Skip to content

@kotakanbe kotakanbe released this Feb 20, 2019 · 9 commits to master since this release

New Features

56d7d43 feat(report): GitHub security alerts integration (#775)

Changelog

89d58d1 bump up version
d6b6969 update README
e7bf6fa feat(README): contiruters shield (#778)
6e51970 fix(discovery): show the template of GitHub Security Alerts integration to discovery subcommand
56d7d43 feat(report): GitHub security alerts integration (#775)
256c99f Delete tab from output in case of No CVE-IDs (#768)
9c0bc3b modify build time (#766)
9b8a323 fix(report): detect 0 vulns for Amazon, FreeBSD, Raspbian (#765)

Assets 4

@kotakanbe kotakanbe released this Jan 22, 2019 · 17 commits to master since this release

Changelog

3178c1e Merge branch 'master' of https://github.com/future-architect/vuls
321d68e Bump up version
3d8753c Add Telegram support (#762)
967c569 add ScannedIPv4Addrs and ScannedIPv6Addrs (#764)
7c4831d add build time (#763)
4b49e11 add(report) -format-list option to -to-email (#761)
d84a6a8 fix(oracle): vuls report returns different result each time in the case of Oracle Linux (#759)
63b7f4a delete paperr (#758)
ca21602 Remove ThreadTimeStamp from message struct (#756)
7842594 fix(scan): OS detection ssh timeout in first run #699 (#753)
7db0561 fix(report): overdetection for Red Hat/CentOS with redis backend (#748)
a5a800f add alert data to result json (#747)
9147ec1 Beautify alert (#746)
b326058 fix(gost) update pkg to incorporate the latest gost (#745)
7d31328 export exploit func (#744)
6e82981 feat(report): Display CERT information to reports (#741)
9d7b115 add JPCERT and USCERT alert dictionary (#740)
8eae500 fix(report): return both scores of gost and oval (#739)
31bd6c0 feat(scan): get repository name of updatable pkgs for debian/ubuntu (#738)

Assets 4

@kotakanbe kotakanbe released this Nov 16, 2018 · 36 commits to master since this release

Changelog

7585f9d fix(report): fix cvedb-url, add -cvedb-type=http (#734)
76037cd fix new cve contents (#735)
98c5421 fix exploit db (#733)
e63fc7e fix(report): nil pointer in deep scan mode #728 (#732)
6ed9cf3 add scan mode (#731)

Assets 4

@kotakanbe kotakanbe released this Nov 3, 2018 · 41 commits to master since this release

New Features

  • Display exploit codes information for each detected CVE-IDs

v0 6 0

Changelog

9865eab Display exploit codes information for each detected CVE-IDs (#729)
678e72a fix(gost): a bug of parseCwe (#726)
ec41899 check cve_contents init (#725)
b2d913c Bump Go versions and use '.x' to always get latest patch versions (#724)
bc86c24 update pkg (#723)
87a77dd update pkgs (#720)
e8188f3 add ms gost (#718)
50506be [WIP] feat(report): show repository of affected pkgs (#713)
4ded028 config: remove commented-out code from tomlloader (#714)
6da8b3c commands: simplify s[:] to s (#715)
d5c92cb report: simplify x = x <op> y to x <op>= y (#716)
ed5f98d change syslog pkg (#717)
f854b8f fix(report): fix an error while loading cveDict.type in config.toml (#711)
de7a615 remove table.SetHeaderColor codes (#709)
6090a34 fix(cpe): update deps to avoid parsing err of cpeNames (#708)
f566745 fix(config): a DB URL error 'does not validate as url' #705 (#706)
153234b update readme
ac510d2 fix(scan): fix err msg when unable to connect via SSH (#702)

Assets 4

@kotakanbe kotakanbe released this Aug 27, 2018 · 59 commits to master since this release

Clever vulnerability detection of non-OS-packages

https://vuls.io/docs/en/usage-scan-non-os-packages.html

Before v0.5.0, Vuls can detect only by exact match of CPE.
After v0.5.0, Vuls supports NVD JSON Feed
NVD JSON Feed has detailed affected version information.

