Release Pre-release cve-bin-tool v3.4.1rc0 · intel/cve-bin-tool

This is a release candidate (pre-release) for CVE Binary Tool v3.4.1. Full release will follow once any issues have been addressed (or a week from now if no issues are found)

This release contains a large number of bug fixes and new checkers (especially thanks to @ffontaine and @qmfrederik), as well as contributions from many people who participated in the selection process for Google Summer of Code 2025. Thank you!

What's Changed

Open for shorter list of new features/fixes (no chore/ci pull requests)

* docs: add missing release notes to RELEASE.md by @uday-rana in https://github.com//pull/4464 * test: purl in productinfo by @AryanBakliwal in https://github.com//pull/4476 * fix: changed metric ids in cvedb to constants (#4473) by @weichslgartner in https://github.com//pull/4475 * feat(checker): add dlt-daemon by @ffontaine in https://github.com//pull/4513 * feat(checker): add linuxptp checker by @ffontaine in https://github.com//pull/4512 * docs: Add docstrings for VEXGenerate class and methods by @vroomvee in https://github.com//pull/4544 * docs: add docstrings to parsers/env.py by @anchita20 in https://github.com//pull/4552 * fix: csv output under windows with correct newlines (#4557) by @weichslgartner in https://github.com//pull/4558 * docs(available_fix/debian_cve_tracker): Add comprehensive docstrings for improved readability and maintainability by @vroomvee in https://github.com//pull/4546 * fix: drop .fr from debian urls by @ffontaine in https://github.com//pull/4533 * Update scorecard.yml by @sfblackl-intel in https://github.com//pull/4617 * test: fix test_output_cyclonedx by @joydeep049 in https://github.com//pull/4622 * feat: add json2 schema and test by @AryanBakliwal in https://github.com//pull/4623 * fix: treat 1.0 and 1 as the same for excel users by @terriko in https://github.com//pull/4543 * feat(parser): add conan parser by @AryanBakliwal in https://github.com//pull/4569 * docs: Update Sphinx and myst-parser versions; resolve warnings by @giacob500 in https://github.com//pull/4581 * feat(checker): add oath_toolkit checker by @ffontaine in https://github.com//pull/4523 * feat(checker): add cpp-httplib checker by @ffontaine in https://github.com//pull/4522 * test: basic execution test for EPSS #4484 by @weichslgartner in https://github.com//pull/4510 * fix: support .arr, support ios/wasm binaries by @iaincoulter in https://github.com//pull/4521 * feat: add universal fix to allow python detection on DLLs by @jananir640 in https://github.com//pull/4538 * fix: update subversion pattern by @ffontaine in https://github.com//pull/4635 * feat(checker): add orc by @ffontaine in https://github.com//pull/4636 * Improved the alt-text in Architecture and Metrics in Manual.md, solves #4604 by @vedpawar2254 in https://github.com//pull/4650 * fix: update busybox checker by @ffontaine in https://github.com//pull/4679 * fix: Adds mismatch in package_data to resolve `ModuleNotFoundError` by @Prtm2110 in https://github.com//pull/4669 * fix: sbom parse inaccurate log by @AryanBakliwal in https://github.com//pull/4683 * fix: update dlt-daemon checker by @ffontaine in https://github.com//pull/4701 * fix: update openssl checker by @ffontaine in https://github.com//pull/4698 * docs: Fixed a few links in manual.md by @vedpawar2254 in https://github.com//pull/4687 * [DOC] Update allow.txt by @vedpawar2254 in https://github.com//pull/4726 * fix: update location handling by @ffontaine in https://github.com//pull/4769 * fix: update `re.split` calls to use `maxsplit` keyword argument by @emmanuel-ferdman in https://github.com//pull/4709 * fix: update openjpeg checker by @ffontaine in https://github.com//pull/4727 * feat(checker): add xz checker by @ffontaine in https://github.com//pull/4728 * fix: set asyncio_default_fixture_loop_scope (fixes #4685) by @rukhshan23 in https://github.com//pull/4708 * feat(checker): add wavpack checker by @ffontaine in https://github.com//pull/4729 * feat(checker): add apr checker by @ffontaine in https://github.com//pull/4731 * feat(checker): Detect jasper 2.x, as found in msys/cygwin by @qmfrederik in https://github.com//pull/4734 * feat(checker): add redis checker by @ffontaine in https://github.com//pull/4762 * feat(checker): add boa checker by @ffontaine in https://github.com//pull/4763 * feat(checker): add toybox checker by @ffontaine in https://github.com//pull/4764 * feat(checker): add indent checker by @ffontaine in https://github.com//pull/4774 * fix: update linuxptp pattern by @ffontaine in https://github.com//pull/4765 * feat(checker): Add djvulibre by @qmfrederik in https://github.com//pull/4738 * feat(checker): add cflow checker by @ffontaine in https://github.com//pull/4781 * fix: update linux_kernel pattern by @ffontaine in https://github.com//pull/4767 * feat(checker): Add gettext by @qmfrederik in https://github.com//pull/4741 * fix: drop .br, .de, .fr and .us from debian urls by @ffontaine in https://github.com//pull/4803 * feat(checker): add uwsgi checker by @ffontaine in https://github.com//pull/4768 * test(output_engine): add regression tests for unset data by @JigyasuRajput in https://github.com//pull/4788 * fix: handle unknown values in metric_finder (Fixes #4578) by @vedpawar2254 in https://github.com//pull/4682 * fix(checker): Improve OpenSSL pattern matching by @qmfrederik in https://github.com//pull/4802 * feat(checker): add inetutils checker by @ffontaine in https://github.com//pull/4778 * feat(checker): add openvswitch checker by @ffontaine in https://github.com//pull/4780 * fix: update strongswan checker by @ffontaine in https://github.com//pull/4782 * fix: update openswan pattern by @ffontaine in https://github.com//pull/4783 * feat(checker): add libreoffice checker by @ffontaine in https://github.com//pull/4784 * fix: update gettext checker by @ffontaine in https://github.com//pull/4809 * feat(checker): add gsasl checker by @ffontaine in https://github.com//pull/4810 * feat(checker): add libreswan checker by @ffontaine in https://github.com//pull/4814 * fix: add json extension when building cyclonedx SBOM by @ffontaine in https://github.com//pull/4820 * feat(checkers): Add SASL by @qmfrederik in https://github.com//pull/4757 * feat(checkers): Add guile by @qmfrederik in https://github.com//pull/4756 * feat(checker): Add OpenBLAS by @qmfrederik in https://github.com//pull/4743 * feat(checker): Add Thread Building Blocks by @qmfrederik in https://github.com//pull/4744 * fix: Support FFmpeg versions with 'n' prefix by @qmfrederik in https://github.com//pull/4745 * fix: update avahi checker by @ffontaine in https://github.com//pull/4821 * feat(checker): add libyang checker by @ffontaine in https://github.com//pull/4817 * fix: Improve nghttp2 heuristics by @qmfrederik in https://github.com//pull/4748 * feat(checker): add xpdf checker by @ffontaine in https://github.com//pull/4815 * fix: Improve FreeRDP detection logic by @qmfrederik in https://github.com//pull/4751 * feat(checkers): Add clang by @qmfrederik in https://github.com//pull/4754 * feat(checker): Add imagemagick by @qmfrederik in https://github.com//pull/4739 * fix: Improve subversion detection logic by @qmfrederik in https://github.com//pull/4749 * fix: Improve .NET detection by @qmfrederik in https://github.com//pull/4750 * fix: Improve Heimdal detection by @qmfrederik in