-
Notifications
You must be signed in to change notification settings - Fork 0
/
CHANGELOG
70 lines (67 loc) · 5.14 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
2021-12-17: initial release
2021-12-18: intgrated with cmk bakery
2021-12-19: added WATO options scan_logback, log4j_1, no_symlink, scan_zip
2021-12-20: added "HOW TO" section, changed file names to match destionation the operating system
made the plugin more stable on missing scanner output
added bakery options exclude_path and exclude_fs
added run time to the perfometer
2021-12-21: changed scanner to version 2.5.3
added wato bakery option for syslog-udp and syslog-level
added wato check plugin option for items to show on info line
updated "If it doesn't work" section
fixed windows powershell script missing $MK_CONFDIR variable (THX to [email protected])
fixed windows powershell script missing OPTION handling (THX to [email protected])
2021-12-22: added sample desriptive config files for Linux/Windows to the package
fixed unexpected values (None, ) for files_vulnerable
added bakery options for file reporting, backup on fix files and debug
added multiple search paths to Windows agent
changed search path on Linux to multiple serach paths --> incompatible you need to reconfigure bakery rules
2021-12-23: fixed exit code other than 0 in the linux/powershell scripts (THX to cmasopust[at]greentube[dot]com)
changed scanner to version 2.6.1 (fixes: Can not use --report-dir together with --report-json issue #203)
reworked options handling in bakery plugin
reworked structure for windows all-drives/drives/search path in wato plugin --> --> incompatible you need to reconfigure bakery rules
windows agent plugin: execute scanner as cmd job to pass path/file names with spaces (THX to [email protected])
windows agent plugin: init powershell console (buffer/window size/encoding) (THX to [email protected])
2021-12-24: linux agent plugin: changed to pass the options as arry to the scanner
2021-12-27: changed scanner to version 2.6.3
added files_skipped and errors, files/directories scanned lower levels
2021-12-29: changed scanner to version 2.6.5 (detects also CVE-2021-44832 RCE vulnerability for log4j 2.17.0, 2.12.3, 2.3.1)
added step by step walk through for the enterprise/free edition of CMK to the HOWTO
2021-12-30: added bulk config for search path end exclude path
2022-01-02: changed scanner to version 2.7.1
added options for syslog facility, rfc5424 syslog message format, append reporting to file
added option exclude files (bulk)
NOTE: reconfiguration of backery rules necessary after updating the plugin
2022-01-03: CHECK made parse function more robust (files_potential_vulnerable = int(line[1]) if line[1].isdigit() else None)
2022-01-04: BAKERY added BAKERY_VERSION to the config file (for debugging)
BAKERY added PLUGIN_TIMEOUT to the linux config (fix scanner got not killed on timeout by the agent)
LINUX fixed scanner got not killed on timeout by the agent
2022-01-05: BAKERY added PLUGIN_TIMEOUT to the windows config (to match the linux variant)
WINDOWS changed reading variables from file
WINDOWS added timeout handling to match linux script version
WATO changed display names to "CVE scanner for log4j (CVE-2021-44228-log4j)"
2022-01-06: WATO made "Silent output" enabled by default
2022-01-07: CHECK changed output of values to make it "sortable"
CHECK added warn on missing agent output (see WATO)
CHECK fixed run_time missing on service info (THX to doc[at]snowheaven[dot]de)
INVENTOR added inventory plugin and view for reporting/sorting/filering etc.
2022-01-11: fixed missing newline on plugin section header output in Linux script
added option to add json report to inventory
2022-01-12: CHECK: modified logpresso report time format to ISO861
2022-01-14: INVENTORY: added params to inventory sections
BACKERY: reorganised append to log (--csv-log-path/--json-log-path) and add report to inventory options (-report-path)
WATO: moved append to log outside of enable reporting
WATO: removed reporting to file
AGENT: join output of json report into one line for json.loads
CHECK: added params to inventory sections
WATO: added options for per CVE check
WATO: changed display name (again) from 'CVE scanner for log4j (CVE-2021-44228-log4j)' to 'log4j CVE scanner (CVE-2021-44228-log4j)'
WATO: enabled 'attach_report_to_output' in "reporting" by default for new rules
2022-01-17: CHECK: added check plugin with CVE id as item
2022-01-18: extended inventory report for additional log4j CVEs
removed status_data inventory
2022-01-21: reworked report inventory plugin and per cve check
2022-01-22: Inventory view: added entry's for 'CVE-2021-42550' and 'CVE-2021-4104'
2022-01-25: BAKERY: added option --exclude-pattern
WATO: added option --exclude-pattern
METRICS: added metrics/graph/perfometer for files_affected