Skip to content

Release 1.6.0
Compare
Choose a tag to compare
@cedricbonhomme cedricbonhomme released this 16 Sep 08:43
· 403 commits to main since this release
v1.6.0
This tag was signed with the committer’s verified signature.
cedricbonhomme Cédric Bonhomme
GPG key ID: A1CB94DE57B7A70D
Learn about vigilant mode.
d88d923
This commit was signed with the committer’s verified signature.
cedricbonhomme Cédric Bonhomme
GPG key ID: A1CB94DE57B7A70D
Learn about vigilant mode.

user-profile
users-directory
tailscale
comment-remediation

News

  • Importer for Tailscale vulnerabilities #68
  • New user profile page with more information and detection of the country
    during user sign-up using the CIRCL MMDB service #73
  • Added the ability to filter comments by any taxonomy tags by clicking on the corresponding badge (b3e0bdf)
  • Implemented a function to back up the database using pg_dump. This function is automatically triggered by the
    project's update command, ensuring a backup is created before any database upgrades take place. (75ee913)

Improvements

  • [API] Enhanced detection of CVE, GHSA, and PySec IDs within bundle descriptions and comments.
    This enables automatic identification of related vulnerabilities linked to a comment or a bundle. (2c00695, 162a599, 401d780).
  • Added more validation to the various attributes of the User model. (758e571, 3a1cc60)
  • Simplified search page (f2c55bc)
  • Improved display of tables and lists generated from Markdown (in comments and bundles) (24fa4f9, 15fe9b2)
  • The ranking of the users is now taking into account the contributions of comments and bundles.
    Users who have never contributed are sorted by last_seen, after the processed result. (4e4a436)
  • Various graphical and accessibility improvements.

Fixes

  • Do not iterate over meta tags when never defined in an object (93f9966)

Funding

ngsoti-small
eu_funded_en

The NGSOTI project is dedicated to training the next generation of Security Operation Center (SOC) operators, focusing on the human aspect of cybersecurity. It underscores the significance of providing SOC operators with the necessary skills and open-source tools to address challenges such as detection engineering, incident response, and threat intelligence analysis. Involving key partners such as CIRCL, Restena, Tenzir, and the University of Luxembourg, the project aims to establish a real operational infrastructure for practical training. This initiative integrates academic curricula with industry insights, offering hands-on experience in cyber ranges.

vulnerability-lookup is co-funded by CIRCL and by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or ECCC. Neither the European Union nor the granting authority can be held responsible for them.

Assets 2
Loading