https://github.com//pull/4746 * fix: drop location handling by @ffontaine in https://github.com//pull/4822 * fix: Be flexible in zlib versions by @qmfrederik in https://github.com//pull/4753 * fix: properly format assertion error messages by @emmanuel-ferdman in https://github.com//pull/4840 * feat(checker): Detect libicu 61, as found in msys/cygwin by @qmfrederik in https://github.com//pull/4737 * fix: dotnet test bug by @Saksham-Sirohi in https://github.com//pull/4842 * fix(file): handle PermissionError exception by @ffontaine in https://github.com//pull/4853 * fix(scanner): don't set filepath as purl by @ffontaine in https://github.com//pull/4855 * test(output_engine): improve tests coverage output_engine by @JigyasuRajput in https://github.com//pull/4799 * feat(checker): add liblouis checker by @ffontaine in https://github.com//pull/4816 * fix(sbom): correctly handle multiple vendors by @ffontaine in https://github.com//pull/4857 * feat(checker): Add cairo by @qmfrederik in https://github.com//pull/4740 * fix: update perl checker by @ffontaine in https://github.com//pull/4856 * feat(checker): add ruby checker by @ffontaine in https://github.com//pull/4858 * feat(checker): Detect Python 3.12.x by @captainreality in https://github.com//pull/4860 * feat(checker): add libcap checker by @ffontaine in https://github.com//pull/4870 * feat(checker): add pjsip checker by @ffontaine in https://github.com//pull/4869 * feat(checker): Add jbig by @qmfrederik in https://github.com//pull/4742 * feat(checker): Add lzo2 by @qmfrederik in https://github.com//pull/4747 * Create accessability.md file by @WhataTiberius in https://github.com//pull/4616 * fix: Handle failed purl2cpe download at first run by @stvml in https://github.com//pull/4895 * fix: update cairo pattern by @ffontaine in https://github.com//pull/4898 * fix: update sngrep checker by @ffontaine in https://github.com//pull/4899 * fix: update pjsip pattern by @ffontaine in https://github.com//pull/4896 * feat(sbom): add --sbom-strip-root by @ffontaine in https://github.com//pull/4852 * fix(nvd): handle 'unknown' score value and prevent ValueError by @JigyasuRajput in https://github.com//pull/4772 * test: add test for mismatch package build by @kanakOS01 in https://github.com//pull/4785 * fix: week error in fuzzing scripts by @its403 in https://github.com//pull/4897 * fix: address deprecation warnings in test_checkers by @Saksham-Sirohi in https://github.com//pull/4819 * docs: fix remarks options to have no spaces by @terriko in https://github.com//pull/4867 * fix(output): normalize severity values to prevent HTML report failure by @JigyasuRajput in https://github.com//pull/4786 * test: fix and improve html tests by @hai1337 in https://github.com//pull/4908 * feat(parser): add OpenWrt opkg parser by @ffontaine in https://github.com//pull/4901 * test(parsers): Add tests for js and Python parsers by @JigyasuRajput in https://github.com//pull/4878 * fix(sbom): correctly handle multiple vendors (second try) by @ffontaine in https://github.com//pull/4866 * fix(test_scanner.py): Add test for unopenable file condition by @JigyasuRajput in https://github.com//pull/4834 * fix: Support detecting multiple product versions by @stvml in https://github.com//pull/4911 * docs: increase docstring coverage to 100% by @hai1337 in https://github.com//pull/4913 * feat: improve wording and accessibility in HTML report template by @hai1337 in https://github.com//pull/4914 * docs: minor README improvements by @hai1337 in https://github.com//pull/4915 * docs: improve test README by @hai1337 in https://github.com//pull/4916 * docs: Fix broken links by @Shrishti1701 in https://github.com//pull/4931 * fix: update IGNORE_PATTERNS documentation by @ffontaine in https://github.com//pull/4937 * feat(output_engine): add --strip-scan-dir by @ffontaine in https://github.com//pull/4930 * fix(sbom): handle linux_kernel by @ffontaine in https://github.com//pull/4935 * fix: enhance test_checkers to cover new situations by @Saksham-Sirohi in https://github.com//pull/4942 * docs: update function name from get_version() to get_versions() by @Devesh-Yadav10 in https://github.com//pull/4945 * fix: HTML report does not include all CVEs correctly by @Arnavk194 in https://github.com//pull/4936 * fix: run CI after PR title change by @stvml in https://github.com//pull/4958 * feat(checker): add fuse checker by @ffontaine in https://github.com//pull/4976 * feat(checkers): Add support for llvm by @qmfrederik in https://github.com//pull/4752 * fix: update json-c checker by @ffontaine in https://github.com//pull/4995 * feat(checker): add cups-filters by @ffontaine in https://github.com//pull/4979 * feat(checker): add firejail checker by @ffontaine in https://github.com//pull/4980 * feat(checker): add zbar by @ffontaine in https://github.com//pull/4981 * feat(checker): add ofono checker by @ffontaine in https://github.com//pull/4996 * fix: Be more flexible in GCC detection logic by @qmfrederik in https://github.com//pull/4755 * fix: update libuv checker by @ffontaine in https://github.com//pull/4999 * test: add invalid package to test language scanner by @hai1337 in https://github.com//pull/4918 * feat(checker): add augeas checker by @ffontaine in https://github.com//pull/5021 * fix(gsutil): Add graceful error handling for missing gsutil by @JigyasuRajput in https://github.com//pull/4833 * fix:Add pyproject.toml by @vedpawar2254 in https://github.com//pull/4873 * fix: spdx sbom cpe bug by @AryanBakliwal in https://github.com//pull/4733 * fix: update gcc checker by @ffontaine in https://github.com//pull/5001 * test(package_list_parser): Improve test coverage for `package_list` by @JigyasuRajput in https://github.com//pull/4909 * fix: pin lib4sbom to 0.8.2 due to bug (fixes #5031) by @terriko in https://github.com//pull/5043 * fix(docstrings): add blank line before example by @kehan-zhou in https://github.com//pull/5033 * fix: improve curl checker pattern by @ffontaine in https://github.com//pull/5048 * fix: update docker checker by @ffontaine in https://github.com//pull/5005 * fix: Make extraction work for MSI files when unzip and 7zip installed by @captainreality in https://github.com//pull/4973 * test: Add CVE mapping test for GnuTLS 3.8.0 by @tutou2356 in https://github.com//pull/4998 * feat(checker): allow to disable language checker by @ffontaine in https://github.com//pull/5049 * fix: update procps-ng checker by @ffontaine in https://github.com//pull/5081 * fix: update linuxptp checker by @ffontaine in https://github.com//pull/5103 * fix: update ffmpeg checker by @ffontaine in https://github.com//pull/5096 * fix: update opkg parser by @ffontaine in https://github.com//pull/5104 * docs: fixes #5071 updated MANUAL.md for --skips flag by @NischalPaliwal in https://github.com//pull/5098 * fix: improved metadata handling for NVD mirror (fixes #5093) by @anthonyharrison in https://github.com//pull/5102 * fix(fuzzing): Fix fuzzing workflow by correcting the PYTHONPATH by @alex-ter in https://github.com//pull/5125 * feat: No-Scan SOC for binary checker pipeline by @joydeep049 in https://github.com//pull/5122 * fix: fixes 5095 nvd_sources.py logging by @zjn268 in https://github.com//pull/5127 * feat(checker): add musl by @ffontaine in https://github.com//pull/5113 * refactor: use XDG_CACHE_HOME for default cache directory by @rilnicki in https://github.com//pull/5083

