CVE Binary Tool 3.2.1

Due to a change in the data used for the curl data source, we're issuing a slightly out of band point release for users unable to use 3.2.

There are a number of checker updates to address false positives, new checkers, and other bug fixes and features as described below.

One commonly requested feature has made it into this release: generation of SBOMs. Please try it out and let us know where it can be improved!

Thanks especially to the many new contributors in this release (you can see the list at the bottom)

• Many of you joined us via the Google Summer of Code 2023 selection process: I wish we'd had mentors and slots available to have more of you as paid contributors this year!
• Some of you also joined us via the Intel Open Source Hackathon: thank you so much for taking the time to work with us and it's been a delight to work with so many experienced coders during the event.
• And some of you just stopped by on your own with great ideas and fixes. Thank you!

What's Changed

• feat(checker): Added Mozilla Thunderbird checker by @metabiswadeep in #2429
• feat(checker): add dropbear checker by @ffontaine in #2452
• chore: update checkers table by @github-actions in #2454
• ci: Switching version of python used for long tests by @metabiswadeep in #2438
• feat(checker): add doxygen checker by @ffontaine in #2455
• feat(checker): add faad2 checker by @ffontaine in #2458
• feat(checker): add flac checker by @ffontaine in #2459
• feat(checker): Added qemu checker by @metabiswadeep in #2460
• feat(checker): Added kubernetes checker by @metabiswadeep in #2462
• chore: bump version to 3.2.1dev0 by @terriko in #2468
• chore: update checkers table by @github-actions in #2467
• docs: Add short new contributor tips for copying into pull requests by @terriko in #2466
• fix: Improve firefox checker pattern by @metabiswadeep in #2469
• chore: update spdx header by @github-actions in #2478
• ci: remove pdf tests from windows short tests by @DangerChamp in #2465
• fix: improve output of cve-scan github action for cve by @ayushthe1 in #2475
• ci(SBOM): better SBOM maintenance by @Molkree in #2481
• ci: test on Python 3.11 by @Molkree in #2419
• fix: gad_source error while updating cache by @b31ngd3v in #2484
• ci(js): update workflow for updating JS by @Molkree in #2479
• ci: add mypy for type checking by @Molkree in #2488
• fix(tests): use importlib_metadata.version on 3.7 by @Molkree in #2482
• chore: update js dependencies by @github-actions in #2491
• chore: update SBOM for Python 3.7 by @github-actions in #2506
• chore: update SBOM for Python 3.8 by @github-actions in #2505
• chore: update SBOM for Python 3.9 by @github-actions in #2503
• chore: update SBOM for Python 3.10 by @github-actions in #2502
• chore: update SBOM for Python 3.11 by @github-actions in #2504
• fix: encoding issues on Windows by @Molkree in #2499
• fix: improve sqlite pattern by @ffontaine in #2497
• fix: update cve count of mit.kerberos_5 by @b31ngd3v in #2531
• Let 'cve-bin-tool --version' return success by @raboof in #2524
• feat(checker): add capnproto checker by @ffontaine in #2510
• fix: fix false positives with filename patterns by @ffontaine in #2521
• fix: type for capnproto checker by @metabiswadeep in #2535
• chore: update SBOM for Python 3.8 by @github-actions in #2555
• chore: update SBOM for Python 3.7 by @github-actions in #2554
• chore: update SBOM for Python 3.11 by @github-actions in #2553
• chore: update SBOM for Python 3.10 by @github-actions in #2552
• chore: update SBOM for Python 3.9 by @github-actions in #2551
• chore: update checkers table by @github-actions in #2534
• fix: Fail more gracefully when pip --dry-run doesn't work by @metabiswadeep in #2476
• fix: fix recursively typo by @ffontaine in #2536
• ci: use linux cache since windows is broken by @terriko in #2558
• fix: test_update_flags and pdf encoding error by @terriko in #2557
• fix: replace space in test filename by @ffontaine in #2537
• fix: Remove LGTM badge by @metabiswadeep in #2561
