Host Input. - Demonstrates that Report Formats can be used to build connectors. - -* Master-Slave feature. Any OpenVAS Manager can use one or many other OpenVAS - Manager as slave to run scans. The whole scan task is transferred to the - slave, results are continuously reported to the Master during scan process. - After the scan is finished all data are removed from the slave. - - The master can also retrieve system reports from the slave and thus can - collect the performance overview for all configured slaves. - -* New Escalator: HTTP GET. This allows for example to access text message (SMS) - gateways or ticket management systems. - -* Extended Escalator: For email escalation it is now possible - to select from configured Report Formats to be included in the email body. - -* Agents: A verification method was added. This allows to distribute signatures - for valid agents via the NVT Feed. - -* Credentials: Can now be edited. This allows to change the login name or - password without the need to create a new scan configuration. - -* Credentials: Auto-generated installer packages are now created on the fly. If - the generators are improved, it is now easy to create an updated package for - already existing credentials. - -* Credentials: Credentials for SMB and SSH are now separated. - -* OMP self-documentation: Part of the Managers' XML-based communication protocol - OMP 2.0 is to deliver the full specification and documentation of the - protocol itself (command "HELP"). It can be retrieved as XML-, - RNC- or HTML representation. - -* Targets: Various opportunities have been added to specify and combine IP - ranges and ports. - -* Tasks: The task overview is delivered much faster now. - -* Reports: The report filtering is much faster now. - -* Hardening flags are now enabled during compile time to increase code quality. - -* Compliance with the GNU Coding Standards and the Filesystem Hierarchy - Standard has been improved. - -* A security-relevant bug has been fixed regarding email escalation methods. - Configured OpenVAS users were able to damage installation and/or gain higher - privileges. - -Main changes since 2.0+rc4: -* The logging behaviour when started with --verbose has been improved. -* The w3af NVT is no longer part of the Full and fast default scan config. -* The build environment has been cleaned up. - - -openvas-manager 2.0+rc4 (2011-02-04) - -This is the fourth release candidate for the upcoming 2.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next -generation of the Open Vulnerability Assessment System. - -It fixes an issue in override creation and feature an improved documentation and -build environment and is now compliant to the Filesystem Hierarchy Standard -(FHS), version 2.3. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand. - -Main changes since 2.0+rc2: -* Documentation has been updated. -* OpenVAS Manager now uses pkg-config to find required libraries. -* An issue which caused the creation of overrides to fail under some - circumstances has been fixed. -* The installation is now compliant with Filesystem Hierarchy Standard (FHS - 2.3). - - -openvas-manager 2.0+rc3 (2011-01-21) - -This is the third release candidate for the upcoming 2.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next -generation of the Open Vulnerability Assessment System. - -It fixes a serious security bug and it is highly recommended to update any -installation of OpenVAS Manager 2.0 with this release. It also fixes a database -migration issue and introduces a better setting for the default logging. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand. - -Main changes since 2.0+rc2: -* A security-relevant bug has been fixed regarding email escalation methods. - Configured OpenVAS users were able to damage installation and/or gain higher - privileges. -* An issue which caused database migration to fail under certain circumstances - has been fixed. -* The default log level has been reduced to warning to prevent the logging of - potentially sensitive information in the default configuration. - - -openvas-manager 2.0+rc2 (2011-01-10) - -This is the second release candidate for the upcoming 2.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next -generation of the Open Vulnerability Assessment System. - -This release features updated protocol documentation, masks passwords when LSC -package creation commands are logged and makes the output of --version compliant -with the GNU Coding Standards. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller. - -Main changes since 2.0+rc1: -* The protocol documentation has been brought up to date. -* The output of --version now complies with the GNU Coding Standards. -* Passwords are now masked when loggings LSC package creation commands. - - -openvas-manager 2.0+rc1 (2010-12-21) - -This is the first release candidate for the upcoming 2.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next -generation of the Open Vulnerability Assessment System. - -This release adds support for separate SMB and SSH credentials, for setting -per-target port ranges and for retrieving the total number of results matching -an applied filter. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell and Michael Wiegand. - -Main changes since 2.0+beta3: -* The protocol documentation has been improved. -* Target credentials for SMB and SSH are now separated. -* Support for setting the port range for a target has been added. -* Hardening flags are now enabled during compile time to increase code quality. -* Support for retrieving the total number of results matching an applied filter - has been added. - - -openvas-manager 2.0+beta3 (2010-12-10) - -This is the third beta version of the upcoming 2.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next -generation of the Open Vulnerability Assessment System. - -This release includes further improvements to the protocol self-documentation -and fixes two issues regarding internal links in PDF reports and downloads of -LSC credential packages. It also enables NTLMSSP support for NVTs by default to -improve LSC behaviour for Microsoft Windows, makes escalator messages more -informational and LaTeX and PDF reports more consistent with other report -formats. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell and Michael Wiegand. - -Main changes since 2.0+beta2: -* The protocol self-documentation has been improved. -* NTLMSSP is now enabled by default. -* Escalator message now include more information. -* The LaTeX and PDF reports have been made more consistent with the other - report formats. -* An issue which caused internal links in the PDF report to link to wrong - results under certain circumstances has been fixed. -* An issue which caused some existing LSC credential packages to be empty on - subsequent downloads under certain circumstances has been fixed. - - -openvas-manager 2.0+beta2 (2010-12-01) - -This is the second beta version of the upcoming 2.0 release of the OpenVAS -Manager. It is the central management service between the actual security -scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next -generation of the Open Vulnerability Assessment System. - -This release includes a fix for incorrect counting in the ports overview and -features an improved protocol self-documentation, an improved logging -infrastructure and a speed up for LaTeX and PDF report generation. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell and Michael Wiegand. - -Main changes since 2.0+beta2: -* The protocol self-documentation has been improved. -* A number of superfluous log messages has been downgraded or removed. -* A bug which caused issues to be counted incorrectly in the ports overview has - been fixed. -* The generation of PDF and LaTeX reports is now faster. - - -openvas-manager 2.0+beta1 (2010-11-19) - -This is the first beta version of the upcoming 2.0 release of the -OpenVAS Manager. It is the central management service between -the actual security scanner and various user clients. -Release 2.0 is part of OpenVAS 4, the next generation -of the Open Vulnerability Assessment System. - -OpenVAS Manager 2.0 represents a significantly advanced feature set. -Most notable is the new plugin-based report format framework which -allows to produce arbitrary scan reports (text, graphs, maps, connectors etc). -The new master-slave mode allow to network multiple Manager instances. -The whole functionality is available via the extended protocol: OMP 2.0. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller. - -Central new features of OpenVAS Manager 2.0: - -* Report Format plugin framework. All previous reporting features - were converted to plugins. The XML representation of a report - is now the base for any plugin and thus consistency of reports - is improved. - - Report Format Plugins can be set active so that they - appear in the selection lists. Selections can consider - content types so that for example only the plugins with - content type "text" are offered as Email body. - - It is possible to use parameters for the plugins so the - user can adjust the behaviour of the Report Format to - the individual preferences or needs. - - A verification method allows to distribute signatures - for valid plugins via the NVT Feed. - -* New default Report Format: TXT for simple text. - -* New default Report Format: LaTeX for LaTeX source. - -* New sample Report Format: Simple Bar Chart. - Demonstrates how to use Gnuplot for graphical reports. - -* New sample Report Format: Simple Topo Plot. - Demonstrates how to use Graphviz for graphical reports. - -* New sample Report Format: Simple Pie Chart. - Demonstrates how to use PyChart for graphical reports. - -* New sample Report Format: Simple Map Plot. - Demonstrates how to use MapServer and GDAL for graphical reports. - -* New sample Report Format: Sourcefire Host Input. - Demonstrates that Report Formats can be used to build connectors. - -* Master-Slave feature. Any OpenVAS Manager can use one or many other - OpenVAS Manager as slave to run scans. The whole scan task - is transferred to the slave, results are continuously reported - to the Master during scan process. After the scan is finished - all data are removed from the slave. - - The master can also retrieve system reports from the slave and - thus can collect the performance overview for all configured slaves. - -* New Escalator: HTTP GET. This allows for example to access - text message (SMS) gateways or ticket management systems. - -* Extended Escalator: For EMail escalation it is now possible - to select from configured Report Formats to be included in the - Email body. - -* Agents: A verification method was added. This allows to - distribute signatures for valid agents via the NVT Feed. - -* Credentials: Can now be edited. This allows to change the login - name or password without the need to create a new scan configuration. - -* Credentials: Auto-generated installer packages are now created on - the fly. If the generators are improved, it is now easy to create - an updated package for already existing credentials. - -* OMP self-documentation: Part of the Managers' XML-based communication protocol - OMP 2.0 is to deliver the full specification and documentation of the - protocol itself (command "HELP"). It can be retrieved as XML-, - RNC- or HTML representation. - -* Targets: Various opportunities have been added to specify and combine IP ranges. - -* Tasks: The task overview is delivered much faster now. - -* Reports: The report filtering is much faster now. - - -openvas-manager 1.0.0 (2010-07-29) - -This is the 1.0.0 release of the openvas-manager module for the Open -Vulnerability Assessment System (OpenVAS). - -OpenVAS Manager 1.0 represents almost 2 years of intensive work. The mission of -OpenVAS Manager is to offer powerful and comfortable vulnerability management on -top of the actual vulnerability scanner, OpenVAS Scanner 3.1. - -The OpenVAS Manager is a layer between the OpenVAS Scanner and various client -applications. The upcoming clients cover web, desktop and command line -technology and will replace the classic OpenVAS Client. - -Central features of OpenVAS Manager are: - -* New XML-based protocol OMP (OpenVAS Management Protocol) which client tools - use to control scans, results, etc. - -* SQL database where configurations, scan results etc. are stored. Thus, clients - do not need to keep local storage anymore. - -* Full control of scan processes. This includes multiple concurrent scans as - well as stopping, pausing, resuming and not at least the scheduling of scans. - -* Management of scan notes, false positives and result escalators (notification - on finished scans). - -OpenVAS Manager is Free Software (Open Source), licensed under GNU General -Public License Version 2 or any later version. - -The first compatible client application to be released will be the web client -GSA (Greenbone Security Assistant), approximately next week. -Beta- and alpha versions of various clients are already available for download. - -The OpenVAS development team offers support for any efforts to create binary -packages for the various Linux distributions in order have this new server -readily available for users as soon as possible. Please use our openvas-distro -mailing list for this purpose. - -Many thanks to everyone who has contributed to this release since 1.0.0.rc1: -Stephan Kleine, Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix -Wolfsteller. - -Main changes since 1.0.0.rc1: -* A number of build issues has been addressed. -* The code documentation has been updated. -* Code cleanup: Internal error handling has been made more consistent. -* A potential resource leak identified by static analysis has been fixed. -* A bug which caused NVT preferences to be displayed incorrectly has been - fixed. - - -openvas-manager 1.0.0.rc1 (2010-07-15) - -This is the first release candidate of the openvas-manager module for the Open -Vulnerability Assessment System (OpenVAS) leading up to the upcoming -openvas-manager 1.0. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Michael Wiegand and Felix Wolfsteller. - -Main changes since 1.0.0-beta7: -* Code cleanup: Internal resource management has been improved to use UUIDs in - more places. -* Support for agents has been improved. -* Support for external target sources has been added. -* A bug which caused PDF exports to fail if the NVT description contained - certain characters has been fixed. -* A bug which caused hosts in the scan result to be sorted incorrectly under - certain circumstances has been fixed. -* Support for defining threat overrides has been added. -* Some OMP commands have been renamed and adjusted to make the protocol more - concise and useful. -* Support for event logging has been added. -* Support for syslog escalators has been added. -* The documentation has been updated. - - -openvas-manager 1.0.0-beta7 (2010-05-28) - -This is the seventh beta release of the openvas-manager module for the Open -Vulnerability Assessment System (OpenVAS) leading up to the upcoming -openvas-manager 1.0. - -IMPORTANT: Since version 1.0.0-beta6, the manager uses certificate based -authentication to authenticate against an openvas-scanner. Please do read the -INSTALL file provided with openvas-manager and make sure you have -openvas-scanner 3.0.2 or higher before installing this manager version! - -Many thanks to everyone who has contributed to this release: -Stephan Kleine, Matthew Mundell, Michael Wiegand and Felix Wolfsteller. - -Main changes since 1.0.0-beta6: - -* A large amount of code which was present in both openvas-manager and - openvas-administrator has been moved to openvas-libraries. -* An issue that caused started tasks to remain in the "Requested" stage - indefinitely has been fixed. -* An issue that caused incorrect values of the scan progress under certain - conditions has been fixed. -* A new escalator condition has been add: Threat Level Changed. -* Open ports are now included in scan reports even if no vulnerability was - detected on that port. -* Support for CVSS scores and Risk Factors has been improved. -* Support for excluding host without any results from the report has been added. - - -openvas-manager 1.0.0-beta6 (2010-04-15) - -This is the sixth beta release of the openvas-manager module for the Open -Vulnerability Assessment System (OpenVAS) leading up to the upcoming -openvas-manager 1.0. - -IMPORTANT: The manager now uses certificate based authentication to authenticate -against an openvas-scanner. Please do read the INSTALL file provided with -openvas-manager and make sure you have openvas-scanner 3.0.2 or higher before -installing this manager version! - -Many thanks to everyone who has contributed to this release: -Hartmut Goebel, Stephan Kleine, Matthew Mundell, Joseph Sokol-Margolis, -Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller. - -Main changes since 1.0.0-beta5: - -* A bug which caused incorrect NVT counts in the scan config under certain - circumstances has been fixed. -* The manager now uses certificate based authentication. -* Support for resuming stopped tasks has been added. -* Support for task scheduling has been added. -* The openvasmd binary will now install into /usr/sbin instead of /usr/bin. - - -openvas-manager 1.0.0-beta5 (2010-03-04) - -This is the fifth beta release of the openvas-manager module for the Open -Vulnerability Assessment System (OpenVAS) leading up to the upcoming -openvas-manager 1.0. - -Many thanks to everyone who has contributed to this release: -Stephan Kleine, Matthew Mundell and Felix Wolfsteller. - -Main changes since 1.0.0-beta4: - -* More internal data structures are now identified by UUID and not by - name. -* Several build issues have been fixed. -* Note management has been introduced. -* Support for handling ITG and CPE reports has been added. -* OTP forwarding is now disabled by default. - - -openvas-manager 1.0.0-beta4 (2010-02-08) - -This is the fourth beta release of the openvas-manager module for the Open -Vulnerability Assessment System (OpenVAS) leading up to the upcoming -openvas-manager 1.0. - -Many thanks to everyone who has contributed to this release: -Stephan Kleine and Matthew Mundell. - -Main changes since 1.0.0-beta3: - -* More internal data structures are now identified by UUID and not by - name. -* A bug which prevented PDF reports to be generated from certain results due to - unescaped LaTeX characters has been fixed. -* A number of formatting and casting issues found by Stephan Kleine have been - fixed. -* The man page has been updated. - - -openvas-manager 1.0.0-beta3 (2010-02-05) - -This is the third beta release of the openvas-manager module for the Open -Vulnerability Assessment System (OpenVAS) leading up to the upcoming -openvas-manager 1.0. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell and Felix Wolfsteller. - -Main changes since 1.0.0-beta2: - -* Nmap is now the default port scanner for predefined configurations. -* The man page has been updated. -* LSC credential management has been improved. -* A number of internal data structures are now identified by UUID and not by - name. -* The manager now converts all input from the scanner to UTF-8. -* The encoding of the LaTeX report has been switch to UTF-8. -* A bug that caused some settings to be ignored during scan configuration import - has been fixed. - - -openvas-manager 1.0.0-beta2 (2010-01-26) - -This is the second beta release of the openvas-manager module -for the Open Vulnerability Assessment System (OpenVAS) leading up to the -upcoming openvas-manager 1.0. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell and Felix Wolfsteller. - -Main changes since 1.0.0-beta1: - -* Deleting of active reports is prevented. -* Introduced ownership for all objects. - This makes objects (like a "target") not - appear for other users anymore. -* Improved ISO-8859-1 to UTF-8 conversion hacks. -* Allowed "\" for login names (important for windows) -* Send users host restrictions ("rules") via OTP when - starting a scan. -* Activated NSIS package generator for credentials management. -* Filter out potentials passwords from logging. -* Introduced UUIDs for users. -* Improved PDF report generator. - - -openvas-manager 1.0.0-beta1 (2010-01-12) - -This is the first beta release of the openvas-manager module -for the Open Vulnerability Assessment System (OpenVAS) leading up to the -upcoming openvas-manager 1.0. - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Felix Wolfsteller and Michael Wiegand. - -Main changes since 0.9.8: - -* Agent support has been improved. -* Escalation support has been added. -* A bug in PDF generation which could cause the manager to stay in an infinite - loop under certain conditions has been fixed. -* Support for exporting scan configurations has been added. -* Support for performance monitoring has been added. -* An issue which could cause some preferences not to be sent to the scanner has - been fixed. -* Initial searching support has been added. - - -openvas-manager 0.9.8 (2009-12-21) - -This is the fourteenth development release of the openvas-manager module -for the Open Vulnerability Assessment System (OpenVAS). - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Jan-Oliver Wagner, Felix Wolfsteller and Michael Wiegand. - -Main changes since 0.9.7: - -* Database performance has been improved. -* Credential management has been improved. -* Initial agent support has been added. -* Support for cross-referencing in tasks, configs and targets has been added. - - -openvas-manager 0.9.7 (2009-12-08) - -This is the thirteenth development release of the openvas-manager module -for the Open Vulnerability Assessment System (OpenVAS). - -Many thanks to everyone who has contributed to this release: -Michael Wiegand and Tim Brown. - -Main changes since 0.9.6: - -* A bug which caused the number of selected NVTs within a family to be wrongly - calculated under certain circumstances has been fixed. - - -openvas-manager 0.9.6 (2009-12-01) - -This is the twelfth development release of the openvas-manager module -for the Open Vulnerability Assessment System (OpenVAS). - -Many thanks to everyone who has contributed to this release: -Matthew Mundell and Felix Wolfsteller. - -Main changes since 0.9.5: - -* Support for empty scan config templates has been added. - - -openvas-manager 0.9.5 (2009-11-30) - -This is the eleventh development release of the openvas-manager module -for the Open Vulnerability Assessment System (OpenVAS). - -Many thanks to everyone who has contributed to this release: -Matthew Mundell and Felix Wolfsteller. - -Main changes since 0.9.4: - -* Server preference handling has been improved. -* The build environment has been made more robust. -* Support for per-NVT timeouts has been added. -* The database upgrade has been made more flexible. -* The library used for UUID generation has been changed to a more widely - available library. -* Updating of the internal cache has been improved. -* The layout of the PDF reports has been improved. -* An issue with long task start times has been fixed. -* Cache management has been improved. - - -openvas-manager 0.9.4 (2009-11-23) - -This is the tenth development release of the openvas-manager module -for the Open Vulnerability Assessment System (OpenVAS). - -Many thanks to everyone who has contributed to this release: -Matthew Mundell and Felix Wolfsteller. - -Main changes since 0.9.3: - -* The layout of the PDF reports has been improved. -* A bug which broke DB migration under certain circumstances has been fixed. -* Support for NVT family retrieval and configuration management has been - introduced. -* Cache management has been improved. - - -openvas-manager 0.9.3 (2009-11-09) - -This is the ninth development release of the openvas-manager module -for the Open Vulnerability Assessment System (OpenVAS). - -Many thanks to everyone who has contributed to this release: -Matthew Mundell, Felix Wolfsteller and Michael Wiegand. - -Main changes since 0.9.2: - -* Database handling and migration has been improved. -* Code cleanup. -* NVT selection based on the family attributed has been introduced. -* Sorting parameters have been added to most data retrieval commands. -* Support for retrieving NVT preferences has been introduced. -* The NBE output has been harmonized with the NBE output of openvas-client. -* Support for filtering results has been added. -* The layout of the LaTeX reports has been improved. -* The layout of the PDF reports has been improved. - - -openvas-manager 0.9.2 (2009-10-26) - -This is the eighth development release of the openvas-manager module -for the Open Vulnerability Assessment System (OpenVAS). - -Many thanks to everyone who has contributed to this release: -Tim Brown, Matthew Mundell, Felix Wolfsteller, Jan-Oliver Wagner and Michael -Wiegand. - -Main changes since 0.9.1: - -* Improved preference caching. -* Support for migrating old openvas-manager databases has been added. -* Pidfile management has been refactored. -* LSC support has been improved. -* The layout of the LaTeX reports has been improved. -* Many more fixes and improvements. - - -openvas-manager 0.9.1 (2009-10-19) - -This is the seventh development release of the openvas-manager module -for the Open Vulnerability Assessment System (OpenVAS). - -Many thanks to everyone who has contributed to this release: -Tim Brown, Matthew Mundell, Felix Wolfsteller, Jan-Oliver Wagner and Michael -Wiegand. - -Main changes since 0.9.0: - -* NVT preferences are now cached in the database. -* Support for storing and sending files has been added. -* Parsing of the NVT category has been fixed. -* Premature pidfile deletion has been fixed. -* The START_TASK response now contains the id of the report for this scan. -* Many more fixes and improvements. - - -openvas-manager 0.9.0 (2009-09-30) - -This is the sixth development release of the openvas-manager module -for the Open Vulnerability Assessment System (OpenVAS). - -Many thanks to everyone who has contributed to this release: -Mattew Mundell, Felix Wolfsteller and Jan-Oliver Wagner. - -Main changes since 0.8.1: - -* Moved OMP library to openvas-libraries -* openvas-libraries >= 3.0 now required -* Add support of OMP commands CREATE_LSC_CREDENTIAL, - DELETE_LSC_CREDENTIAL and GET_LSC_CREDENTIALS. -* Many fixes and improvements - -openvas-manager 0.8.1 (2009-09-14) - -This is a maintenance release of the openvas-manager module for the Open -Vulnerability Assessment System (OpenVAS). - -It contains a number of small improvements and bugfixes. - - -openvas-manager 0.7.0 (2009-08-21) - -This is a maintenance release of the openvas-manager module for the Open -Vulnerability Assessment System (OpenVAS). - -It contains considerable changes and vastly improved functionality. - - -openvas-manager 0.6.1 (2009-06-22) - -This is a maintenance release of the openvas-manager module for the Open -Vulnerability Assessment System (OpenVAS). - -It contains a few minor changes to improve compatibility with the Debian -packaging system and other OpenVAS modules. - - -openvas-manager 