Release 4.2.0
September 24, 2024
What’s New?
Added Support for Operating Systems
QScanner now supports scanning images based on the following Operating Systems.
- Amazon Linux 2023
- Chainguard
- Photon
Improved QScanner performance
Improved QScanner performance by reducing the data handling requests with the help of bulk-insertion. Earlier, the requests were handled one at a time now, they are handled simultaneously. For large number of packages, the package insertion was a time-consuming operation. With the bulk insertion capability, QScanner has improved the performance for inserting large number of packages.
Change in Default Vulnerability Report
By default, QScanner used to generate vulnerability reports in 'JSON' and 'Tabular' formats. With this release, QScanner has changed the default report format to 'SARIF' and 'Tabular'. To see a SARIF report, refer to the 'Report Formats' topic in QScanner Online Help.
Improved Signature Evaluation for RPM Package Managers
With this release, QScanner will now be able to collect BuildTime and InstallTime for RPM package managers. This has improved the accuracy of the signature evaluation which is dependent on the 'BuildTime' and 'InstallTime' values.
Issues Addressed
The following issue has been fixed with this release.
Category | Issue |
---|---|
Data Collection Mode | QScanner failed to access large tokens present in dpkg (Debian Package) status file which resulted in reporting of false QIDs. |
Data Collection Mode | When a non-root user executed QScanner, it failed to access the java-db.lock file. |