        "cpe" : [ {
          "vulnerable" : true,
          "cpe22Uri" : "cpe:/a:ibm:security_guardium",
          "cpe23Uri" : "cpe:2.3:a:ibm:security_guardium:*:*:*:*:*:*:*:*",
          "versionEndIncluding" : "8.2"
        }, {

Using this information, Vuls can detect vulnerabilities of non-OS-packages more cleverly than before, because vuls compares versions of specified CPEs in config.toml and the version in the feed.

related ( #599 )


Significant improvement in scanning

Support knqyf263/gost (go-security-tracker)

New version Vuls 0.5.0 now possible to detect vulnerabilities that patches have not been published from distributors using new datasource named gost.

RedHat API

before

One Line Summary
================
c74     Total: 38 (High:12 Medium:18 Low:7 ?:1) 36/36 Fixed     708 installed, 288 updatable

after (with gost)

One Line Summary
================
c74     Total: 459 (High:48 Medium:326 Low:84 ?:1)      36/457 Fixed    708 installed, 288 updatable

Debian Security Tracker

before

One Line Summary
================
deb8    Total: 105 (High:22 Medium:39 Low:9 ?:35)       55/103 Fixed    513 installed, 43 updatable

after (with gost)

One Line Summary
================
deb8    Total: 524 (High:56 Medium:148 Low:21 ?:299)    53/522 Fixed    512 installed, 43 updatable


HTTP Server mode - One-Liner Scanning

Vuls can scan vulnerabilities with one-liner like below.

$ curl -X POST -H "Content-Type: text/plain" \
    -H "X-Vuls-OS-Family: centos" \
    -H "X-Vuls-OS-Release: 6.9" \
    -H "X-Vuls-Kernel-Release: 2.6.32-696.30.1.el6.x86_64" \
    --data-binary "`rpm -qa --queryformat "%{NAME} %{EPOCHNUM} %{VERSION} %{RELEASE} %{ARCH}\n"`" \
    http://localhost:5515/vuls

For detials, see the Doc


Enable to define scan mode for each servers in config.tom

#510 #669

fast scan with internet access

  • config.toml
[servers]

[servers.localhost]
host         = "192.168.100.111" # or "127.0.0.1"
port         = "22"
scanMode     = ["fast"]

fast scan without internet access

  • config.toml
[servers]

[servers.localhost]
host         = "192.168.100.111" # or "127.0.0.1"
port         = "22"
scanMode     = ["fast", "offline"]

fast-root scan

fast-root scan with internet access

  • config.toml
[servers]

[servers.localhost]
host         = "192.168.100.111" # or "127.0.0.1"
port         = "22"
scanMode     = ["fast-root"]

fast-root scan without internet access

  • config.toml
[servers]

[servers.localhost]
host         = "192.168.100.111" # or "127.0.0.1"
port         = "22"
scanMode     = ["fast-root", "offline"]

deep scan

deep scan with internet access

  • config.toml
[servers]

[servers.localhost]
host         = "192.168.100.111" # or "127.0.0.1"
port         = "22"
scanMode     = ["deep"]

Reports

The following items were added

  • Display CWE name
  • OWASP TOP 10
  • Affected Packages, Processes
  • Mitigation

TUI

screen shot 2018-07-24 at 16 59 28


report -format-full-text

screen shot 2018-07-25 at 22 26 50


report -format-list

screen shot 2018-07-24 at 23 21 43


Slack Notification

screen shot 2018-07-18 at 21 24 40


Stride Notification

https://vuls.io/docs/en/usage-report.html#example-send-scan-results-to-stride
#624
2018-03-31 14 52 57


Charwork Notification

#634
https://vuls.io/docs/en/usage-report.html#example-send-scan-results-to-chatwork

2018-04-25 17 35 42


go-cve-dictionary list subcommand

kotakanbe/go-cve-dictionary#80

screen shot 2018-08-23 at 14 43 27


Change the format of ScanResult

Model has changed.
https://github.com/future-architect/vuls/tree/master/models


Change the format of config.toml

$ ./vuls discover 127.0.0.1/32
# Create config.toml using below and then ./vuls -config=/path/to/config.toml

[cveDict]
type = "sqlite3"
path = "/path/to/cve.sqlite3"
#url = ""

[ovalDict]
type = "sqlite3"
path = "/path/to/oval.sqlite3"
#url = ""

[gost]
type = "sqlite3"
path = "/path/to/gost.sqlite3"
#url = ""

