8000 Releases · neuvector/neuvector · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Releases: neuvector/neuvector

v5.4.4-p1

09 Jul 19:19
Compare
Choose a tag to compare
chore: pin golang images

This allows us to build it using BCI 15.6 images

v5.4.5 Release

10 Jul 00:54
Compare
Choose a tag to compare

What's Changed

  • fix(controller): make admission control rules test endpoint accessible with read permission by @lentus in #1970
  • NVSHAS-9791: read runtime dependency not dev dependency by @pohanhuangtw in #1960
  • NVSHAS-9953:Resolve crash issue identified via core file analysis by @gfsuse in #1975
  • NVSHAS-9952: Remove 'signature' from usage report because NV no longe… by @williamlin-suse in #1974
  • NVSHAS-9958:fix implicit deny logic from host subnet by @gfsuse in #1980
  • chore(deps): update github/codeql-action action to v3.28.18 by @renovate-rancher in #1977
  • chore(deps): update module google.golang.org/grpc to v1.72.1 by @renovate-rancher in #1976
  • chore(deps): update github.com/codeskyblue/go-sh digest to c29da58 by @renovate-rancher in #1971
  • chore(deps): update module github.com/containerd/containerd/v2 to v2.1.1 by @renovate-rancher in #1982
  • NVSHAS-9946: Display issue with Admission Control alert for Credentia… by @williamlin-suse in #1981
  • NVSHAS-9949: [Harbor][Incorrect user/pw] It still scan images even in… by @williamlin-suse in #1984
  • chore(deps): update module google.golang.org/grpc to v1.72.2 by @renovate-rancher in #1985
  • NV9964: Scan fails due to its scan report size by @jayhuang-suse in #1987
  • NVSHAS-9960: Scanners not working by @williamlin-suse in #1986
  • chore(deps): update alpine docker tag to v3.22 by @renovate-rancher in #1993
  • chore(deps): update github actions by @renovate-rancher in #1992
  • chore(deps): update module github.com/vishvananda/netlink to v1.3.1 by @renovate-rancher in #1972
  • NVSHAS-9969: concurrent map writes results in enforcer component restart by @williamlin-suse in #1991
  • chore(deps): update module golang.org/x/sync to v0.15.0 by @renovate-rancher in #1999
  • chore(deps): update dependency go to v1.24.4 by @renovate-rancher in #1997
  • chore(deps): update module google.golang.org/grpc to v1.73.0 by @renovate-rancher in #2000
  • chore(deps): update module golang.org/x/net to v0.41.0 by @renovate-rancher in #1998
  • NVSHAS-9928:Adjust SYN flood metering parameters to better handle traffic burst and reduce false positives. by @gfsuse in #1996
  • NVSHAS-9911: remove mis-leading info by @pohanhuangtw in #2002
  • NVSHAS-9860: ensure that learning-related connections are always sent to the controller for network policy learning by @gfsuse in #2003
  • chore(deps): update github/codeql-action action to v3.29.0 by @renovate-rancher in #2005
  • NVSHAS-9883: quay.io is unable to use wildcard properly by @pohanhuangtw in #2006
  • chore(deps): update module github.com/containerd/containerd/v2 to v2.1.2 by @renovate-rancher in #2007
  • NVSHAS-9964: Scan fails after upgrading NeuVector to 5.4.1 due to rep… by @williamlin-suse in #2010
  • chore(deps): update module github.com/urfave/cli/v2 to v2.27.7 by @renovate-rancher in #2011
  • NVSHAS-9964: Scan fails after upgrading NeuVector to 5.4.1 due to rep… by @williamlin-suse in #2014
  • NVSHAS-9942: Images scans for customer images are failing by @pohanhuangtw in #2016
  • NVSHAS-9993: Replace md5 by sha256 by @williamlin-suse in #2015
  • chore(deps): update module github.com/containerd/containerd/v2 to v2.1.3 by @renovate-rancher in #2019
  • chore(dep): upgrade to BCI 15.7 by @holyspectral in #2020
  • NVSHAS-9998: Cannot export group from Neuvector federated master by @williamlin-suse in #2022
  • NVSHAS-9940: NV scan JFrog Subdomain mode issue by @williamlin-suse in #2021
  • Update dependencies for 5.4.5 by @holyspectral in #2025
  • chore: switch to obs opa by @holyspectral in #2029
  • chore: fix build error by @holyspectral in #2030
  • chore(deps): update github/codeql-action action to v3.29.2 by @renovate-rancher in #2026
  • NVSHAS-10010: Improve SYN flood detection by considering source IP by @gfsuse in #2031

