v1.5.0-log4shell

Changelog

451e1c4 Add ear file extension to Scan function
ac30e3d Edit of first blog post (#381)
5bd43d1 Merge branch 'master' into add-jar-patcher
74e545a Merge pull request #308 from lunasec-io/add-jar-patcher
569b46c Merge pull request #378 from lunasec-io/fix-file-not-closed
9891b13 Merge pull request #380 from NorthwaveCERT/patch-1
eda04aa Merge pull request #386 from lunasec-io/log4shell-blog-cli-command-update
74bb3cd Severity 9.8 for log4j v1 vulns
02a9e73 Some scaffolding for a JAR patcher
6a3eb6c Speed up ci (#383)
bec65fd Swap from Severity to CVE
99aee5c Update vulnerablehashes.go
dd697d3 Update vulnerablehashes.go
24b9eaf added 2.15 hashes and confirmed they work
7e8c146 begin to support nested zips when patching
4fd334e duplicate flags onto scan command because its more natural UX
50f3d2a first draft of adding severity rating to vulns
7d30321 generating hashes for the JndiLookup.class file to patch out
56c6375 include jndilookup.class file when analyzing so that it can be removed when patching
fbab2cf jar patcher is able to remove JndiLookup.class file from jars
449f700 nested patching works now
6e99190 patcher works on non-nested zips, but is truncating nested zips for some reason
258281c testing the jar patcher by loading findings file and then looking at discovered files
bcf95cc update info about cli
e867b7b update wording in blog to be more clear that the cli is not an archive