# https://vuls.io/docs/en/usage-settings.html#slack-section
#[slack]
#hookURL      = "https://hooks.slack.com/services/abc123/defghijklmnopqrstuvwxyz"
##legacyToken = "xoxp-11111111111-222222222222-3333333333"
#channel      = "#channel-name"
##channel     = "${servername}"
#iconEmoji    = ":ghost:"
#authUser     = "username"
#notifyUsers  = ["@username"]

# https://vuls.io/docs/en/usage-settings.html#email-section
#[email]
#smtpAddr      = "smtp.example.com"
#smtpPort      = "587"
#user          = "username"
#password      = "password"
#from          = "from@example.com"
#to            = ["to@example.com"]
#cc            = ["cc@example.com"]
#subjectPrefix = "[vuls]"

# https://vuls.io/docs/en/usage-settings.html#http-section
#[http]
#url = "http://localhost:11234"

# https://vuls.io/docs/en/usage-settings.html#syslog-section
#[syslog]
#protocol    = "tcp"
#host        = "localhost"
#port        = "514"
#tag         = "vuls"
#facility    = "local0"
#severity    = "alert"
#verbose     = false

# https://vuls.io/docs/en/usage-report.html#example-put-results-in-s3-bucket
#[aws]
#profile                = "default"
#region                 = "ap-northeast-1"
#s3Bucket               = "vuls"
#s3ResultsDir           = "/path/to/result"
#s3ServerSideEncryption = "AES256"

# https://vuls.io/docs/en/usage-report.html#example-put-results-in-azure-blob-storage<Paste>
#[azure]
#accountName   = "default"
#accountKey    = "xxxxxxxxxxxxxx"
#containerName = "vuls"

# https://vuls.io/docs/en/usage-settings.html#stride-section
#[stride]
#hookURL   = "xxxxxxxxxxxxxxx"
#authToken = "xxxxxxxxxxxxxx"

# https://vuls.io/docs/en/usage-settings.html#hipchat-section
#[hipchat]
#room      = "vuls"
#authToken = "xxxxxxxxxxxxxx"

# https://vuls.io/docs/en/usage-settings.html#chatwork-section
#[chatwork]
#room     = "xxxxxxxxxxx"
#apiToken = "xxxxxxxxxxxxxxxxxx"

# https://vuls.io/docs/en/usage-settings.html#default-section
[default]
#port               = "22"
#user               = "username"
#keyPath            = "/home/username/.ssh/id_rsa"
#scanMode           = ["fast", "fast-root", "deep", "offline"]
#cpeNames = [
#  "cpe:/a:rubyonrails:ruby_on_rails:4.2.1",
#]
#owaspDCXMLPath     = "/tmp/dependency-check-report.xml"
#ignoreCves         = ["CVE-2014-6271"]
#containerType      = "docker" #or "lxd" or "lxc" default: docker
#containersIncluded = ["${running}"]
#containersExcluded = ["container_name_a"]

# https://vuls.io/docs/en/usage-settings.html#servers-section
[servers]

[servers.127-0-0-1]
host                = "127.0.0.1"
#port               = "22"
#user               = "root"
#keyPath            = "/home/username/.ssh/id_rsa"
#scanMode           = ["fast", "fast-root", "deep", "offline"]
#type               = "pseudo"
#memo               = "DB Server"
#cpeNames            = [ "cpe:/a:rubyonrails:ruby_on_rails:4.2.1" ]
#owaspDCXMLPath     = "/path/to/dependency-check-report.xml"
#ignoreCves         = ["CVE-2014-0160"]
#containerType      = "docker" #or "lxd" or "lxc" default: docker
#containersIncluded = ["${running}"]
#containersExcluded = ["container_name_a"]

#[servers.127-0-0-1.containers.container_name_a]
#cpeNames        = [ "cpe:/a:rubyonrails:ruby_on_rails:4.2.1" ]
#owaspDCXMLPath = "/path/to/dependency-check-report.xml"
#ignoreCves     = ["CVE-2014-0160"]

#[servers.127-0-0-1.optional]
#key = "value1"

Enable to define CpeNames for each container.

#668

To detect the vulnerability of Ruby on Rails v4.2.1 on specific container, cpeNames needs to be set in the servers>containers section.
The following is an example of running Ruby on Rails v4.2.1 on dockerA.