Full Changelog: v5.4.4...v5.4.5

v5.4.5 Release Candidate 2

03 Jul 20:56
Compare
Choose a tag to compare
Pre-release
v5.4.5-rc2

NVSHAS-10010: Improve SYN flood detection by considering source IP

v5.4.5 Release Candidate 1

26 Jun 16:58
Compare
Choose a tag to compare
Pre-release
v5.4.5-rc1

NVSHAS-9940: NV scan JFrog Subdomain mode issue

v5.4.4 Release

13 May 01:23
Compare
Choose a tag to compare

What's Changed

  • NVSHAS-9876: adapt the changes of the kublet v1.32 by @jayhuang-suse in #1886
  • Runtime driver: containerd has a panic condition by @jayhuang-suse in #1891
  • chore(deps): update module github.com/containerd/containerd to v1.7.27 [security] by @renovate-rancher in #1892
  • chore(deps): update github actions by @renovate-rancher in #1893
  • fix: NVSHAS-9884 prevent half-baked agent info by @holyspectral in #1896
  • NVSHAS-9828: fix false-positive asynchronous processes checkup by @jayhuang-suse in #1890
  • Potential race condition by @jayhuang-suse in #1897
  • NVSHAS-9884: [Node Scan][Container Scan] Scan will Fail by @williamlin-suse in #1898
  • chore: update CODEOWNERS by @holyspectral in #1899
  • chore(deps): update module github.com/russellhaering/goxmldsig to v1.5.0 by @renovate-rancher in #1902
  • chore(deps): update github actions by @renovate-rancher in #1900
  • chore(deps): update module github.com/russellhaering/gosaml2 to v0.10.0 by @renovate-rancher in #1901
  • chore(deps): update module gopkg.in/ldap.v2 to v3 by @renovate-rancher in #1819
  • chore(deps): update module github.com/opencontainers/runtime-spec to v1.2.1 by @renovate-rancher in #1845
  • chore(deps): update module github.com/docker/docker to v28 by @renovate-rancher in #1830
  • chore(deps): update module github.com/golang-jwt/jwt/v5 to v5.2.2 [security] by @renovate-rancher in #1903
  • NVSHAS-8160: [Controller] Adjust some items for Security Risk Score c… by @williamlin-suse in #1904
  • chore(deps): update module golang.org/x/net to v0.38.0 by @renovate-rancher in #1907
  • chore(deps): update github/codeql-action action to v3.28.13 by @renovate-rancher in #1905
  • chore(deps): update module github.com/docker/docker to v28.0.4+incompatible by @renovate-rancher in #1906
  • NVSHAS-9902: [REST API] The score calculation for admission control r… by @williamlin-suse in #1914
  • chore(deps): update module google.golang.org/grpc to v1.71.1 by @renovate-rancher in #1912
  • chore(deps): update dependency go to v1.24.2 by @renovate-rancher in #1910
  • chore(deps): update module github.com/mattn/go-sqlite3 to v1.14.27 by @renovate-rancher in #1911
  • chore(deps): update module golang.org/x/sys to v0.32.0 by @renovate-rancher in #1918
  • chore(deps): update module golang.org/x/sync to v0.13.0 by @renovate-rancher in #1917
  • chore(deps): update module github.com/fsnotify/fsnotify to v1.9.0 by @renovate-rancher in #1915
  • chore(deps): update module golang.org/x/oauth2 to v0.29.0 by @renovate-rancher in #1916