Open for full list of pull requests merged (quite long)

chore(deps): bump github/codeql-action from 3.26.6 to 3.26.8 by @dependabot in #4466
chore(deps): bump peter-evans/create-pull-request from 6.1.0 to 7.0.5 by @dependabot in #4465
chore: update SBOM for Python 3.8 by @github-actions in #4463
chore: update SBOM for Python 3.12 by @github-actions in #4462
chore: update SBOM for Python 3.11 by @github-actions in #4461
chore: update SBOM for Python 3.10 by @github-actions in #4460
chore: update SBOM for Python 3.9 by @github-actions in #4459
docs: add missing release notes to RELEASE.md by @uday-rana in #4464
chore: annotate testing binaries (OSSF scorecard) by @terriko in #4472
chore: update SBOM for Python 3.10 by @github-actions in #4480
chore: update SBOM for Python 3.8 by @github-actions in #4479
chore: update SBOM for Python 3.11 by @github-actions in #4477
test: purl in productinfo by @AryanBakliwal in #4476
chore: update SBOM for Python 3.9 by @github-actions in #4481
chore: update SBOM for Python 3.12 by @github-actions in #4478
chore(deps): bump github/codeql-action from 3.26.8 to 3.26.9 by @dependabot in #4483
chore: update pre-commit config by @github-actions in #4485
chore: update SBOM for Python 3.9 by @github-actions in #4492
chore: update SBOM for Python 3.8 by @github-actions in #4491
chore: update SBOM for Python 3.10 by @github-actions in #4490
chore: update SBOM for Python 3.12 by @github-actions in #4489
chore: update SBOM for Python 3.11 by @github-actions in #4488
ci: switch cache and longtests to default ubuntu by @terriko in #4509
chore: update SBOM for Python 3.8 by @github-actions in #4503
chore: update SBOM for Python 3.9 by @github-actions in #4502
chore: update SBOM for Python 3.10 by @github-actions in #4501
chore: update SBOM for Python 3.11 by @github-actions in #4499
chore: update SBOM for Python 3.12 by @github-actions in #4500
fix: changed metric ids in cvedb to constants (#4473) by @weichslgartner in #4475
chore: update SBOM for Python 3.8 by @github-actions in #4518
chore: update SBOM for Python 3.9 by @github-actions in #4516
chore: update SBOM for Python 3.10 by @github-actions in #4514
chore: update SBOM for Python 3.11 by @github-actions in #4517
chore: update SBOM for Python 3.12 by @github-actions in #4515
feat(checker): add dlt-daemon by @ffontaine in #4513
feat(checker): add linuxptp checker by @ffontaine in #4512
chore: update SBOM for Python 3.9 by @github-actions in #4528
chore: update SBOM for Python 3.8 by @github-actions in #4527
chore: update SBOM for Python 3.10 by @github-actions in #4525
chore: update SBOM for Python 3.11 by @github-actions in #4524
chore: update SBOM for Python 3.12 by @github-actions in #4526
chore: update checkers table by @github-actions in #4536
chore(deps): bump codecov/codecov-action from 4.5.0 to 4.6.0 by @dependabot in #4493
chore(deps): bump github/codeql-action from 3.26.9 to 3.27.0 by @dependabot in #4530
chore(deps): bump actions/dependency-review-action from 4.3.4 to 4.3.5 by @dependabot in #4531
chore(deps): bump actions/cache from 4.0.2 to 4.1.2 by @dependabot in #4532
ci: add comment for interrogate by @terriko in #4542
docs: Add docstrings for VEXGenerate class and methods by @vroomvee in #4544
chore: update SBOM for Python 3.11 by @github-actions in #4551
chore: update SBOM for Python 3.9 by @github-actions in #4550
chore: update SBOM for Python 3.10 by @github-actions in #4549
chore: update SBOM for Python 3.8 by @github-actions in #4548
chore: update SBOM for Python 3.12 by @github-actions in #4547
chore: update pre-commit config by @github-actions in #4545
ci: switch default runners and timeouts by @terriko in #4556
chore: update SBOM for Python 3.11 by @github-actions in #4560
chore: update SBOM for Python 3.9 by @github-actions in #4564
chore: update SBOM for Python 3.8 by @github-actions in #4563
chore(deps): bump conda-incubator/setup-miniconda from 3.0.4 to 3.1.0 by @dependabot in #4566
chore: update SBOM for Python 3.10 by @github-actions in #4562
chore(deps): bump github/codeql-action from 3.27.0 to 3.27.1 by @dependabot in #4565
chore: update SBOM for Python 3.12 by @github-actions in #4561
chore(deps): bump actions/setup-python from 5.2.0 to 5.3.0 by @dependabot in #4555
chore(deps): bump actions/dependency-review-action from 4.3.5 to 4.4.0 by @dependabot in #4554
chore(deps): bump check-spelling/check-spelling from 0.0.22 to 0.0.24 by @dependabot in #4553
docs: add docstrings to parsers/env.py by @anchita20 in #4552
fix: csv output under windows with correct newlines (#4557) by @weichslgartner in #4558
docs(available_fix/debian_cve_tracker): Add comprehensive docstrings for improved readability and maintainability by @vroomvee in #4546
chore: update SBOM for Python 3.9 by @github-actions in #4574
chore: update SBOM for Python 3.8 by @github-actions in #4573
chore: update SBOM for Python 3.10 by @github-actions in #4571
chore: update SBOM for Python 3.11 by @github-actions in #4572
chore: update SBOM for Python 3.12 by @github-actions in #4570
chore(deps): bump actions/attest-build-provenance from 1.4.3 to 1.4.4 by @dependabot in #4576
chore(deps): bump github/codeql-action from 3.27.1 to 3.27.4 by @dependabot in #4575
chore(deps): bump codecov/codecov-action from 4.6.0 to 5.0.2 by @dependabot in #4577
fix: drop .fr from debian urls by @ffontaine in #4533
chore: update SBOM for Python 3.8 by @github-actions in #4586
chore: update SBOM for Python 3.9 by @github-actions in #4587
chore: update SBOM for Python 3.10 by @github-actions in #4584
chore: update SBOM for Python 3.11 by @github-actions in #4585
chore: update SBOM for Python 3.12 by @github-actions in #4583
chore(deps): bump step-security/harden-runner from 2.10.1 to 2.10.2 by @dependabot in #4589
chore(deps): bump actions/dependency-review-action from 4.4.0 to 4.5.0 by @dependabot in #4588
chore: update SBOM for Python 3.8 by @github-actions in #4598
chore: update SBOM for Python 3.9 by @github-actions in #4600
chore: update SBOM for Python 3.10 by @github-actions in #4599
chore: update SBOM for Python 3.11 by @github-actions in #4597
chore: update SBOM for Python 3.12 by @github-actions in #4596