[servers]

[servers.172-31-4-82]
host         = "172.31.4.82"
user        = "ec2-user"
keyPath     = "/home/username/.ssh/id_rsa"
containerType = "docker"
containersIncluded = ["${running}"]

[servers.172-31-4-82.containers.dockerA]
cpeNames = [
    "cpe:/a:rubyonrails:ruby_on_rails:4.2.1",
]

Enable to define a path of OWASP Dependency Check XML for each container.

#667

The following is an example of how to specify a XML of OWASP DC to the specific container.

[servers]

[servers.172-31-4-82]
host         = "172.31.4.82"
user        = "ec2-user"
keyPath     = "/home/username/.ssh/id_rsa"
containerType = "docker"
containersIncluded = ["${running}"]

[servers.172-31-4-82.containers.dockerA]
owaspDCXMLPath = "/tmp/dependency-check-report.xml"

Enable to define ignoreCVEs for each container.

#666

[servers]

[servers.172-31-4-82]
host         = "172.31.4.82"
user        = "ec2-user"
keyPath     = "/home/username/.ssh/id_rsa"
containerType = "docker"
containersIncluded = ["${running}"]

[servers.172-31-4-82.containers.dockerA]
ignoreCves = ["CVE-2016-6314"]

Add ignorePkgsRegexp for each host, container in config.toml

#665

Format

[servers.192-168-11-6]
host         = "192.168.11.6"
ignorePkgsRegexp = ["^kernel.*"]
containersIncluded = ["${running}"]
ContainersExcluded= ["container_name_a"]

[servers.192-168-11-6.containers.container_name_a]
ignorePkgsRegexp = ["^vim.*"]

  • Ignore vulnerabilities in packages matching to patterns defined by ignorePkgs in config.toml
  • Can be defined for both host and container
  • Can be described with regular expressions
  • Match with pkgname

optional field

before

[servers.172-31-4-82]
host         = "172.31.4.82"
optional = [
    ["key", "value"],
    ["key2", "value2"],
]

after

[servers.172-31-4-82]
host         = "172.31.4.82"
[servers.172-31-4-82.Optional]
key = "value"
key2 = "value2"

(fast-root and deep) Detect processes affected by next update using yum-ps #482

Issues yum ps to detect processed affected by next software update on RedHat, CentOS, Amazon , Oracle.
AffectedProcs key under Packages will be added by this P/R.

  • result.json
{
  "Packages" : {
    "wpa_supplicant": {
      ...,
      "AffectedProcs": [
        {
          "PID": "638",
          "ProcName": "wpa_supplicant",
        }
      ]
    },
  },
}

(fast-root and deep) Detect need-restarting-processes for Redhat, CentOS, Ubuntu and Debian


Add -uuid option to report subcommand

When Servername was changed, Vulsrepo etc could not look back in the past. So, I added a unique UUID that will not be changed. If you report with this flag on, Vuls generates UUIDs automatically.
This Auto-generated UUID will be added to the config.toml automatically and result JSON.
The previous config.toml will be renamed to config.toml.bak.

Add memo field to Server section

When reporting with the -uuid flag on, config.toml is automatically recreated as described above. So I added the memo field because the TOML comment disappears. For memo about the server, please use this field, not TOML comment.