  • chore(deps): update github/codeql-action action to v3.28.15 by @renovate-rancher in #1921
  • chore(deps): update module golang.org/x/net to v0.39.0 by @renovate-rancher in #1922
  • fix: update incorrect renovate schedule by @holyspectral in #1920
  • NV9894: false-positive incidents on k8s's controller by @jayhuang-suse in #1923
  • NVSHAS-9913: Fix goroutine panic for unknown_ip_map by @kyledong-suse in #1926
  • NV9905: k8s workload scan returns image metadata by @jayhuang-suse in #1924
  • NVSHAS-9783: adjust internal rate-limit number for connection report by @gfsuse in #1930
  • NVSHAS-9783:always send connection report when there is violation by @gfsuse in #1931
  • chore: update module github.com/containerd/containerd to v2.0.4 by @jayhuang-suse in #1927
  • NV9919: Enforcer keep crashing because monitor getting killed by @jayhuang-suse in #1928
  • NV9920: Neuvector components are reported in container and group page by @jayhuang-suse in #1929
  • NVSHAS-9925_Fix image asset API error by @jeffhuang4704 in #1932
  • NVSHAS-9927 Add a new filter option for risk page by @jeffhuang4704 in #1938
  • fix: update unit-test permission by @holyspectral in #1939
  • NVSHAS-9926:add match counter when policyAction is learn by @gfsuse in #1934
  • NV9905: k8s workload scan by @jayhuang-suse in #1937
  • NV9932: container suspicious process missing user info by @jayhuang-suse in #1941
  • Update module google.golang.org/grpc to v1.72.0 by @renovate-rancher in #1950
  • Update module github.com/containerd/containerd/v2 to v2.0.5 by @renovate-rancher in #1945
  • Update GitHub Actions by @renovate-rancher in #1948
  • Update module github.com/docker/docker to v28.1.1+incompatible by @renovate-rancher in #1949
  • Update module github.com/aws/aws-sdk-go to v1.55.7 by @renovate-rancher in #1943
  • Update module github.com/go-jose/go-jose/v4 to v4.0.5 [SECURITY] by @renovate-rancher in #1951
  • Update github/codeql-action action to v3.28.17 by @renovate-rancher in #1952
  • Update module github.com/beevik/etree to v1.5.1 by @renovate-rancher in #1944
  • Update module github.com/go-ldap/ldap/v3 to v3.4.11 by @renovate-rancher in #1946
  • Update module github.com/mattn/go-sqlite3 to v1.14.28 by @renovate-rancher in #1947
  • NVSHAS-9917: Bump up opa to v1.4.2 by @kyledong-suse in #1953
  • Update module golang.org/x/net to v0.40.0 by @renovate-rancher in #1954
  • Update module golang.org/x/sys to v0.33.0 by @renovate-rancher in #1957
  • fix: improve the error logging by @pohanhuangtw in #1958
  • chore(deps): update dependency go to v1.24.3 by @renovate-rancher in #1959
  • chore(deps): update module golang.org/x/oauth2 to v0.30.0 by @renovate-rancher in #1955
  • chore(deps): update module github.com/containerd/containerd/v2 to v2.1.0 by @renovate-rancher in #1963
  • chore(deps): update actions/setup-go action to v5.5.0 by @renovate-rancher in #1961
  • docs: fix api docs for the admission control rules test endpoint by @lentus in #1968