chore: update SBOM for Python 3.8 by @github-actions in #4611
chore: update SBOM for Python 3.9 by @github-actions in #4610
chore: update SBOM for Python 3.10 by @github-actions in #4608
chore: update SBOM for Python 3.11 by @github-actions in #4609
chore: update SBOM for Python 3.12 by @github-actions in #4607
ci: switch to ubuntu-latest for longtests by @terriko in #4605
ci: disable test_output_cyclonedx utnil it can be fixed by @terriko in #4618
chore: update pre-commit config by @github-actions in #4595
Update scorecard.yml by @sfblackl-intel in #4617
chore: fix bandit version on python 3.8 by @terriko in #4620
ci: moving cve-scan job to ubuntu-latest by @terriko in #4621
chore: update SBOM for Python 3.8 by @github-actions in #4627
chore: update SBOM for Python 3.9 by @github-actions in #4628
chore: update SBOM for Python 3.10 by @github-actions in #4626
chore: update SBOM for Python 3.11 by @github-actions in #4624
chore: update SBOM for Python 3.12 by @github-actions in #4625
test: fix test_output_cyclonedx by @joydeep049 in #4622
chore(deps): bump github/codeql-action from 3.27.4 to 3.27.9 by @dependabot in #4630
chore(deps): bump actions/attest-build-provenance from 1.4.4 to 2.1.0 by @dependabot in #4629
chore(deps): bump codecov/codecov-action from 5.0.2 to 5.1.1 by @dependabot in #4612
chore(deps): bump actions/cache from 4.1.2 to 4.2.0 by @dependabot in #4615
ci: attempt to divide up longtests by @terriko in #4631
feat: add json2 schema and test by @AryanBakliwal in #4623
fix: treat 1.0 and 1 as the same for excel users by @terriko in #4543
feat(parser): add conan parser by @AryanBakliwal in #4569
docs: Update Sphinx and myst-parser versions; resolve warnings by @giacob500 in #4581
feat(checker): add oath_toolkit checker by @ffontaine in #4523
feat(checker): add cpp-httplib checker by @ffontaine in #4522
chore: update checkers table by @github-actions in #4632
test: basic execution test for EPSS #4484 by @weichslgartner in #4510
fix: support .arr, support ios/wasm binaries by @iaincoulter in #4521
feat: add universal fix to allow python detection on DLLs by @jananir640 in #4538
ci: disable build provenance by adding comments by @giacob500 in #4634
fix: update subversion pattern by @ffontaine in #4635
chore: update SBOM for Python 3.8 by @github-actions in #4639
chore: update SBOM for Python 3.9 by @github-actions in #4641
chore: update SBOM for Python 3.10 by @github-actions in #4638
chore: update SBOM for Python 3.11 by @github-actions in #4640
chore(deps): bump actions/cache from 4.1.2 to 4.2.0 by @dependabot in #4643
feat(checker): add orc by @ffontaine in #4636
chore(deps): bump github/codeql-action from 3.27.9 to 3.28.0 by @dependabot in #4646
chore: update SBOM for Python 3.12 by @github-actions in #4637
chore: update checkers table by @github-actions in #4648
ci: disable python 3.8 testing & sbom by @terriko in #4647
chore(deps): bump codecov/codecov-action from 5.0.2 to 5.1.2 by @dependabot in #4644
Improved the alt-text in Architecture and Metrics in Manual.md, solves #4604 by @vedpawar2254 in #4650
chore(deps): bump actions/upload-artifact from 4.4.0 to 4.5.0 by @dependabot in #4645
chore: update SBOM for Python 3.9 by @github-actions in #4660
chore: update SBOM for Python 3.10 by @github-actions in #4659
chore: update SBOM for Python 3.11 by @github-actions in #4657
chore: update SBOM for Python 3.12 by @github-actions in #4658
chore(deps): bump peter-evans/create-pull-request from 7.0.5 to 7.0.6 by @dependabot in #4661
chore: update spdx header by @github-actions in #4665
chore: update pre-commit config by @github-actions in #4664
chore: update SBOM for Python 3.9 by @github-actions in #4674
chore: update SBOM for Python 3.10 by @github-actions in #4671
chore: update SBOM for Python 3.11 by @github-actions in #4672
chore: update SBOM for Python 3.12 by @github-actions in #4673
ci: add permissions to yml validation workflow by @terriko in #4678
fix: update busybox checker by @ffontaine in #4679
chore: Adds support for version python version 3.13 by @Prtm2110 in #4668
fix: Adds mismatch in package_data to resolve ModuleNotFoundError by @Prtm2110 in #4669
chore: update SBOM for Python 3.10 by @github-actions in #4690
chore: update SBOM for Python 3.11 by @github-actions in #4689
chore: update SBOM for Python 3.12 by @github-actions in #4688
fix: sbom parse inaccurate log by @AryanBakliwal in #4683
chore(sbom): add blank cve-bin-tool-py3.13.spdx file for py3.13 bootstrap by @teoiliadis in #4696
chore(deps): bump step-security/harden-runner from 2.10.2 to 2.10.4 by @dependabot in #4707
chore: update SBOM for Python 3.9 by @github-actions in #4704
chore(deps): bump actions/upload-artifact from 4.5.0 to 4.6.0 by @dependabot in #4693
chore: update SBOM for Python 3.10 by @github-actions in #4702
chore: update SBOM for Python 3.12 by @github-actions in #4703
chore: update SBOM for Python 3.13 by @github-actions in #4706
chore: update SBOM for Python 3.11 by @github-actions in #4705
fix: update dlt-daemon checker by @ffontaine in #4701
fix: update openssl checker by @ffontaine in #4698
ci: move cache job to python3.13 for memory issue by @terriko in #4713
docs: Fixed a few links in manual.md by @vedpawar2254 in #4687
ci: revert skip of longtests by @terriko in #4714
[DOC] Update allow.txt by @vedpawar2254 in #4726
chore: update SBOM for Python 3.9 by @github-actions in #4720
chore: update SBOM for Python 3.10 by @github-actions in #4719
fix: update location handling by @ffontaine in #4769
chore: update SBOM for Python 3.11 by @github-actions in #4717
chore: update SBOM for Python 3.12 by @github-actions in #4718
chore: update SBOM for Python 3.13 by @github-actions in #4721
fix: update re.split calls to use maxsplit keyword argument by @emmanuel-ferdman in #4709
fix: update openjpeg checker by @ffontaine in #4727
feat(checker): add xz checker by @ffontaine in #4728
fix: set asyncio_default_fixture_loop_scope (fixes #4685) by @rukhshan23 in #4708
chore: update checkers table by @github-actions in #4771
feat(checker): add wavpack checker by @ffontaine in #4729
feat(checker): add apr checker by @ffontaine in #4731
feat(checker): Detect jasper 2.x, as found in msys/cygwin by @qmfrederik in #4734
