Version: 7.70-3.5.1
* Fri May 03 2019 kstreitova@suse.com
- add nmap-7.70-CVE-2018-15173_pcre_limits.patch to reduce LibPCRE
resource limits so that version detection can't use as much of
the stack. Previously Nmap could crash when run on low-memory
systems against target services which are intentionally or
accidentally difficult to match [bsc#1104139] [CVE-2018-15173].
* Mon Apr 29 2019 kstreitova@suse.com
- add "Requires: python-xml" for zenmap [bsc#1133512]
* Thu Mar 22 2018 mvetter@suse.com
- Update to 7.70:
* 14 new NSE scripts
* iec-identify probes for the IEC 60870-5-104 SCADA protocol
* ssh-brute performs brute-forcing of SSH password credentials
* See https://nmap.org/changelog.html#7.70 for the complete changelog.
* Wed Aug 02 2017 erwin.vandevelde@gmail.com
- Nmap 7.60:
* NSE scripts now have complete SSH support via libssh2
* Added 14 NSE scripts from 6 authors, bringing the total up to 579!
* See https://nmap.org/changelog.html#7.60 for the complete changelog.
* Fri Jun 16 2017 idonmez@suse.com
- Nmap 7.50:
* Integrated all of your service/version detection fingerprints
submitted from September to March (855 of them). The signature
count went up 2.9% to 11,418. We now detect 1193 protocols from
apachemq, bro, and clickhouse to jmon, slmp, and zookeeper.
Highlights: http://seclists.org/nmap-dev/2017/q2/140
* Many added NSE scripts, OS fingerprints, service probes
* See https://nmap.org/changelog.html#7.50 for the complete changelog.
* Thu Dec 29 2016 idonmez@suse.com
- Nmap 7.40:
* Many added NSE scripts, OS fingerprints, service probes
* New option --defeat-icmp-ratelimit dramatically reduces UDP
scan times in exchange for labeling unresponsive
(and possibly open) ports as "closed|filtered".
* New NSE library, geoip.lua, provides a common framework for
storing and retrieving IP geolocation results.
* See https://nmap.org/changelog.html#7.40 for the complete
changelog.
- Refresh nmap-5.61-desktop_files.patch as
nmap-7.40-desktop_files.patch
* Fri Oct 28 2016 astieger@suse.com
- Nmap 7.31:
* Fix the way Nmap handles scanning names that resolve to the
same IP
* Zenmap: Better visual indication that display of hostname is
tied to address in the Topology page
* Wed Oct 05 2016 astieger@suse.com
- Nmap 7.30:
* Many added NSE scripts, OS fingerprints, service probes
* Improved output filtering
* Using Lua 5.3
* Many bug fixes, improvements and performance enhancements
* Sun Apr 03 2016 astieger@suse.com
- Nmap 7.12:
* Zenmap: Avoid file corruption in zenmap.conf
* NSE: VNC updates
* NSE: Add STARTTLS support for VNC, NNTP, and LMTP
* Add new service probes and match lines for OpenVPN
* Wed Mar 23 2016 astieger@suse.com
- Nmap 7.11:
* Add support for diffie-hellman-group-exchange-* SSH key
exchange methods to ssh2.lua, allowing ssh-hostkey to run on
servers that only support custom Diffie-Hellman groups.
* Add support in sslcert.lua for Microsoft SQL Server's TDS
protocol, so you can now grab certs with ssl-cert or check
ciphers with ssl-enum-ciphers.
* Fix crashes in Zenmap
* Fri Mar 18 2016 astieger@suse.com
- Nmap 7.10:
* Add 12 NSE scripts
* Integrate OS, service/version detection fingerprint submissions
* Updated to various NSE scripts
* Zenmap: Remember window geometry (position and size) from the
previous time Zenmap was run.
* Give option parsing errors after the long usage statement
* Changed Nmap's idea of reserved and private IP addresses to include
169.254/16 (RFC3927) and remove 6/8, 7/8, and 55/8 networks
(for -iR randomly generated targets)
Usage of own exclusion lists with --exclude or --exclude-file is
recommended to avoid scanning newly-valid addresses belonging to
the US DoD.
* Allow the -4 option for Nmap to indicate IPv4 address family.
* Add verbosity level of 0 (-v0): not text output
* Mon Dec 14 2015 astieger@suse.com
- Nmap 7.01:
* various bug fixes in NSE
* Sun Nov 22 2015 mardnh@gmx.de
- Nmap 7.00:
* see /usr/share/doc/packages/nmap/CHANGELOG
- removed patches:
* nmap-4.00-noreturn.diff
* nmap-6.00-libpcap-filter.diff
not needed since we do not build against the bundled libpcap
- updated patch:
* nmap-ncat-skip-network-tests.patch
* Mon Oct 05 2015 astieger@suse.com
- Unbreak everything not Factory
* Mon Oct 05 2015 plinnell@opensuse.org
- Fix the build for Factory. Insist on lua 5.2.x
* Thu Jul 30 2015 dimstar@opensuse.org
- BuildRequire lua52-devel on openSUSE > 13.2 (current Tumbleweed):
nmap has not been ported to LUA 5.3 yet.
