Project Filelist for OpenVAS

File Release Notes and Changelog

Release Name: 6.0.4

Release Notes
This is the fourth maintenance release of the openvas-manager 6.0 module for
the Open Vulnerability Assessment System release 8 (OpenVAS-8).

This release addresses a number of issues discovered after the release of
OpenVAS Manager 6.0.3 and incorporates several improvements from the development
branch of OpenVAS. Please see below for a comprehensive list of changes.

Many thanks to everyone who contributed to this release:
BenoƮt Allard, Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Michael
Wiegand.
Change Log
Main changes compared to 6.0.3:
* An issue which caused duplicate scan results under certain circumstances has
  been fixed.
* An issue which caused a segmentation fault when deleting tasks referring to
  nonexistent targets from the trash can has been fixed.
* An issue which caused scheduled tasks to be executed multiple times when 
  multiple users had the correct permissions has been fixed.
* An issue which caused processes spawned by OpenVAS Manager to miss signals
  when executing scheduled task due to an overly restrictive signal mask has
  been fixed.
* An issue which caused results not in the critical range to be not displayed
  when using the PCI-DSS severity class type has been addressed.
* An issue which cause global users to be missing from selection when creating
  new permissions has been addressed.
* An issue which caused the result description to not be imported correctly when 
  importing reports has been fixed.
* An issue which caused results with the "Log" level to be missing from reports
  when using the PostgreSQL back end has been fixed.
* An issue which caused an internal error when using invalid minimum CVSS base 
  values has been addressed.
* An issue with incorrect result counting has been addressed.
* Performance of database access when a report is created from an alert has been 
  improved.
* CVE results from OSP scanners with known CVEs now automatically use the CVE
  severity.
* The critical range for the PCI-DSS severity class type now correctly starts at
  4.0 instead of 4.3. 
* Handling of CVEs associated with results has been improved.
* Users are now allowed to create a resource permission if they have GET access
  to the subject instead of MODIFY access.
* Several support scripts are now executed directly instead of via an additional
  shell.
* The RFP "generate" scripts are now installed with executable permissions.
* A number of issues found with static code analysis have been addressed.
* The QoD value for "general_note" results is now set correctly.
* Support for filtering reports by CVE has been added.
* Timestamp support has been added for OSP scan results.