-
-
Notifications
You must be signed in to change notification settings - Fork 16
/
ChangeLog
111 lines (81 loc) · 3.56 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
# ChangeLog
## 1.0.9 - Apr 04 2022
- Added +43 new CVE descriptions
- Improved CVE-2019-15221 detection
- Fixed CVE-2020-25670 detection
- Fixed CVE-2020-25671 detection
- Added `--exclude` option to drop CVEs from check
- Added `--ignore-files` option to exclude kernel files from check
- Added `--list` options to list all known CVEs
- Improved `--help` output
- Removed strict lscpu dependency
- Fixed a crash when using `--exploit` option and metadata is not available
- Fixed a crash when using `--config` option and CVE is found in an .h file
## 1.0.8 - Nov 02 2021
- Added +52 new CVE descriptions
- Improved CVE-2014-1737 detection
- Improved CVE-2014-1738 detection
## 1.0.7 - Oct 14 2021
- Fixed `cvehound --cve all ...` invocation
- Changed `--report-strict` argument to `--check-strict`
## 1.0.6 - Oct 14 2021
- Restored support for python 3.5
- Fixed `cvehound --cve all ...` argument
- Added minimal coccinelle version to **CVE-2021-38209**, **CVE-2021-3656** rules
- Changed minimal coccinelle version from 1.0.8 to 1.0.7 in **CVE-2020-24490** rule
- Removed minimal coccinelle version for **CVE-2021-0342** rule
- Fixed setup.py by adding `lxml` dependency required for `cvehound_update_metadata`
- Fixed **CVE-2015-4700** false positive with `--all-files`
- Added `--cve [all, assigned, disputed]` modes. Changed default mode from _all_ to _assigned_
- Moved **CVE-2021-3178**, **CVE-2019-12382**, **CVE-2019-12455**, **CVE-2019-19770** to disputed mode
- Fixed coccinelle installation from git in CI
- Added coccinelle 1.0.4 to CI
- Added ChangeLog
## 1.0.5 - Oct 01 2021
- Added section about LICENSE to README.md
- Simplified .grep patterns handling
- Added +40 new CVE descriptions
- Added `--exploit` filter to check only for CVEs known to have exploits (according to FSTEC BDU database)
- Added `cvehound_update_rules` script to fetch detection rules from git without updating a tool
## 1.0.4 - Sep 11 2021
- Added +24 new CVE descriptions
- Fixed installation problem with missing cvehound.kbuildparse package
- Fixed `--all-files` mode
- Removed support for python 3.5
- Added minimal coccinelle versions to **CVE-2021-3587**, **CVE-2021-3347**, **CVE-2020-11884**, **CVE-2018-1108** rules
## 1.0.3 - Jul 14 2021
- Added +50 new CVE descriptions
## 1.0.2 - Mar 12 2021
- Fix `--config` argument check
## 1.0.1 - Mar 12 2021
- Added `--report` option to output json report
## 1.0.0 - Mar 11 2021
- Added +70 new CVE descriptions
- Added `cvehound_update_metadata` script to fetch latest json from linuxkernelcves.com
- Added `--cwe` option to check only specified cwe-ids (classes)
- Added `--files` option to check only specified kernel dirs
- Added `--config` option to infer kernel configs from Makefile/Kbuild files and check kernel .config files
- Changed last metadata update date in output to commit date
- Added **linux-next** to CI
- Added multiple coccinelle versions to CI
- Many small fixes
## 0.2.1 - Jan 12 2021
- Added +40 new CVE descriptions
## 0.2.0 - Jan 02 2021
- Refactored tests
- Added **linux-stable** to CI
- Added metainformation from linuxkernelcves.com
- Fix **CVE-2020-25211** detection on "Fixes" commit
- Changed **CVE-2020-0465** detection
## 0.1.3 - Jan 01 2021
- Added coccinelle 1.0.4, 1.0.5, 1.0.6, 1.0.7 support
- Reworked tests
- Added GitHub actions CI
- Fixed _Files_ tag for **CVE-2019-19448**
- Fixed descriptions for existing rules
## 0.1.2 - Dec 30 2020
- Fixed python's 3.9 dependency
- Added support for python 3.5
## 0.1.1 - Dec 23 2020
- Initial release
- Added 31 CVE descriptions