Skip to content

v1.12.2

Compare
Choose a tag to compare
@github-actions github-actions released this 11 Sep 14:20
· 181 commits to main since this release
fcd5ec9

Added Features

Bug Fixes

  • Fix improper decoding of SPDX license expressions in the CycloneDX format [#3175 @NyanKiyoshi]
  • improve generated cpes for binaries with existing classifiers [#3169 @westonsteimel]
  • improve known CPEs and set NVD as source for all current binary classifiers [#3167 @westonsteimel]
  • Respond to authoratative CPEs from catalogers [#3166 @wagoodman]
  • Set cataloger names within package cataloger task [#3165 @wagoodman]
  • use official CPE for curl binary cataloger [#3164 @westonsteimel]
  • Fix ELF package correlations [#3151 @wagoodman]
  • no space left and Could not retrieve mirrorlist in test [#3181 #3190 @wagoodman]
  • Multiple versions of libssl3 and libcrypto3 present in SBOM while only one version is installed [#3195]
  • CycloneDX convertion into Syft improperly handles SPDX licenses [#3172]
  • Syft Cause stack overflow [goroutine stack exceeds 1000000000-byte limit] [#3163 #3170 @kzantow]
  • Mysql binary detection version incorrect for 8.0.x [#3141 #3142 @kzantow]

Additional Changes

(Full Changelog)