0.6.0 (2009-06-18) - -This is the second public release of the openvas-manager module for the Open -Vulnerability Assessment System (OpenVAS). - -It offers improved support for the new OpenVAS Management Protocol (OMP) and -new and improved functionality. -The following areas have been added or significantly improved: -- User authentication -- Task ID assignment (UUIDs) -- Retrieving checksums of the NVT collection -- NVT information retrieval -- Certificate handling - -In addition, the protocol implementation has been updated to match -the specification more closely. - - -openvas-manager 0.5.0 (2009-05-08) - -This is the first public release of the openvas-manager module for the Open -Vulnerability Assessment System (OpenVAS). - -The OpenVAS Manager aims to be a layer between OpenVAS-Client and -the actual OpenVAS Server. Basically it should be responsible for -any tasks where no high system privileges are required. - -This module is in an early development stage and not yet intended for -production use. - -It is not mandatory to have OpenVAS Manager for using OpenVAS 1.0 or 2.0. - -Usage example: -If openvasd is running on port 7772, the following command starts the manager -on port 1241. The client can then connect to port 1241 as though it was -connecting to openvasd. - -# openvasmd --port 1241 --sport 7772 - -More information about the command line arguments can be obtained using: - -# openvasmd --help From f2cec2dfbec09c531ae35e52354693ca6957cbc8 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 14 Aug 2019 14:36:53 +0200 Subject: [PATCH 7/9] Correct tables in delete_tls_certificates_user --- src/manage_sql_tls_certificates.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/src/manage_sql_tls_certificates.c b/src/manage_sql_tls_certificates.c index 5bce19a36..44980bcc5 100644 --- a/src/manage_sql_tls_certificates.c +++ b/src/manage_sql_tls_certificates.c @@ -826,11 +826,7 @@ delete_tls_certificates_user (user_t user) { /* Regular tls_certificate. */ - sql ("DELETE FROM tls_certificate WHERE owner = %llu;", user); - - /* Trash tls_certificate. */ - - sql ("DELETE FROM tls_certificate_trash WHERE owner = %llu;", user); + sql ("DELETE FROM tls_certificates WHERE owner = %llu;", user); } /** From e3dbfc4217de74e67c63b1fe76eb216e016420c0 Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Wed, 14 Aug 2019 14:38:55 +0200 Subject: [PATCH 8/9] Update changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1321524fc..765899a9c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,7 +7,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## [Unreleased] ### Added -- Added TLS certificates as a new resource type [#585](https://github.com/greenbone/gvmd/pull/585) [#663](https://github.com/greenbone/gvmd/pull/663) [#673](https://github.com/greenbone/gvmd/pull/673) +- Added TLS certificates as a new resource type [#585](https://github.com/greenbone/gvmd/pull/585) [#663](https://github.com/greenbone/gvmd/pull/663) [#673](https://github.com/greenbone/gvmd/pull/673) [#695](https://github.com/greenbone/gvmd/pull/695) - Update NVTs via OSP [#392](https://github.com/greenbone/gvmd/pull/392) [#609](https://github.com/greenbone/gvmd/pull/609) [#626](https://github.com/greenbone/gvmd/pull/626) - Handle addition of ID to NVT preferences. [#413](https://github.com/greenbone/gvmd/pull/413) - Add setting 'OMP Slave Check Period' [#491](https://github.com/greenbone/gvmd/pull/491) From 774246369ff1f02133bb649b7f2bb95fc862c16c Mon Sep 17 00:00:00 2001 From: Matt Mundell Date: Thu, 15 Aug 2019 12:11:29 +0200 Subject: [PATCH 9/9] Update changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 765899a9c..f46926a96 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -39,7 +39,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Fix an issue in getting the reports from GMP scanners [#659](https://github.com/greenbone/gvmd/pull/659) [#665](https://github.com/greenbone/gvmd/pull/665) - Fix GET_SYSTEM_REPORTS using slave_id [#668](https://github.com/greenbone/gvmd/pull/668) - Fix RAW_DATA when calling GET_INFO with type NVT without attributes name or info_id [#682](https://github.com/greenbone/gvmd/pull/682) -- Fix ORPHAN calculation in GET_TICKETS [#684](https://github.com/greenbone/gvmd/pull/684) +- Fix ORPHAN calculations in GET_TICKETS [#684](https://github.com/greenbone/gvmd/pull/684) [#692](https://github.com/greenbone/gvmd/pull/692) - Fix assignment of orphaned tickets to the current user [#685](https://github.com/greenbone/gvmd/pull/685) ### Removed