How to install

How to upgrade

Changelog

44fa2c5 v0.5.0 (no backwards compatibility) (#478)
d785fc2 Lint (#700)
ea800e0 fix(report): generate report even if some scan-err-jsons are included #685 (#686)
fe582ac Change GitHub templates
330edb3 change copyright (#677)
212fec7 Remove old Dockerfile (#684)
24d7021 Refactor Dockerfile (#683)
e3a01ff fix(report): database is locked with SQLite3 backend #681 (#682)
81f2ba8 fix(report): record not found on reporting with OVAL #679 (#680)
9e9370b refactor(suse): add testcase for detectSUSE (#675)
ced6114 pull request to add SLES variant OS SLES_SAP support (#672)
3144faa feat(syslog): add all CVSS scores/vectors (#664)
8960c67 fix(report): use CVSS score not calculated from severity preferentially (#663)
f8ca924 Add title to syslog (#662)
399a087 feat(scan): add -ssh-config option #417 (#660)
92f36ca Add missing ca-certificates, needed for slack webhook (#657)
3dcc582 Move to alpine based docker images (#643)
0977996 Fix(reporting): NotFixedYet of SourcePackage in OVAL match on Debian and Ubuntu (#656)
9cc7877 fix(configtest): Only warning when reboot-notifier is not installed on Debian (#654)
f653ca9 Don't check reboot-notifier package for debian containers (#642)
6f9fd91 Send logs via syslog when no CVE-IDs found (#646)
cb1aec4 Add scanned_at into syslog report (#641)
7cebaf8 Use servername for SSH ControlPath filename (#640)
241c943 fix(tui): show CVSS severity on TUI for Ubuntu (#638)
d5d88d8 Refactor stride (#637)
cf9d260 Update README.md (#631)
308a93d misspell (#632)
d6a7e65 [refactor]make fmt
e0a5c5d refactoring : hipchat (#635)
314f775 Chatwork support (#634)
7a16441 Stride support (#624)
5076326 Fix Amazon Linux 2 scanning (#630)
ce56261 fix(redhat): fix detection method of changelog scan (#628)
baa0e89 fix: a bug of diff logic when multiple oval defs found for a certain CVE-ID and same updated_at (#627)
1d49c0e fix(scan): fix RHEL 5 (#626)
08755e4 fix(fmt): fix gofmt warn (#625)
bb12d9d Add diff to TUI (#620)
fd1429f Fix diff logic (#619)
d3c421a inform new release on diff option (#614)
0c919da fix: change ControlPath to .vuls of SSH option (#618)
9afbf12 feat: Add -vvv option to scan cmd (#617)
50b105c fix: SSH session multiplexing (#616)
028508c fix link nvd on hipchat (#613)
f0137a3 feat: Display pkg information to slack notification #611 (#612)
e6d3a17 fix: validation for reporting (#610)
86ba551 fix: remove a validation of hipchat (#609)
26418be hipchat support (#593)
092a19b fix: bug of report -diff option (#607)
6d33985 fix: support CentOS cloud image (#606)
b08969a Support a reporting via Syslog (#604)

Assets 4

@kotakanbe kotakanbe released this Dec 1, 2017 · 131 commits to master since this release

How to update

  1. Update goval-dictionary
$ rm -rf $GOPATH/pkg/linux_amd64/github.com/kotakanbe/goval-dictionary/
$ rm -rf $GOPATH/src/github.com/kotakanbe/goval-dictionary/
$ cd $GOPATH/src/github.com/kotakanbe
$ git clone https://github.com/kotakanbe/goval-dictionary.git
$ cd goval-dictionary
$ make install
$ goval-dictionary -v
goval-dictionary  dca4f21
  1. Update Vuls
$ rm -rf $GOPATH/pkg/linux_amd64/github.com/future-architect/vuls/
$ rm -rf $GOPATH/src/github.com/future-architect/vuls/
$ cd $GOPATH/src/github.com/future-architect
$ git clone https://github.com/future-architect/vuls.git
$ cd vuls
$ make install
$ vuls -v
vuls v0.4.2 e788e6a

Changelog

e788e6a Support Alpine Linux #194 (#545)
d00e912 Replace strings.HasPrefix with strings.Index for SuSE scanner (#546)
8ebb663 Fix yum changelog option (#543)
445ffc4 Update README.md (#542)
6af49f4 Fix false positive: ignore oval info when kernel major version is different. (#541)
1de9e8c Fix: Misdetection of OvalMatch for CentOS and Scientific in oval/util.go (#536)
59b0812 Fix: "Reboot Required" detection process in scan/redhat.go (#534)
719785c Remove README.fr.md because unable to maintenance..
8e5f627 README Typo Update (#538)
5ced3c7 Insert sudo only at the beginning of command in deep scan #495 (#539)
c002f01 Fix config.toml validation (#537)
00c690f Add pseudo server type for non-ssh scanning (only cpe scan) #512 (#531)
ab68ad5 README Update (#530)
5c84ebe Update README
eb2acaf send slack msg by api (#525)
84d0655 fix typo Privious -> Previous (#523)
e137ebb Fix package query fails on debian based container (#519) (#522)
10d690d fix typo from "enviroment" to "environment" (#518)
14611d2 Fix typo in config/jsonloader.go (#517)
0665bfe Modified Spell Miss of "README.md". (#516)


Automated with GoReleaser
Built with go version go1.8 linux/amd64

Assets 4

@kotakanbe kotakanbe released this Oct 19, 2017 · 151 commits to master since this release