• chore: update SBOM for Python 3.7 by @github-actions in #2572
• chore: update SBOM for Python 3.9 by @github-actions in #2571
• chore: update SBOM for Python 3.8 by @github-actions in #2570
• chore: update SBOM for Python 3.11 by @github-actions in #2569
• chore: update SBOM for Python 3.10 by @github-actions in #2568
• feat: add php language parser by @Rexbeast2 in #2567
• test: improve test_csv2cve_valid_file for future failures by @b31ngd3v in #2548
• docs: Docs claim that ar is installed by default on Windows by @metabiswadeep in #2496
• feat(cve_scanner): add vendor to affected by @ffontaine in #2512
• fix: commonmark no longer a dependency by @terriko in #2574
• test: Improve testing to include checkers that should not match by @metabiswadeep in #2560
• ci: extend windows timeouts by @terriko in #2578
• feat: Integration with NVD API 2.0 (#2542) by @anthonyharrison in #2562
• feat: Check database schema for cve_exploits table by @metabiswadeep in #2566
• feat(checker): add lxc checker by @ffontaine in #2538
• fix: improve gstreamer checker by @ffontaine in #2541
• fix: improve sudo checker by @ffontaine in #2527
• fix: improve openjpeg checker by @ffontaine in #2526
• fix: improve libarchive checker by @ffontaine in #2523
• fix: improve libjpeg-turbo checker by @ffontaine in #2514
• fix: improve systemd checker by @ffontaine in #2507
• feat(checker): add nasm checker by @ffontaine in #2470
• fix: improve icecast checker by @ffontaine in #2545
• fix: improve ftp checker by @ffontaine in #2544
• fix: Remove bogus comment by @metabiswadeep in #2585
• fix: improve logrotate checker by @ffontaine in #2528
• feat(checker): add msmtp checker by @ffontaine in #2588
• ci: removed windows-specific cache by @singh-anushka in #2587
• fix: xmlschema log msg by @ayushthe1 in #2546
• fix: improve libnss checker by @ffontaine in #2539
• fix: improve other_products by @ffontaine in #2579
• fix: improve avahi checker by @ffontaine in #2592
• fix: improve netpbm checker by @ffontaine in #2522
• fix: improve libsolv checker by @ffontaine in #2520
• chore: update checkers table by @github-actions in #2581
• fix: improve kerberos checker by @ffontaine in #2509
• fix: improve libvirt checker by @ffontaine in #2540
• chore: update SBOM for Python 3.8 by @github-actions in #2613
• chore: update SBOM for Python 3.7 by @github-actions in #2612
• chore: update SBOM for Python 3.9 by @github-actions in #2611
• chore: update SBOM for Python 3.11 by @github-actions in #2610
• chore: update SBOM for Python 3.10 by @github-actions in #2609
• fix: libjpeg-turbo not found in gimp by @metabiswadeep in #2606
• ci: fix running isort using pre-commit by @Molkree in #2618
• fix: improve dropbear checker by @ffontaine in #2590
• docs: updated test README.md by @rootxrishabh in #2616
• fix: Deprecation warnings by @metabiswadeep in #2620
• test: Improve usability of other_products test message by @metabiswadeep in #2605
• fix: improve tcpdump checker by @ffontaine in #2600
• docs: removed old version docs by @rootxrishabh in #2597
• docs: test README.md updated by @rootxrishabh in #2583
• fix: improve gcc checker by @ffontaine in #2513
• feat(checker): add sslh checker by @ffontaine in #2589
• fix: improve json-c checker by @ffontaine in #2516
• fix: improve test_json.py by @ffontaine in #2584
• fix: Make it possible to disable curl data source by @metabiswadeep in #2495
• fix: improve dnsmasq checker by @ffontaine in #2591
• fix: test_language_package fails by @metabiswadeep in #2626
• chore: update checkers table by @github-actions in #2624
• feat(checker): add libmatroska checker by @ffontaine in #2629
• fix: improve dbus checker by @ffontaine in #2627
• feat(checker): add libidn2 checker by @ffontaine in #2628
• docs: Explain recommended versions of python + linter concerns by @terriko in #2623
• chore: update checkers table by @github-actions in #2634
• feat(checker): add libass checker by @ffontaine in #2636
• feat(checker): add libraw checker by @ffontaine in #2635
• OSSF Scorecard(#1541) by @singh-anushka in #2615
• docs: Updated RELEASE.md by @rootxrishabh in #2602
• fix: improve nginx checker by @ffontaine in #2525
• fix: improve hostapd checker by @ffontaine in #2518
• fix: improve zlib checker by @ffontaine in #2517
• chore: update checkers table by @github-actions in #2638
• feat(checker): Added Dhcp client checker by @metabiswadeep in #2364
• fix: add PDF title to avoid show 'anonymous' in some PDF readers by @hcz017 in #2489
• chore: update checkers table by @github-actions in #2640
• fix: improve bind checker by @ffontaine in #2637
• fix: improve expat checker by @ffontaine in #2515
• fix: improve xml2 checker by @ffontaine in #2508
• build(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.2 by @dependabot in #2641
• ci: re-enabling disabled tests by @b31ngd3v in #2474
• feat(checker): add sdl by @ffontaine in #2662
• chore: update SBOM for Python 3.11 by @github-actions in #2656
• chore: update SBOM for Python 3.9 by @github-actions in #2660
• chore: update SBOM for Python 3.7 by @github-actions in #2659
• chore: update SBOM for Python 3.8 by @github-actions in #2658
• chore: update SBOM for Python 3.10 by @github-actions in #2657
• chore: update checkers table by @github-actions in #2663
• fix: wrong pip version slicing by @Rexbeast2 in #2608
• feat(checker): add botan by @ffontaine in #2661
• feat(checker): add modsecurity by @ffontaine in #2651
• feat(checker): add tcpreplay by @ffontaine in #2650
• feat(checker): add vorbis-tools by @ffontaine in #2648
• feat(checker): add raptor by @ffontaine in #2646
• feat(checker): add frr checker by @ffontaine in #2644
• fix: improve glibc checker by @ffontaine in #2500
• fix: improve product_not_present by @ffontaine in #2643
• fix: enable test_version_in_package_make_download by @b31ngd3v in #2490
• feat(checker): add picocom by @ffontaine in #2652
• feat(checker): add ipmitool by @ffontaine in #2645
• feat(checker): add speex by @ffontaine in #2647
• feat(checker): add rtmpdump by @ffontaine in #2649
• chore: update pre-commit config by @github-actions in #2413
• chore: update checkers table by @github-actions in #2664
• fix: improve dhclient checker and add dhcpd checker by @ffontaine in #2642
• docs: Modified MANUAL.md file by @rootxrishabh in #2575
• feat(checker): add rauc by @ffontaine in #2653
• chore: update checkers table by @github-actions in #2669
• chore: update checkers table by @github-actions in #2671
• fix: Any type in config.py by @Rexbeast2 in #2670
• feat(checker): add open-iscsi by @ffontaine in #2666
• chore: update checkers table by @github-actions in #2676
• chore: update SBOM for Python 3.8 by @github-actions in #2697
• chore: update SBOM for Python 3.9 by @github-actions in #2696
• chore: update SBOM for Python 3.10 by @github-actions in #2695
• chore: update SBOM for Python 3.7 by @github-actions in #2694
• chore: update SBOM for Python 3.11 by @github-actions in #2693
• fix: improve janus signature by @ffontaine in #2691
• fix: improve sqlite signature by @ffontaine in #2690
• fix: improve libsndfile signature by @ffontaine in #2689
• fix: improve gstreamer signature by @ffontaine in #2688
• fix: improve openssh signature by @ffontaine in #2684
• fix: improve node signature by @ffontaine in #2682
• fix: update tor signature by @ffontaine in #2681
• fix: drop Python 3.5 "compatibility function" by @ffontaine in #2703
• fix: improve seahorse checker by @ffontaine in #2704
• fix: updated type hints in error_handler.py(#2701) by @Xenon1019 in #2702
• docs: update architecture diagram by @terriko in #2706
• fix: improve bind checker by @ffontaine in #2710
• fix: improve putty checker by @ffontaine in #2709
• fix: improve ffmpeg checker by @ffontaine in #2708
• fix: improve wireshark checker by @ffontaine in #2705
• ci: skip scorecard runs on every push until error is fixed by @terriko in #2711
• chore: update SBOM for Python 3.8 by @github-actions in #2725
• chore: update SBOM for Python 3.9 by @github-actions in #2724
• chore: update SBOM for Python 3.7 by @github-actions in #2723
• chore: update SBOM for Python 3.10 by @github-actions in #2722
• chore: update SBOM for Python 3.11 by @github-actions in #2721
• feat(checker): add pcre2 by @ffontaine in #2718
• fix: improve make_condensed_from_download by @ffontaine in #2716
• fix: improve python checker by @ffontaine in #2712
• chore: update checkers table by @github-actions in #2728
• docs: Explain how to claim an issue by @terriko in #2727
• fix: improve apache checker by @ffontaine in #2730
• fix: improve nbd checker by @ffontaine in #2715
• fix: Cyclonedx does not read title case product names by @metabiswadeep in #2674
• ci: Change "Formatting" workflow name to "Update checkers table" by @galoget in #2729
• docs: NVD API KEY documentation by @Rexbeast2 in #2720
• fix: window short test offline flag by @Rexbeast2 in #2733
• feat(checker): add harfbuzz by @ffontaine in #2717
• docs: adding mypy to linters by @Rexbeast2 in #2692
• chore: update checkers table by @github-actions in #2744
• Fix docs: improve dates in contributor docs by @onuricen in #2742
• chore: update SBOM for Python 3.7 by @github-actions in #2752
• chore: update SBOM for Python 3.8 by @github-actions in #2753
• chore: update SBOM for Python 3.9 by @github-actions in #2751
• chore: update SBOM for Python 3.10 by @github-actions in #2750
• chore: update SBOM for Python 3.11 by @github-actions in #2749
• docs: offline mode by @Rexbeast2 in #2740
• fix: move linux HTML test by @Rexbeast2 in #2734
• chore: fix mypy errors in print_mode.py by @angelina-p09 in #2738
• Refactor: Update types syntax in cve_bin_too/*.py by @rudychung in #2392
• fix: improve ipmitool checker by @ffontaine in #2714
• feat(checker): add apparmor checker by @ffontaine in #2755
• test: windows longtests in test/test_cli.py::TestCLI::test_SBOM by @metabiswadeep in #2747
• chore: update checkers table by @github-actions in #2762
• chore: update SBOM for Python 3.7 by @github-actions in #2791
• chore: update SBOM for Python 3.8 by @github-actions in #2790
• chore: update SBOM for Python 3.9 by @github-actions in #2789
• chore: update SBOM for Python 3.10 by @github-actions in #2788
• chore: update SBOM for Python 3.11 by @github-actions in #2787
• ci: windows short tests database error (#2775) by @b31ngd3v in #2794
• fix(parser): handle multiple vendors in python by @ffontaine in #2796
• fix: don't follow symlink by @ffontaine in #2778
• fix: improve util-linux checker by @ffontaine in #2779
• ci: run windows test even when cached db is not present by @b31ngd3v in #2800
• fix: improve tcpdump checker by @ffontaine in #2759
• fix: remaining mypy errors in nvd_api.py #2764 #2767 by @tanuboddiharinath in #2771
• feat(checker): add linux_kernel by @ffontaine in #2754
• chore: update checkers table by @github-actions in #2805
• fix: remaining mypy errors in csv2cve.py by @michaelwknott in #2781
• test: treat missing other_products as an empty list by @metabiswadeep in #2776
• feat: import and export database as json (#2577) by @b31ngd3v in #2774
• test: add test for import export json by @b31ngd3v in #2808
• chore: update SBOM for Python 3.7 by @github-actions in #2815
• chore: update SBOM for Python 3.8 by @github-actions in #2813
• chore: update SBOM for Python 3.9 by @github-actions in #2816
• chore: update SBOM for Python 3.10 by @github-actions in #2814
• chore: update SBOM for Python 3.11 by @github-actions in #2812
• feat: Config generator by @Rexbeast2 in #2699
• Commented out schedule run option in export_data yaml by @AayushGithub in #2818
• feat(checker): add u-boot checker by @ffontaine in #2804
• chore: update checkers table by @github-actions in #2822
• ci: use yesterday's cached db if today's not available by @b31ngd3v in #2806
• chore: fix mypy errors in file output_engine/init.py by @angelina-p09 in #2783
• fix: export database ci by @b31ngd3v in #2807
• fix: fix long tests by @ffontaine in #2824
• ci: switch cache job to use a specific version of ubuntu by @b31ngd3v in #2823
• fix: update kexec-tools checker by @ffontaine in #2825
• chore: fixes most mypy errors in file output_engine/util.py by @angelina-p09 in #2785
• fix: improve hostapd checker by @ffontaine in #2772
• chore: update SBOM for Python 3.7 by @github-actions in #2831
• chore: update SBOM for Python 3.9 by @github-actions in #2830
• chore: update SBOM for Python 3.8 by @github-actions in #2829
• chore: update SBOM for Python 3.10 by @github-actions in #2828
• chore: update SBOM for Python 3.11 by @github-actions in #2827
• feat(checker): add pcre checker by @ffontaine in #2757
• feat: pull updates from mirror with --use-mirror flag by @b31ngd3v in #2811
• fix: improve png checker by @ffontaine in #2844
• fix: drop bolt checker by @ffontaine in #2837
• chore: update SBOM for Python 3.8 by @github-actions in #2861
• chore: update checkers table by @github-actions in #2834
• chore: update SBOM for Python 3.9 by @github-actions in #2860
• chore: update SBOM for Python 3.7 by @github-actions in #2859
• chore: update SBOM for Python 3.10 by @github-actions in #2858
• chore: update SBOM for Python 3.11 by @github-actions in #2857
• fix: -1 values were replaced with positive integer error codes (fixes #2838) by @bipinthecoder in #2839
• feat(checker): add kodi checker by @ffontaine in #2855
• fix: drop empty other_products by @ffontaine in #2832
• fix: improve tcpdump checker by @ffontaine in #2863
• feat(checker): add libmemcached checker by @ffontaine in #2862
• feat(checker): add opensc checker by @ffontaine in #2856
• feat(checker): add runc checker by @ffontaine in #2854
• feat(checker): add stellarium checker by @ffontaine in #2853
• fix: improve icu checker by @ffontaine in #2849
• fix: improve iptables checker by @ffontaine in #2847
• fix: improve libsndfile checker by @ffontaine in #2845
• fix: improve mdadm checker by @ffontaine in #2843
• fix: improve nano checker by @ffontaine in #2842
• feat(checker): add yasm checker by @ffontaine in #2852
• fix: improve pigz checker by @ffontaine in #2841
• fix: improve netpbm checker by @ffontaine in #2840
• fix: fix netkit_ftp checker by @ffontaine in #2835
• chore: update checkers table by @github-actions in #2867
• ci: increase timeouts, try specific ubuntu versions by @terriko in #2865
• fix: mypy errors in output_engine/html.py by @VishnuSanal in #2786
• fix: GAD source version parsing (#2793) by @b31ngd3v in #2809
• chore(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 by @dependabot in #2875
• feat: adding SBOM to package by @Rexbeast2 in #2810
• feat: add ceph checker by @Rexbeast2 in #2565
• feat(checker): add f2fs-tools checker by @ffontaine in #2780
• feat(checker): add zabbix checker by @ffontaine in #2836
• chore: update checkers table by @github-actions in #2880
• chore: update SBOM for Python 3.8 by @github-actions in #2887
• chore: update SBOM for Python 3.10 by @github-actions in #2886
• chore: update SBOM for Python 3.7 by @github-actions in #2885
• chore: update SBOM for Python 3.9 by @github-actions in #2884
• fix: temporarily disable failing ceph tests by @terriko in #2889
• feat: SBOM Generation (Fixes #1697) by @anthonyharrison in #2817
• chore: update SBOM for Python 3.11 by @github-actions in #2883
• ci: updated workflow configurations by @Ishaanj18 in #2879
• chore(deps): bump peter-evans/create-pull-request from 4 to 5 by @dependabot in #2890
• chore: update pre-commit config by @github-actions in #2758
• chore: update SBOM for Python 3.7 by @github-actions in #2898
• chore: update SBOM for Python 3.8 by @github-actions in #2897
• chore: update SBOM for Python 3.9 by @github-actions in #2896
• chore: update SBOM for Python 3.10 by @github-actions in #2894
• chore: update SBOM for Python 3.11 by @github-actions in #2895
• ci: linter upgrades (black, bandit, requirements.csv) by @terriko in #2902
• CI: Added json tests to "may fail" test job by @esiebomaj in #2868
• feat: human readable sbom integration by @jarebear6expepjozn6rakjq5iczi3irqwphcvb in #2893
• docs: fix broken links from MANUAL.md by @rudrakshkarpe in #2874
