-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chg: [release] Added post for release 2.3.0.
- Loading branch information
1 parent
74481ee
commit 25bfefc
Showing
5 changed files
with
80 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,79 @@ | ||
| --- | ||
| title: "Vulnerability-Lookup 2.3.0 released" | ||
| slug: vulnerability-lookup-2-3-0 | ||
| layout: news | ||
| date: 2024-12-17 | ||
| tags: | ||
| - Vulnerability-Lookup | ||
| - release | ||
| excludeSearch: true | ||
| --- | ||
|
|
||
| 🎉 We’re really excited to unveil Vulnerability-Lookup 2.3.0—our festive Christmas Release! 🎄 | ||
|
|
||
| It includes new features, new importers, improvements and fixes. | ||
|
|
||
|
|
||
| ### ✨ What's New | ||
|
|
||
| - **Pub/Sub Mechanism**: | ||
| A streaming service implemented using a Publish/Subscribe (Pub/Sub) pattern powered by Valkey. | ||
| Available channels: vulnerability, comment, bundle, and sighting. | ||
| For more details, see the documentation | ||
| ([#92](https://github.com/cve-search/vulnerability-lookup/pull/92)). | ||
| - [FediVuln](https://github.com/CIRCL/FediVuln) now supports streaming information from a Valkey Pub/Sub service or an authenticated HTTP event-stream (both provided by Vulnerability-Lookup internals) to the Fediverse. Templates are used to render statuses, with the appropriate template selected based on the channel where the event originates. | ||
|
|
||
| - **CISA Vulnrichment importer (as meta for CVE)**: | ||
| The CISA Vulnrichment project is the public repository of CISA's enrichment | ||
| of public CVE records through CISA's ADP (Authorized Data Publisher) container. | ||
| In this phase of the project, CISA is assessing new and recent CVEs and adding | ||
| key [Stakeholder-Specific Vulnerability Categorization (SSVC)](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc) | ||
| decision points. Once scored, some higher-risk CVEs will also receive | ||
| enrichment of CWE and/or CVSS data points, where possible. | ||
| The web interface will highlight this information related to the CVEs in the next release | ||
| [More information](https://github.com/cisagov/vulnrichment). | ||
| ([#42](https://github.com/cve-search/vulnerability-lookup/issues/42)) | ||
|
|
||
| - **CWE (Common Weakness Enumeration) and CAPEC (Common Attack Pattern Enumeration and Classification) importers** | ||
| ([#97](https://github.com/cve-search/vulnerability-lookup/issues/77)) | ||
|
|
||
| - **New NCSC-NL CSAF Importer**: | ||
| ([#94](https://github.com/cve-search/vulnerability-lookup/issues/94)) | ||
|
|
||
| - **New Route**: | ||
| `/api/vulnerability/cpesearch/<string:cpe>` to retrieve vulnerabilities by CPE (Common Platform Enumeration). | ||
| ([41f8471](https://github.com/cve-search/vulnerability-lookup/commit/41f84710452861ddcb7388ecc3fa0d7b5bf44f5f)) | ||
|
|
||
| - **New Website**: | ||
| A brand-new website featuring announcements and official documentation: | ||
| [https://www.vulnerability-lookup.org](https://www.vulnerability-lookup.org) | ||
|
|
||
|
|
||
| ### 🛠️ Changes | ||
|
|
||
| - Improved lookup for the `cvelistv5_view` macro description. | ||
| ([f4a929c](https://github.com/cve-search/vulnerability-lookup/commit/f4a929c351de641626d092b0d6be03404b91d16b)) | ||
|
|
||
| - Added the ability for users to specify a source for sightings. | ||
| ([2be4eef](https://github.com/cve-search/vulnerability-lookup/commit/2be4eef2b4283fe05b81a48eddd911d959e11808)) | ||
|
|
||
| - Updated `kvrocks` configuration with Docker support. | ||
| ([f864138](https://github.com/cve-search/vulnerability-lookup/commit/f8641386aaa727c17c9685caa9cf12562a8f5ddc)) | ||
|
|
||
| - Added new with_linked, with_comments, with_bundles, and with_sightings arguments to the Vulnerability resource for the GET method. | ||
| - ([8cb595](https://github.com/cve-search/vulnerability-lookup/commit/8cb59544777a674fce41a612c56c67b252399afe)) | ||
|
|
||
| ### Fixes | ||
|
|
||
| - Fail fast if Valkey/Redis fails to start. | ||
| ([#93](https://github.com/cve-search/vulnerability-lookup/pull/93)) | ||
|
|
||
| - Fixed various minor issues in the HTML templates. | ||
|
|
||
|
|
||
|  | ||
|  | ||
|  | ||
|
|
||
|
|
||
| 🙏 Thank you very much to all the contributors and testers! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.