Changelog

473096d Fix .goreleaser.yml
0eae26e Merge branch 'master' of https://github.com/future-architect/vuls
a32845f Fix a bug of making channels when fill oval information via HTTP (#514)
15a0f7e Merge branch 'master' of https://github.com/future-architect/vuls
5a0a6ab Fix OVAL detection on Debian and Ubuntu (#509)
032b8d9 Merge branch 'master' of https://github.com/future-architect/vuls
5798e3a Add filter options to tui subcommand (#508)
8e15b9c Add filter options to tui subcommand (#508)
7a1f132 Add -ignore-unfixed option to report subcommand #485 (#507)
a8483b2 Add goreleaser to distribute binaries (#460)
83bbbd0 Add goreportcard to README
132432d Support SUSE Enterprise Linux (#487)
e5eb8e4 Debian: Use --showformat flag to get status of packages and ignore n(not-inst… (#484)
1095ebe fix vulsrepo dockerfile (#496)
1541a60 Update README.ja.md (#498)
03a141c Fix typos (#499)
5f2183f Check repoquery with sudo nopasswd in deep scan mode on RedHat (#492)
820831f Fix sort order of servers on TUI (#481)
6d2d767 Fix a arg of report subcommand (#479)
e0c3a72 Fix ping option of discover subcommand #471 (#472)
ec92f77 add windows type (#470)
0ba490c Merge pull request #469 from usiusi360/use_vulsrepo-server
cfd668e use_vulsrepo-server


Automated with GoReleaser
Built with go version go1.8 linux/amd64

Assets 4

@kotakanbe kotakanbe released this Aug 25, 2017 · 174 commits to master since this release

v0.4.0

We are pleased to announce the new Version, v0.4.0.
This version is not backward compatible.
But many new functions have been added.

How to install newly

How to update to the latest verison

Fast nosudo scan mode and Deep scan mode

Fast nosudo scan mode (Default)

  • https://github.com/future-architect/vuls#fast-scan

  • This mode scans

    • Ultra high speed
    • Without root privilege
    • Not consume so much resources on the servers to be scanned.
    • Scanning is possible in an environment without Internet connection
      • Some OS needs internet connection ... Amazon, FreeBSD, Raspbian
  • Scan Method

    • RHEL, CentOS, Debian, Ubuntu, Oracle
      • Only collect information of the packages installed
    • Amazon
      • yum-plugin-security
    • FreeBSD
      • pkg-audit
  • Report

    • Compare package version to detect CVE-IDs using local OVAL DB.
    • Use vulnerability information such as NVD, JVN, OVAL

Deep scan mode

  • https://github.com/future-architect/vuls#deep-scan
    This mode may consume resources on the server to be scanned and some commands may need root privilege. However, deep scan mode is more accurate vulnerability detection and more detailed information than fast scan mode.

  • Scan Method

    • Ubuntu, Debian
      • parse changelog to detect CVE-IDs
      • need sudo(apt-get update)
    • CentOS
      • parse changelog to detect CVE-IDs
      • no sudo
    • RHEL
      • collect changelogs (no parse)
      • collect information of yum-plugin-seucrity
      • need sudo
    • Amazon Linux
      • collect changelogs (no parse)
      • collect information of yum-plugin-seucrity
      • no sudo
  • Report

    • Compare package version to detect CVE-IDs using local OVAL DB.
    • Use vulnerability information such as NVD, JVN, OVAL

Improvement of vulnerabilities detection accuracy

  • OVAL Support (CentOS, RHEL, Debian, Ubuntu, OracleLinux)
  • Use vulnerability information of OVAL when reporting.
  • Use version comparison when parsing change log (CentOS, Ubuntu, Debian)

Detect the vulnerability that is not yet fixed

  • CentOS
    • There are many packages that has been fixed in RedHat, but not been fixed in CentOS.
  • Ubuntu, Debian
    • OVAL has this information

Notify Reboot Required

Vuls warns when the scan target server was updated the kernel etc. but not restarting it.

Change the structure of models

The structure of the model has changed.
This version is not backward compatible.

Obtain changelog

  • Use yum changelog in yum-utils instead of yum update --changelog in yum-plugin-changelog to fetch changelogs without root privilege.
  • Use version comparison logic when parsing change log (Ubuntu, Debian)

Display the information of yum plugin-security on TUI

  • for RHEL, Amazon, Oracle
  • Changelogs will be fetched with --deep flag of scan subcommand.
    1____applications__tmux_

Changelog

These fine people have contributed

Assets 2
You can’t perform that action at this time.