Full Changelog: v5.4.3...v5.4.4

v5.4.4 Release Candidate 2

09 May 20:21
Compare
Choose a tag to compare
Pre-release
v5.4.4-rc2

docs: fix api docs for the admission control rules test endpoint

v5.4.4 Release Candidate 1

29 Apr 20:39
Compare
Choose a tag to compare
Pre-release
v5.4.4-rc1

NVSHAS-9927 Add a new filter option for risk page

v5.4.3 Release

18 Mar 19:26
Compare
Choose a tag to compare

What's Changed

  • NVSHAS-9669: Overall security score through REST API by @williamlin-suse in #1687
  • NVSHAS-9700/NVSHAS-9699 Retool logic for parseDotNetPackage by @Acmarr in #1689
  • NVSHAS-7982:support federated DLP/WAF sensor by @gfsuse in #1682
  • NVSHAS-9653: learning wrong process rules by @jayhuang-suse in #1693
  • [NVSHAS-9681] Scanner Registration Timeout Issue: Increased database slots from 256 to 512. by @pohanhuangtw in #1694
  • [NVSHAS-9681] Scanner Registration Timeout Issue: Increased database slots from 256 to 512. by @pohanhuangtw in #1695
  • [NVSHAS-9707] Bump up crypto version to 0.31 by @pohanhuangtw in #1698
  • fix: NVSHAS-9705 disable consul gRPC server by @holyspectral in #1697
  • update default CODEOWNERS by @holyspectral in #1705
  • feat: NVSHAS-9490 support controller SLSA L3 by @holyspectral in #1692
  • NVSHAS-9710: Add feed rating in Risk Page by @jeffhuang4704 in #1708
  • fix: NVSHAS-9705 disable consul gRPC server by @holyspectral in #1701
  • NVSHAS-9696: Inconsistent colour indication of assets on risk page by @jeffhuang4704 in #1709
  • NVSHAS-9649: Container link produces 404 response code in security event by @jeffhuang4704 in #1711
  • NVSHAS-9216:redistribute network policy when host id is changed by @gfsuse in #1715
  • NVSHAS-9726: add scanner proxy url flag to monitor fork exec by @alopez-suse in #1719
  • Revert "NVSHAS-9726: add scanner proxy url flag to monitor fork exec" by @jayhuang-suse in #1723
  • chore: bump x/net to 0.33.0 by @holyspectral in #1720
  • [NVSHAS-9507] Fix jfrog url parsing bug by @pohanhuangtw in #1724
  • NVSHAS-9740: Dashboard: Improve your score produces 405 error by @williamlin-suse in #1731
  • NVSHAS-9751: add not-listed family process rule alert by @jayhuang-suse in #1734
  • NVSHAS-9752: replace md5 keys by sha256 by @jayhuang-suse in #1733
  • NVSHAS-9247 / 9326 / 9441 - Only scan cached images in harbor proxy cache projects by @angelkestin in #1736
  • Update consul version to 1.16.4p1 by @kyledong-suse in #1727
  • NVSHAS-9755: Request to Display Environment Variable Names Alongside … by @williamlin-suse in #1740
  • NVSHAS-9756: disable file monitor by @jayhuang-suse in #1743
  • NVSHAS-9763 Use upstream grpc by @holyspectral in #1742
  • fix: allow ut to run with ubuntu-latest runner by @holyspectral in #1744
  • NVSHAS-9248: record network policy with match counters and last matched timestamp by @gfsuse in #1745
  • NVSHAS-4717: Using the name referral for common group in CRD export by @williamlin-suse in #1751
  • NVSHAS-9854: Remove unmaintained tar.go from NV by @kyledong-suse in #1752
  • NVSHAS-9584: Add extraction related functions by @kyledong-suse in #1754
  • NVSHAS-9753: Prevent Rancher user disable Authentication of OpenShift… by @williamlin-suse in #1753
  • NVSHAS-9777: Webhook JSON with duplicated 'level' keys by @williamlin-suse in #1756
  • adjust license information by @jeffhuang4704 in #1755
  • NVSHAS-9772: Memory mgt with golang API: slices.Clone() by @jayhuang-suse in #1749
  • NVSHAS-9584: Use customized file size limit for extraction functions by @kyledong-suse in #1758
  • NVSHAS-9759: Add timestamp in /v1/system/score/metrics by @kyledong-suse in #1760
  • NVSHAS-9759: Add timestamp in RESTConversationReportEntry by @kyledong-suse in #1763
  • NVSHAS-9325: NV Protect harden improvement by @jayhuang-suse in #1759
  • fix: remove nstools by @holyspectral in #1732
  • NVSHAS-9756: File Monitor Performance Optimization by @jayhuang-suse in #1764
  • NVSHAS-9729 Incorrect count of CVE in StatefulSet resources by @jeffhuang4704 in #1765
  • Add initial Renovate configuration by @renovate-rancher in #1769
  • chore(deps): update github.com/neuvector/k8s digest to 43bcf20 by @renovate-rancher in #1770
  • chore(deps): update k8s.io/utils digest to 24370be by @renovate-rancher in #1771
  • Bump up coreos/clair v2.1.0 to quay/clair v2.1.8 by @kyledong-suse in #1773
  • NVSHAS-9325 follow-up: misc fix by @jayhuang-suse in #1772
  • chore(deps): update module github.com/mattn/go-sqlite3 to v1.14.24 by @renovate-rancher in #1775
  • chore(deps): update module github.com/urfave/cli/v2 to v2.27.5 by @renovate-rancher in #1776
  • chore(deps): update module github.com/vishvananda/netns to v0.0.5 by @renovate-rancher in #1777
  • chore(deps): update module github.com/fsnotify/fsnotify to v1.8.0 by @renovate-rancher in #1783
  • [NVSHAS-9784] NV returning 404 during Jfrog image repository scanning by @pohanhuangtw in #1762
  • chore: update apline version for docker bench by @pohanhuangtw in #1785
  • chore: update CODEOWNERS to skip files under root by @holyspectral in #1784
  • chore(deps): update module github.com/jonboulle/clockwork to v0.5.0 by @renovate-rancher in #1788
  • chore(deps): update module github.com/opencontainers/runtime-spec to v1.2.0 by @renovate-rancher in #1789
  • chore(deps): update module github.com/aws/aws-sdk-go to v1.55.6 by @renovate-rancher in #1781
  • chore(deps): update module golang.org/x/net to v0.34.0 by @renovate-rancher in #1795
  • chore(deps): update module github.com/stretchr/testify to v1.10.0 by @renovate-rancher in #1793
  • chore: cleanup not used file by @holyspectral in #1791
  • chore(deps): update module github.com/beevik/etree to v1.5.0 by @renovate-rancher in #1782
  • chore(deps): update module github.com/containerd/containerd to v1.7.25 by @renovate-rancher in #1774
  • chore(deps): update module github.com/vishvananda/netlink to v1.3.0 by @renovate-rancher in #1794
  • chore(deps): update module github.com/hashicorp/go-version to v1.7.0 by @renovate-rancher in #1786
  • chore(deps): update module golang.org/x/sys to v0.30.0 by @renovate-rancher in #1803
  • chore(deps): update module golang.org/x/sync to v0.11.0 by @renovate-rancher in #1802
  • chore(deps): update module github.com/pquerna/cachecontrol to v0.2.0 by @renovate-rancher in #1792
  • chore(deps): update module github.com/alitto/pond to v1.9.2 by @renovate-rancher in #1780
  • chore(deps): update module golang.org/x/oauth2 to v0.26.0 by @renovate-rancher in #1801
  • NVSHAS-9783:fix issue reported by coredump file by @gfsuse in #1808
  • chore(deps): update module github.com/cenkalti/rpc2 to v1 by @renovate-rancher in #1811
  • Nvshas 9326 - Handle paginated repository lists from harbor api by @alopez-suse in #1761
  • [NVSHAS-9668] Support cis benchmark in RKE2 env by @pohanhuangtw in #1813
  • chore(deps): update module golang.org/x/net to v0.35.0 by @renovate-rancher in #1820
  • chore(deps): update registry.suse.com/bci/golang docker tag to v1.23 by @renovate-rancher in #1807
  • chore: pin golang version used in lint by @holyspectral in #1822
  • NVSHAS-9810: dispatcher's caller should not hold cacher's mutex. by ...
Read more

v5.4.3 Release Candidate 3

15 Mar 00:40
Compare
Choose a tag to compare
Pre-release
Revert "NVSHAS-9828: improvement for short-lived pods"

This reverts commit 1291769fb9d2ab781b92864bc8c3595ddc6016eb.

v5.4.3 Release Candidate 2

13 Mar 03:00
Compare
Choose a tag to compare
Pre-release
fix: incorrect version format

In 5.4.2, the version format in golang space missed a v prefix.  This
commit fixed the issue.
0