- Minor fix in check session: internal lua identifies itself as
5.2.3 by now.
* Tue Mar 03 2015 astieger@suse.com
- fix build on SLE 12 by removing gpg-offline dependency
- run spec-cleaner
* Tue Aug 26 2014 andreas.stieger@gmx.de
- Nmap 6.47:
* updated IPv4 OS fingerprints
* Removed the External Entity Declaration from the DOCTYPE in
Nmap's XML. The doctype is now: <!DOCTYPE nmaprun>
* Ncat: Fixed SOCKS5 username/password authentication
* Avoid formatting NULL as "%s" when running nmap --iflist
* Zenmap, Ndiff: Avoid crashing with old PyXML package
* Handle ICMP admin-prohibited messages when doing service version
detection.
* NSE: Fix a bug causing http.head to not honor redirects.
* Zenmap: Fix a bug in DiffViewer causing a crash
- fix self-obsoletion of zenmap (nmap-gtk)
* Sat Apr 26 2014 andreas.stieger@gmx.de
- Nmap 6.46
- NSE:
* Made numerous improvements to ssl-heartbleed to provide
more reliable detection of the vulnerability
* Fix some bugs which could cause snmp-ios-config and
snmp-sysdescr scripts to crash
* Improved performance of citrixlua library when handling large
XML responses containing application lists
- Zenmap:
* Fixed a bug which caused this crash message: "IOError:
[Errno socket error] [Errno 10060] A connection attempt
failed [...]" due to DOCTYPE definition to Nmap's XML output
* Sat Apr 12 2014 andreas.stieger@gmx.de
- Nmap 6.45
- NSE:
* Add ssl-heartbleed script to detect the Heartbleed OpenSSL bug
* Fixed an error-handling bug in socks-open-proxy that caused it
to fail when scanning a SOCKS4-only proxy
* Improved ntp-info script to handle underscores in returned
data
* Add quake1-info script for retrieving server and player
information from Quake 1 game servers
* Add unicode library for decoding and encoding UTF-8, UTF-16,
CP437 and other character sets to Unicode code points. Scripts
that previously just added or skipped nulls in UTF-16 data can
use this to support non-ASCII characters
* When doing a ping scan (-sn), the --open option will prevent down
hosts from being shown when -v is specified. This aligns with
similar output for othe rscan types
* Add http-ntlm-info script for getting server information from
Web servers that require NTLM authentication
* Added tls library for functions related to SSLv3 and TLS
messages. Existing ssl-enum-ciphers, ssl-date, and
tls-nextprotoneg scripts were updated to use this library
* Add sstp-discover script to discover Microsoft's Secure Socket
Tunnelling Protocol
* Added unittest library and NSE script for adding unit tests to
NSE libraries
* Added allseeingeye-info script
* Add freelancer-info script
* Add http-server-header script
* Add rfc868-time script
* Add weblogic-t3-info script
* Removed a fixed value (28428) which was being set for the Request
ID in the snmpWalk library function
* Add http-iis-short-name-brute script
* Add http-dlink-backdoor
* Made telnet-brute support multiple parallel guessing threads
* Made the table returned by ssh1.fetch_host_key contain a "key"
element, like that of ssh2.fetch_host_key
* Update dns-cache-snoop script to use a new list of top 50
domains rather than a 2010 list
* Added the qconn-exec script
- Ncat:
* Added support for socks5 and corresponding regression tests.
* Fixed compilation when --without-liblua is specified
* Added NCAT_PROTO, NCAT_REMOTE_ADDR, NCAT_REMOTE_PORT,
NCAT_LOCAL_ADDR and NCAT_LOCAL_PORT environment variables being
set in all --*-exec child processes.
- Nsock:
* Handle timers and timeouts via a priority queue
- Various:
* Added TCP support to dns.lua
* Added safe fd_set operations. This makes nmap fail gracefully
instead of crashing when the number of file descriptors grows
over FD_SETSIZE
* Updated bundled liblua from 5.2.2 to 5.2.3 (bugfix release)
* Added version detection signatures and probes for a bunch of
Android remote mouse/keyboard servers, including AndroMouse,
AirHID, Wifi-mouse, and RemoteMouse.
* Fixed a bug with UDP checksum calculation
* Idle scan now supports IPv6
* The ICMP ID of ICMP probes is now matched against the sent ICMP
ID to reduce the chance of false matches
- Zenmap:
* Fixed a crash that would happen when you entered a search
term starting with a colon