From 9d4783507d3c57509cbeb67c08340b119fd60664 Mon Sep 17 00:00:00 2001 From: Jeroen Dekkers Date: Thu, 7 Mar 2024 16:49:01 +0100 Subject: [PATCH] Add 1.15 release notes (#2605) Co-authored-by: Jan Klopper --- docs/source/release_notes/1.15.rst | 77 +++++++++++++++++++++++++++++ docs/source/release_notes/index.rst | 1 + 2 files changed, 78 insertions(+) create mode 100644 docs/source/release_notes/1.15.rst diff --git a/docs/source/release_notes/1.15.rst b/docs/source/release_notes/1.15.rst new file mode 100644 index 00000000000..0d3cdc06ff0 --- /dev/null +++ b/docs/source/release_notes/1.15.rst @@ -0,0 +1,77 @@ +============ +OpenKAT 1.15 +============ + +This release includes some big optimizations in the new reporting functionality +that was introduced in 1.14. Measurements show that generating a report on 100 +objects is approximately 20 times faster. The reports in general also got a lot +of improvements and bugfixes. + +New Features +============ + + * The types the normalizer consumes link to upload page now. The produces list + has been fixed and link to the object page. + * Support for adding and checking CAA records has been added. + * Token authentication for APIs has been added. + * Reports show both when the report has been created and the selected valid time. + * With CSV upload it is possible to also set the clearance level. + * More CSP checks have been added. + * Scan profiles can be declared through normalizers. + * It possible to select all OOIs for aggregate reports. + * Plugin page in reporting flow is skipped if all plugins are enabled. + * Setting to limit size of IP range has been added to nmap boefje. + * Added settings for database pool size config. + * The KAT findings database has been updated. + * New findings report has been added to replace the old one. + * Improved metrics collection in the scheduler. + * Extra checks for findings have been added to the dns report. + +Bug fixes +========= + + * Multireport doesn't have wrong preselection in form + * Render dicts and list ooi attrs as jsonfield so that all OOIs can be manually added. + * Install and update script check for sudo + * Error handling in reporting has been improved + * Fixed several bugs in mail report. + * Fixed a bug in open ports report. + * Fix broken wordpress check in wpscan boefje. + * Add timeouts to CVE API downloader. + * Forms will check if the required number of checkboxes are checked. + * Primary buttons are properly aligned to the left and export buttons in the report are placed properly. + * Do not show an error in tasks stats if no tasks have run yet. + * Health page is accessible during onboarding. + * Wrong domain count in systems report has been fixed. + * Do not log an error on token refresh in bytes client. + * Fix settings of kat_dns boefje not being used. + * Ignore certificate errors in security txt boefje instead of returning an error. + * Vulnerabilities in vulnerability report are sorted. + * Duplicate OOIs have been removed in the reports. + * Our HSTS check has been changed to case insensitive. + * Give an error when future observed at date is selected. + * Fix removal of findings when domain does not exist anymore. + * Fix error with unicode in octopoes. + * Fixes for table overflowing the PDF report. + * Set a timeout on hanging test ssl container, + * Raise exception if boefje input OOI has been deleted. + * Filter out undeserializable objects from xtdb query, gets rid of "could not deserialize value" octopoes worker log messages. + +Upgrading +========= + +The normal instructions for upgrading :ref:`Debian packages` +or upgrading :ref:`containers ` should be followed. + +Debian packages +--------------- + +1.14 was the last release to provide Debian packages for Debian 11. If you are +still running Debian 11 you need to upgrade to Debian 12 to be able to upgrade +to OpenKAT 1.15. + +Full Changelog +============== + +The full changelog can be found on `Github +`_. diff --git a/docs/source/release_notes/index.rst b/docs/source/release_notes/index.rst index 8c94b9f8a3b..1d51022e0a0 100644 --- a/docs/source/release_notes/index.rst +++ b/docs/source/release_notes/index.rst @@ -5,6 +5,7 @@ Release notes :maxdepth: 1 :caption: Releases + 1.15 1.14 1.13 1.12