feat(checker): add redis checker by @ffontaine in #4762
feat(checker): add boa checker by @ffontaine in #4763
feat(checker): add toybox checker by @ffontaine in #4764
feat(checker): add indent checker by @ffontaine in #4774
chore: update checkers table by @github-actions in #4776
fix: update linuxptp pattern by @ffontaine in #4765
chore: update SBOM for Python 3.9 by @github-actions in #4795
chore: update SBOM for Python 3.10 by @github-actions in #4792
chore: update SBOM for Python 3.11 by @github-actions in #4791
chore: update SBOM for Python 3.12 by @github-actions in #4794
chore: update SBOM for Python 3.13 by @github-actions in #4793
feat(checker): Add djvulibre by @qmfrederik in #4738
feat(checker): add cflow checker by @ffontaine in #4781
fix: update linux_kernel pattern by @ffontaine in #4767
feat(checker): Add gettext by @qmfrederik in #4741
ci(workflows): update long and network tests to Python 3.13 by @JigyasuRajput in #4779
chore: update checkers table by @github-actions in #4800
fix: drop .br, .de, .fr and .us from debian urls by @ffontaine in #4803
feat(checker): add uwsgi checker by @ffontaine in #4768
chore: update checkers table by @github-actions in #4804
test(output_engine): add regression tests for unset data by @JigyasuRajput in #4788
ci(pre-commit): update isort stages to fix deprecation warning by @JigyasuRajput in #4790
fix: handle unknown values in metric_finder (Fixes #4578) by @vedpawar2254 in #4682
fix(checker): Improve OpenSSL pattern matching by @qmfrederik in #4802
ci: fix fuzz jobs by @its403 in #4811
feat(checker): add inetutils checker by @ffontaine in #4778
feat(checker): add openvswitch checker by @ffontaine in #4780
fix: update strongswan checker by @ffontaine in #4782
fix: update openswan pattern by @ffontaine in #4783
feat(checker): add libreoffice checker by @ffontaine in #4784
fix: update gettext checker by @ffontaine in #4809
feat(checker): add gsasl checker by @ffontaine in #4810
chore(deps): bump github/codeql-action from 3.28.0 to 3.28.9 by @dependabot in #4796
chore(deps): bump actions/setup-python from 5.3.0 to 5.4.0 by @dependabot in #4758
chore: update SBOM for Python 3.9 by @github-actions in #4828
chore: update SBOM for Python 3.10 by @github-actions in #4826
feat(checker): add libreswan checker by @ffontaine in #4814
chore: update SBOM for Python 3.12 by @github-actions in #4825
fix: add json extension when building cyclonedx SBOM by @ffontaine in #4820
chore: update SBOM for Python 3.13 by @github-actions in #4827
chore: update SBOM for Python 3.11 by @github-actions in #4824
feat(checkers): Add SASL by @qmfrederik in #4757
feat(checkers): Add guile by @qmfrederik in #4756
feat(checker): Add OpenBLAS by @qmfrederik in #4743
feat(checker): Add Thread Building Blocks by @qmfrederik in #4744
fix: Support FFmpeg versions with 'n' prefix by @qmfrederik in #4745
chore(deps): bump step-security/harden-runner from 2.10.4 to 2.11.0 by @dependabot in #4832
fix: update avahi checker by @ffontaine in #4821
feat(checker): add libyang checker by @ffontaine in #4817
fix: Improve nghttp2 heuristics by @qmfrederik in #4748
feat(checker): add xpdf checker by @ffontaine in #4815
fix: Improve FreeRDP detection logic by @qmfrederik in #4751
feat(checkers): Add clang by @qmfrederik in #4754
feat(checker): Add imagemagick by @qmfrederik in #4739
fix: Improve subversion detection logic by @qmfrederik in #4749
fix: Improve .NET detection by @qmfrederik in #4750
fix: Improve Heimdal detection by @qmfrederik in #4746
fix: drop location handling by @ffontaine in #4822
fix: Be flexible in zlib versions by @qmfrederik in #4753
fix: properly format assertion error messages by @emmanuel-ferdman in #4840
chore: update checkers table by @github-actions in #4813
feat(checker): Detect libicu 61, as found in msys/cygwin by @qmfrederik in #4737
fix: dotnet test bug by @Saksham-Sirohi in #4842
chore: update SBOM for Python 3.9 by @github-actions in #4847
chore: update SBOM for Python 3.10 by @github-actions in #4845
chore: update SBOM for Python 3.11 by @github-actions in #4846
chore: update SBOM for Python 3.12 by @github-actions in #4843
chore: update SBOM for Python 3.13 by @github-actions in #4844
fix(file): handle PermissionError exception by @ffontaine in #4853
ci: codecov dashboard coverage info fix by @fil1n in #4838
fix(scanner): don't set filepath as purl by @ffontaine in #4855
ci: fix error failing atheris-libprotobuf-mutator build by @its403 in #4818
test(output_engine): improve tests coverage output_engine by @JigyasuRajput in #4799
feat(checker): add liblouis checker by @ffontaine in #4816
chore(deps): bump actions/cache from 4.2.0 to 4.2.1 by @dependabot in #4851
fix(sbom): correctly handle multiple vendors by @ffontaine in #4857
feat(checker): Add cairo by @qmfrederik in #4740
chore(deps-dev): bump pre-commit from 4.0.1 to 4.1.0 by @dependabot in #4725
fix: update perl checker by @ffontaine in #4856
chore: update checkers table by @github-actions in #4863
chore(deps): bump codecov/codecov-action from 5.1.2 to 5.3.1 by @dependabot in #4722
feat(checker): add ruby checker by @ffontaine in #4858
ci: Add spell checker in pre-commit by @vedpawar2254 in #4859
feat(checker): Detect Python 3.12.x by @captainreality in #4860
ci: spelling write access for comments by @terriko in #4868
chore: update checkers table by @github-actions in #4865
chore: update SBOM for Python 3.9 by @github-actions in #4883
chore: update SBOM for Python 3.11 by @github-actions in #4880
chore: update SBOM for Python 3.12 by @github-actions in #4879
chore: update SBOM for Python 3.13 by @github-actions in #4881
chore: update SBOM for Python 3.10 by @github-actions in #4882
feat(checker): add libcap checker by @ffontaine in #4870
feat(checker): add pjsip checker by @ffontaine in #4869
feat(checker): Add jbig by @qmfrederik in #4742
feat(checker): Add lzo2 by @qmfrederik in #4747
Create accessability.md file by @WhataTiberius in #4616
chore: update checkers table by @github-actions in #4894
chore(deps): bump actions/upload-artifact from 4.6.0 to 4.6.1 by @dependabot in #4850
chore(deps): bump github/codeql-action from 3.28.9 to 3.28.10 by @dependabot in #4849
