ZLint v3.5.0-rc1
Pre-release
Pre-release
·
143 commits
to master
since this release
ZLint v3.5.0-rc1
The ZMap team is happy to share ZLint v3.5.0-rc1.
Thank you to everyone who contributes to ZLint!
Breaking Changes:
No breaking changes were made in this release.
New Features:
New infrastructure has been added that supports linting Certificate Revocation Lists.
A special thank you to Amir Omidi for their work on this contribution!
New Lints:
e_crl_has_next_updateConforming CRL issuers MUST include the nextUpdate field in all CRLs.
Bug Fixes:
- Changed
e_cert_unique_identifier_version_not_2_or_3to apply to all certificates, effectively changin aN/Aresult to aPASSresult. - Changed several unit tests that asserted on string messages, resulting in brittle tests.
Security Updates
- Patch for security vulnerability CVE-2021-38561 (CVSS 7.5)
- Patch for security vulnerability CVE-2021-33194 (CVSS 7.5)
- Patch for security vulnerability CVE-2022-32149 (CVSS 7.5)
- Patch for security vulnerability CVE-2022-27664 (CVSS 7.5)
- Patch for security vulnerability CVE-2021-43565 (CVSS 7.5)
- Patch for security vulnerability CVE-2022-27191 (CVSS 7.5)
- Patch for security vulnerability CVE-2022-29526 (CVSS 5.3)
- Patch for security vulnerability CVE-2021-31525 (CVSS 5.9)
- Patch for security vulnerability CVE-2022-41723 (CVSS "low")
- Patch for security vulnerability CVE-2022-27664 (CVSS 7.5)
Changelog
- 1d8591c Remove references in comments to Initialize() method of lints (#718)
- 2438596 Always perform e_cert_unique_identifier_version_not_2_or_3 (#711)
- a5c869f Update copyright text to 2023 (#716)
- 997ad51 Add CRL linting infrastructure (#699)
- 64ae4e5 build(deps): bump golang.org/x/net in /v3/cmd/genTestCerts (#704)
- 68901ea build(deps): bump golang.org/x/net in /v3 (#702)
- 5ed8e34 asserting human readable strings is error prone (#707)
- c7740fa build(deps): bump golang.org/x/text in /v3/cmd/genTestCerts (#701)
- a476724 Upgrading golangci-lint to v1.51.2 (#705)
- 46f7185 build(deps): bump golang.org/x/text from 0.3.7 to 0.3.8 in /v3 (#700)
- 8a9f61e test.ReadTestCert breaks for downstream consumers dependent on the previous relative certificate path building behavior (#695)
- 6292ca4 Adding support for linting profiles (#595)
- c627333 util: gtld_map autopull updates for 2022-10-10T19:22:35 UTC (#694)
- 13fcc6f util: gtld_map autopull updates for 2022-10-06T19:22:06 UTC (#693)
Full Changelog:v3.4.1...v3.5.0-rc1