Path to this page:
Subject: CVS commit: pkgsrc/security/nuclei
From: Leonardo Taccari
Date: 2024-03-24 21:44:59
Message id: 20240324204459.4F5AAFA2C@cvs.NetBSD.org
Log Message:
nuclei: Update to 3.2.2
Changes:
v3.2.2
## What's Changed
* Fixed `panic: assignment to entry in nil map` and create default map
v3.2.1
## What's Changed
* Added memguardian + various optimizations
* Fixed overriding the predefined ratelimiter
* Fixed issue with javascript protocol
* Updated templates loader/parser caches (refactor)
v3.2.0
## What's Changed
### New Features
* Added fuzzing support in http protocol
* Added authenticated scaning support
* Added `-fuzz` option for loading fuzzing templates
* Added Gitea reporting
* Added transparent memoization via func annotation
* Added issue tracker JSONL output + CLI summary
* Added `self-contained` request at http request level
* Added `-payload-concurrency` option
* Added `disable-unsigned-templates` option
* Added ldap protocol enhancements
### Bug Fixes
* Fixed issue to purge cache on global callback set
* Fixed network layer should not have forceful read
* Fixed workflow to publish docs
* Fixed `stop-at-first-match` issue in http protocol
* Fixed header nil check
* Fixed issue to use maxsize in template
* Fixed issue to validate code template in workflows
* Fixed issue with temp file cleanup
* Fixed issue with nuclei loading ignored templates
* Fixed multiple bugs
### Other Changes
* Added more granular, issue tracker level filtering
* Added callback support to StandardWriter
* switched dependency for kerberos js module (ropnop/gorkb5 -> jcmturner/gokrb5)
* use system resolver first with system-resolvers
* javascript bindings + docs generation enhancements
v3.1.10
## What's Changed
* Fixed concurrent map writes in tmplexec package
* Added more `NetworkConfig` options to the SDK
v3.1.9
## What's Changed
* Added hybrid tech detection (wappalyzer + tech templates) with automatic scan \
(`-as`)
* Added projectdiscovery/useragent
* Added passive option support in SDK
* Fixed issue with long running scans at the end of scan
* Fixed issue in javascript protocol with connection pooling
v3.1.8
## What's Changed
* Fixed multiple memory leaks and optimizations
* Fixed issue with not resolving hosts from `/etc/hosts` file
* Fixed issue of array iteration in flow
* Fixed panic in smb javascript template
* Fixed an issue with case sensitive dns interaction with interactsh
* Fixed issue with reporting with optional support of `-or` option
* Fixed issue with mysql module in JavaScript
v3.1.7
## What's Changed
* Added support to upload result to existing pdpc scan using `-scan-id` option
* Fixed issue with pdcp result upload with large output file
* Fixed issue with pdcp result upload when using with env variable
v3.1.6
## What's Changed
* Added `GetServiceTicket` method to the kerberos module
* Added `GetKerberoastableUsers` method in ldap module
* Added support to dump resume files when a runner hangs
* Fixed multiple memory leaks + optimizations
* Fixed timeout issue + added custom timeout support in js protocol
* Fixed variables merge order in code templates
* Fixed issue with dynamic extractors in flow
* Fixed panic in interactsh process interaction ( nil check on compiled operators)
* Fixed panic error + support offlinehttp in flow templates
v3.1.5
## What's Changed
### Other Changes
* Fixed a bug introduced in previous version
v3.1.4
## What's Changed
### New Features
* Added `self-contained` input support to fuzzing templates
* Added support to include additional custom tags with `-as` option
* Added internal matchers (to hide match results in flow) using `internal: true`
* Added exclude list support to layer 4 via fastdialer
### Bug Fixes
* Fixed issue with dynamic extracted variable to make it reusable
* Fixed early exit issue for non zero status code in code protocol
* Fixed missing results issue in flow based template
### Other Changes
* deprecate(remove): file write in extractor using `to` attribute for security
reasons
* Using network policy everywhere
Files: