Release notes for version 1.3.212.1744
No Type Description
--- ----- ----------------------------------
1 DOC Installation guide updated to refer to correct support email address
2 CODE Plugin options screen added to the options pages
3 CONFIG Added plugins.plugs to the application.xml
4 INSTALL Added plugins.tem to the installation
5 INSTALL Updated configuration install.conf to create plugins.plug on installation
6 INSTALL Added OracleConnect.plg.tem to installer
7 INSTALL Added ServerConnect.plg.tem to the installer
8 INSTALL Updated configuration install.conf to create OracleConnect.plg on installation
9 INSTALL Updated configuration install.conf to create ServerConnect.plg on installation
10 INSTALL The internalprojects folder has been renamed "plugins" in preparation for the
release of plugins functionallity
11 INSTALL plugins configuration file templates for ServerConnect and OracleConnect
altered to use plugins folder
12 INSTALL install.conf changed to use plugins folder instead of internalprojects
13 INSTALL OracleConnect.pfcl plugin project modified to use the plugins folder and
not the internalprojects folder
14 INSTALL ServerConnect.pfcl plugin project modified to use the plugins folder and
not the internalprojects folder
15 INSTALL application.xml altered to start external projects at 501 not 101 to allow
more space for plugins
16 INSTALL data.pfcl.tem modified to use a project id of 500 to allow for more plugins
17 CODE Added plugins base to the application.xml file
18 INSTALL Changed the paths to the OracleConnect and ServerConnect plugins in the input
policies to reference the plugins folder
19 CONFIG Added plugin ID and hooks ID to the application.xml configuration
20 INSTALL Removed plg and .plug templates and added files direct due to redesign to
remove the need to add paths to the .plg and .plug files
21 INSTALL Five new policy files added that can be used to test simple based
projects.
22 CODE Modified code parser behaviour for inserts to not throw an error but
instead insert a NULL string into the check code stream
23 CODE Modified the database targets screen to clarify that the connection requires
the SID or service name dependant on how your database is configured.
24 DOC Updated documentation to clarify use of SID/Service name in database
connections.
25 CODE Added additonal logger calls for oscan startup
26 CODE rebuilt oscan using /W4 and closed out over 177 warnings developed by this
deeper check. These were related to unitialised variables, type miss-match,
unreachable code. variables used potentially when uninitialised and many more.
We also corrected two logic errors in the PFCLScript processing.
27 CODE oscan.exe - Changed all calls to free() to Free()
28 CODE oscan.exe - Changed all calls to Free() to test ptr before Free()
29 CODE oscan.exe - Changed all calls to Free() to null the ptr after Free()
30 CODE oscan.exe - All calls to malloc changed to use Malloc()
31 CODE oscan.exe - All calls to Malloc(), datatypes changed to specifics and not generics
32 CODE oscan.exe - All calls to Malloc() now have memory zero'd
33 CODE oscan.exe - increased code buffer
34 CODE oscan.exe - fixed buffer overrun in the 11g password cracker in internal function
35 CODE oscan.exe - fixed buffer overrun in 11g cracker outer function.
36 CODE oscan.exe - new faster hex conversion routine in 11g cracker
37 INSTALL LuaChecks.tem added to installation as an example for locating checks of a certain
type
38 CODE oscan.exe - added unique xml.log token entries.
39 CODE oscan.exe - xmal parser for test files, results and policies changed to add much
more aggressive error checking on each node read.
40 CODE Deep Analysis 1 policy. Customers DBA with DBA role modified to test for no specified
DBA's
41 CODE Deep Analysis 1 policy. Non DBA granted customer DBA roles modified to test for
no specified DBAs