chore: update pre-commit config by @github-actions in #4736
chore(deps): bump conda-incubator/setup-miniconda from 3.1.0 to 3.1.1 by @dependabot in #4724
fix: Handle failed purl2cpe download at first run by @stvml in #4895
chore(deps): bump actions/cache from 4.2.1 to 4.2.2 by @dependabot in #4887
chore(deps): bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 by @dependabot in #4888
fix: update cairo pattern by @ffontaine in #4898
fix: update sngrep checker by @ffontaine in #4899
fix: update pjsip pattern by @ffontaine in #4896
feat(sbom): add --sbom-strip-root by @ffontaine in #4852
fix(nvd): handle 'unknown' score value and prevent ValueError by @JigyasuRajput in #4772
test: add test for mismatch package build by @kanakOS01 in #4785
fix: week error in fuzzing scripts by @its403 in #4897
fix: address deprecation warnings in test_checkers by @Saksham-Sirohi in #4819
chore(deps): bump sphinx from 8.0.2 to 8.2.3 by @dependabot in #4885
chore(deps): bump myst-parser from 4.0.0 to 4.0.1 by @dependabot in #4831
docs: fix remarks options to have no spaces by @terriko in #4867
chore: alphabetically sort dev-requirements.txt #4890 by @AshishYesale7 in #4893
chore: re-add build to dev-requirements.txt by @terriko in #4907
fix(output): normalize severity values to prevent HTML report failure by @JigyasuRajput in #4786
test: fix and improve html tests by @hai1337 in #4908
feat(parser): add OpenWrt opkg parser by @ffontaine in #4901
test(parsers): Add tests for js and Python parsers by @JigyasuRajput in #4878
fix(sbom): correctly handle multiple vendors (second try) by @ffontaine in #4866
fix(test_scanner.py): Add test for unopenable file condition by @JigyasuRajput in #4834
fix: Support detecting multiple product versions by @stvml in #4911
docs: increase docstring coverage to 100% by @hai1337 in #4913
feat: improve wording and accessibility in HTML report template by @hai1337 in #4914
docs: minor README improvements by @hai1337 in #4915
docs: improve test README by @hai1337 in #4916
docs: Fix broken links by @Shrishti1701 in #4931
fix: update IGNORE_PATTERNS documentation by @ffontaine in #4937
chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 by @dependabot in #4926
chore(deps): bump github/codeql-action from 3.28.10 to 3.28.11 by @dependabot in #4928
feat(output_engine): add --strip-scan-dir by @ffontaine in #4930
chore(deps): bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 by @dependabot in #4925
fix(sbom): handle linux_kernel by @ffontaine in #4935
chore: update SBOM for Python 3.9 by @github-actions in #4949
chore: update SBOM for Python 3.10 by @github-actions in #4946
chore: update SBOM for Python 3.12 by @github-actions in #4948
chore: update SBOM for Python 3.11 by @github-actions in #4950
chore: update SBOM for Python 3.13 by @github-actions in #4947
fix: enhance test_checkers to cover new situations by @Saksham-Sirohi in #4942
docs: update function name from get_version() to get_versions() by @Devesh-Yadav10 in #4945
fix: HTML report does not include all CVEs correctly by @Arnavk194 in #4936
fix: run CI after PR title change by @stvml in #4958
chore(deps): bump codecov/codecov-action from 5.3.1 to 5.4.0 by @dependabot in https://github.com/intel/cve-bin-tool/pull/4927
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4962
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4963
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4964
chore: update SBOM for Python 3.13 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4961
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4972
feat(checker): add fuse checker by @ffontaine in #4976
chore: update checkers table by @github-actions in https://github.com/intel/cve-bin-tool/pull/4977
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4983
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4984
chore: update SBOM for Python 3.13 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4986
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4985
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/4982
feat(checkers): Add support for llvm by @qmfrederik in #4752
fix: update json-c checker by @ffontaine in #4995
chore(deps): bump actions/setup-python from 5.4.0 to 5.5.0 by @dependabot in https://github.com/intel/cve-bin-tool/pull/4988
chore(deps): bump github/codeql-action from 3.28.11 to 3.28.13 by @dependabot in https://github.com/intel/cve-bin-tool/pull/4987
chore: update checkers table by @github-actions in https://github.com/intel/cve-bin-tool/pull/4990
chore: update pre-commit config by @github-actions in https://github.com/intel/cve-bin-tool/pull/4992
feat(checker): add cups-filters by @ffontaine in #4979
feat(checker): add firejail checker by @ffontaine in #4980
feat(checker): add zbar by @ffontaine in #4981
feat(checker): add ofono checker by @ffontaine in #4996
fix: Be more flexible in GCC detection logic by @qmfrederik in #4755
fix: update libuv checker by @ffontaine in #4999
test: add invalid package to test language scanner by @hai1337 in #4918
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5010
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5006
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5009
chore: update SBOM for Python 3.13 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5007
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5008
chore: update checkers table by @github-actions in https://github.com/intel/cve-bin-tool/pull/5000
feat(checker): add augeas checker by @ffontaine in #5021
chore(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5030
chore: update checkers table by @github-actions in https://github.com/intel/cve-bin-tool/pull/5024
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5028
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5029
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5027
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5025
chore: update SBOM for Python 3.13 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5026
fix(gsutil): Add graceful error handling for missing gsutil by @JigyasuRajput in #4833
fix:Add pyproject.toml by @vedpawar2254 in #4873
fix: spdx sbom cpe bug by @AryanBakliwal in #4733
fix: update gcc checker by @ffontaine in #5001