• docs: improve readme with nvd_api_key and workflow overview by @terriko in #2905
• chore: update SBOM for Python 3.8 by @github-actions in #2911
• chore: update SBOM for Python 3.9 by @github-actions in #2910
• chore: update SBOM for Python 3.7 by @github-actions in #2909
• chore: update SBOM for Python 3.11 by @github-actions in #2908
• chore: update SBOM for Python 3.10 by @github-actions in #2907
• fix(parser): multiple vendors for java by @metabiswadeep in #2802
• feat: perl language parser by @Rexbeast2 in #2614
• chore: update SBOM for Python 3.7 by @github-actions in #2938
• chore: update SBOM for Python 3.8 by @github-actions in #2937
• chore: update SBOM for Python 3.9 by @github-actions in #2936
• chore: update SBOM for Python 3.10 by @github-actions in #2934
• chore: update SBOM for Python 3.11 by @github-actions in #2935
• docs: fix image link in README.md by @stvml in #2940
• docs: Change readthedocs build from pdf to html by @stvml in #2944
• fix: handle data.tar.zst within deb archives by @stvml in #2946
• ci: force directory overwrite during cache mv by @terriko in #2952
• ci: "githubusercontent" added to allow.txt by @stvml in #2950
• fix: add timeout in NVD API 2.0 code by @stvml in #2953
• test: android apk format by @fil1n in #2881
• test: Test extracting .deb with zstd compression by @stvml in #2954
• feat(checker): new vim checker> by @stvml in #2958
• chore: update checkers table by @github-actions in #2965
• docs: add supported archive formats to readme by @stvml in #2966
• docs: add PyPI geo metrics script+docs by @stvml in #2967
• fix: curl datasource (#2977) by @b31ngd3v in #2984
• fix: drop empty other_products by @ffontaine in #2988
• chore: update SBOM for Python 3.8 by @github-actions in #2983
• chore: update SBOM for Python 3.9 by @github-actions in #2982
• chore: update SBOM for Python 3.7 by @github-actions in #2981
• chore: update SBOM for Python 3.10 by @github-actions in #2980
• chore: update SBOM for Python 3.11 by @github-actions in #2979
• feat: checker version "do not match" patterns by @metabiswadeep in #2777
• fix: improve proftpd checker by @ffontaine in #2990
• fix: improve libtiff checker by @ffontaine in #2985
• fix: improve pango checker by @ffontaine in #2986
• fix: update tcpdump checker by @ffontaine in #2972
• feat(checker): add bluez checker by @ffontaine in #2975
• chore: Change version to 3.2.1rc0 for pre-release by @terriko in #2995
• chore: update checkers table by @github-actions in #2994
• test: Improve coverage for unsupported distros in package_list_parser.py by @stvml in #2963
• chore: update SBOM for Python 3.9 by @github-actions in #3009
• chore: update SBOM for Python 3.8 by @github-actions in #3008
• chore: update SBOM for Python 3.10 by @github-actions in #3007
• chore: update SBOM for Python 3.7 by @github-actions in #3006
• chore: update SBOM for Python 3.11 by @github-actions in #3005
• chore: Bump version for 3.2.1 release, sort requirements by @terriko in #3018

New Contributors

• @singh-anushka made their first contribution in #2587
• @rootxrishabh made their first contribution in #2616
• @hcz017 made their first contribution in #2489
• @Xenon1019 made their first contribution in #2702
• @galoget made their first contribution in #2729
• @onuricen made their first contribution in #2742
• @angelina-p09 made their first contribution in #2738
• @rudychung made their first contribution in #2392
• @tanuboddiharinath made their first contribution in #2771
• @michaelwknott made their first contribution in #2781
• @AayushGithub made their first contribution in #2818
• @bipinthecoder made their first contribution in #2839
• @VishnuSanal made their first contribution in #2786
• @Ishaanj18 made their first contribution in #2879
• @esiebomaj made their first contribution in #2868
• @jarebear6expepjozn6rakjq5iczi3irqwphcvb made their first contribution in #2893
• @rudrakshkarpe made their first contribution in #2874
• @stvml made their first contribution in #2940
• @fil1n made their first contribution in #2881

Full Changelog: v3.2...v3.2.1