Hello OpenVAS Users, with about 50+ backport patches applied since the last beta release we now have the first release candidate packages for OpenVAS-6!
Whoever is used to it or feels able to do, please build OpenVAS in your environment and report any compile problem or other bugs you might detect. The new release candidate packages are available here: http://www.openvas.org/install-source.html The GSD is still the old one, it basically works with the new Manager, but is clearly neglected regarding new/changed OMP elements. It also appears to not compile properly on some modern platforms. For all other modules rules: +++ +++ If no problems are reported within the next 10 days, +++ this RC is the final release +++ I would especially be happy if you could not just test the new OpenVAS-6 in a entirely fresh (separate) environment, but also test the migration of your OpenVAS-5 environment (of course in a cloned setup!). Watch out for the change regarding NVT synchronisation (see below)! Let us know whether it worked flawless or whether you observe any migration problems. Main changes and new features of OpenVAS-6: * Renamed "Escalator" to "Alert". * New: Powerfilters. These allow filtering and sorting across various objects, can be stored, managed and reused. Also default powerfilters can be configured. * New object management for Tasks, Note, Overrides, all of SecInfo Management and all of Configuration. The new object management offers consistently browsing, the powerfilter, cloning and export. Also the "New/Import" elements are now pages of their own. * New: Auto-FP feature for trusted vendor updates. * New: Multiple alerts per task. * New: Wizard framework with quick start wizard. * New: SecInfo Management a menu of its own. * New: CPE, CVE and NVTs now offer full search and browsing. * New: OVAL information in SecInfo Manegement. * New: DFN-CERT information in SecInfo Management. These information are in german from a german CERT. It is a sample on how regional CERT information can be integrated. Further may follow upon interest. * New: Synchronisation of SCAP/CERT data can be triggered from the web interface. * New: Support for ISMS tool "verinice" with Report Format Plugins and Alert for verinice.PRO. * New: Alert for sending results to a verinice .PRO server. * New: Password policies for OpenVAS user accounts. * Improved: Date selection for schedules. * Improved: Powerfilters can now be attached to Alerts. * Improved: Now handles daylight saving in schedules. * Improved: When importing a report, now the host details are also imported. * Improved: Added switch to control whether a task should contribute to asset management. * Improved: Report exports now also contain the family of NVTs. * Improved: Faster report format plugins LaTeX and PDF. * Changed: The minimum required version of GNUTLS is now 2.8. * Changed: The ARF report format plugin is now a pre-defined format. * Scanner: Removed built-in logfile rotation. The system environment technology for logrotate should be used instead. * Scanner: New optional OTP version 1.1 which is like 1.0 but sends less info to the client initially. * Scanner: New: command line switch "--only-cache" to just build the cache and exit. * Scanner: Changed: The magic that NVTs of category ACT_SETTINGS were always enabled even when user disabled them has been removed. OTP clients now have to take care to enable as needed. * Changed behaviour of NVT sync script "openvas-nvt-sync": It will now delete scripts not part of the when using rsync, except for the directory "private/". A Migration option "--migrate-to-private" of the sync-script will move private scripts into the "private/" directory. The Feed Sync will stop with an error until the "private/" is created. As soon as this directory is created, the synchronisation will ultimately delete all files in the local feed directory that are not part of the regular Feed. * Scanner: Changed: Newlines in script tags are now escaped. * Scanner: Changed: The size of tags is not limited anymore. * Scanner: Internal use of NVTI references by OID to allow using the NVTI cache properly. This significantly lowers the memory consumption per Scanner process. * CLI: New: OMP based Nagios plugin. * CLI: New (sample) ncurses based OMP interface. * Administrator: New: Opportunity to specify a password policy. * Administrator: New: Command line options "--scap-script" and "--cert-script". * Manager: New: Command line options --listen2 and --port2 for a second OMP address. * Manager: Improved: Serves OMP even when the scanner is down. * Various performance improvements. * Out-of-source builds for all modules supported and recommended. * For all modules, -Werr has been moved from Release to Debug when building. All the best Jan -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