test(package_list_parser): Improve test coverage for package_list by @JigyasuRajput in #4909
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5036
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5039
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5037
chore: update SBOM for Python 3.13 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5040
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5038
fix: pin lib4sbom to 0.8.2 due to bug (fixes #5031) by @terriko in #5043
chore(deps): bump codecov/codecov-action from 5.4.0 to 5.4.2 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5042
chore(deps): bump step-security/harden-runner from 2.11.0 to 2.11.1 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5014
chore(deps): bump actions/dependency-review-action from 4.5.0 to 4.6.0 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5013
chore(deps): bump actions/upload-artifact from 4.6.1 to 4.6.2 by @dependabot in https://github.com/intel/cve-bin-tool/pull/4966
chore(deps): bump actions/cache from 4.2.2 to 4.2.3 by @dependabot in https://github.com/intel/cve-bin-tool/pull/4965
fix(docstrings): add blank line before example by @kehan-zhou in #5033
fix: improve curl checker pattern by @ffontaine in #5048
fix: update docker checker by @ffontaine in #5005
chore(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5055
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5052
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5054
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5051
chore: update SBOM for Python 3.13 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5050
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5053
chore(deps): bump lib4sbom from 0.8.2 to 0.8.4 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5057
chore(deps): bump actions/setup-python from 5.5.0 to 5.6.0 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5056
fix: Make extraction work for MSI files when unzip and 7zip installed by @captainreality in #4973
chore(deps): bump github/codeql-action from 3.28.16 to 3.28.17 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5065
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5061
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5060
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5064
chore: update SBOM for Python 3.13 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5062
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5063
test: Add CVE mapping test for GnuTLS 3.8.0 by @tutou2356 in #4998
feat(checker): allow to disable language checker by @ffontaine in #5049
chore: update SBOM for Python 3.13 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5075
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5077
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5078
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5076
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5079
chore(deps): bump actions/dependency-review-action from 4.6.0 to 4.7.0 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5080
fix: update procps-ng checker by @ffontaine in #5081
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5086
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5087
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5088
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5085
chore: update SBOM for Python 3.13 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5084
fix: update linuxptp checker by @ffontaine in #5103
fix: update ffmpeg checker by @ffontaine in #5096
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5105
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5107
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5109
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5106
chore: update SBOM for Python 3.13 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5108
fix: update opkg parser by @ffontaine in #5104
chore(deps): bump codecov/codecov-action from 5.4.2 to 5.4.3 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5092
chore(deps): bump actions/dependency-review-action from 4.7.0 to 4.7.1 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5091
chore(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5090
docs: fixes #5071 updated MANUAL.md for --skips flag by @NischalPaliwal in #5098
fix: improved metadata handling for NVD mirror (fixes #5093) by @anthonyharrison in #5102
chore(deps): bump check-spelling/check-spelling from 0.0.24 to 0.0.25 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5089
chore(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5119
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5117
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5114
chore: update SBOM for Python 3.13 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5118
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5116
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5115
chore(deps): bump conda-incubator/setup-miniconda from 3.1.1 to 3.2.0 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5133
chore(deps): bump github/codeql-action from 3.28.18 to 3.28.19 by @dependabot in https://github.com/intel/cve-bin-tool/pull/5134
chore: update SBOM for Python 3.10 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5128
chore: update SBOM for Python 3.9 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5131
chore: update SBOM for Python 3.12 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5132
chore: update SBOM for Python 3.13 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5130
chore: update SBOM for Python 3.11 by @github-actions in https://github.com/intel/cve-bin-tool/pull/5129
fix(fuzzing): Fix fuzzing workflow by correcting the PYTHONPATH by @alex-ter in #5125
feat: No-Scan SOC for binary checker pipeline by @joydeep049 in #5122
fix: fixes 5095 nvd_sources.py logging by @zjn268 in #5127
feat(checker): add musl by @ffontaine in #5113
chore: update versions preparing for 3.4.1pre0 by @terriko in https://github.com/intel/cve-bin-tool/pull/5135
chore: update checkers table by @github-actions in https://github.com/intel/cve-bin-tool/pull/5137
refactor: use XDG_CACHE_HOME for default cache directory by @rilnicki in #5083

New Contributors

@uday-rana made their first contribution in #4464
@vroomvee made their first contribution in #4544
@anchita20 made their first contribution in #4552
@sfblackl-intel made their first contribution in #4617
@giacob500 made their first contribution in #4581
@iaincoulter made their first contribution in #4521
@vedpawar2254 made their first contribution in #4650
@Prtm2110 made their first contribution in #4668
@teoiliadis made their first contribution in #4696
@emmanuel-ferdman made their first contribution in #4709
@rukhshan23 made their first contribution in #4708
@qmfrederik made their first contribution in #4734
@JigyasuRajput made their first contribution in #4779
@its403 made their first contribution in #4811
@Saksham-Sirohi made their first contribution in #4842
@captainreality made their first contribution in #4860
@WhataTiberius made their first contribution in #4616
@kanakOS01 made their first contribution in #4785
@AshishYesale7 made their first contribution in #4893
@hai1337 made their first contribution in #4908
@Shrishti1701 made their first contribution in #4931
@Devesh-Yadav10 made their first contribution in #4945
@Arnavk194 made their first contribution in #4936
@kehan-zhou made their first contribution in #5033
@tutou2356 made their first contribution in #4998
@NischalPaliwal made their first contribution in #5098
@alex-ter made their first contribution in #5125
@zjn268 made their first contribution in #5127
@rilnicki made their first contribution in #5083

Full Changelog: v3.4...v3.4.1rc0

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Pre-release cve-bin-tool v3.4.1rc0

What's Changed

New Contributors

Contributors

Uh oh!