diff --git a/CHANGELOG b/CHANGELOG index cea2158c2..e7d90b068 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,14 @@ #Nmap Changelog ($Id$); -*-text-*- +o Integrated over 2500 service/version detection fingerprints submitted since + June 2020. The signature count went up 1.4% to 12089, including 9 new + softmatches. We now detect 1246 protocols, including new additions of grpc, + mysqlx, essnet, remotemouse, and tuya. + +o Integrated over 4000 IPv4 OS fingerprints submitted since June 2020. Added + 336 fingerprints, bringing the new total to 6036. Additions include iOS 15 & + 16, macOS Ventura & Monterey, Linux 6.1, OpenBSD 7.1, and lwIP 2.2 + o [NSE] ssh-auth-methods will now print the pre-authentication banner text when available. Requires libssh2 1.11.0 or later. [Daniel Miller] @@ -10,9 +19,34 @@ o [Zenmap][GH#2739] Fix a crash in Zenmap when changing a host comment. o [NSE][GH#2766] Fix TLS 1.2 signature algorithms for EdDSA. [Daniel Roethlisberger] +o [Zenmap][Ndiff][GH#2649] Zenmap and Ndiff now use setuptools, not distutils for packaging. + +o [Zenmap][GH#2706] RPM spec files now correctly require the python3 package, not python>=3 + o [GH#2672] Fixed an issue where TCP Connect scan (-sT) on Windows would fail to open any sockets, leading to scans that never finish. [Daniel Miller] +o Improvements to OS detection fingerprint matching, including a syntax change + for nmap-os-db that allows ranges within the TCP Options string. This leads + to more concise and maintainable fingerprints. [Daniel Miller] + +o Improved the OS detection engine by using a new source port for each retry. + Scans from systems such as Windows that do not send RST for unsolicited + SYN|ACK responses were previously unable to get a response in subsequent + tries. [Daniel Miller] + +o Several profile-guided optimizations of the port scan engine. [Daniel Miller] + +o [GH#2731] Fix an out-of-bounds read which led to out-of-memory errors when + duplicate addresses were used with --exclude + +o [GH#2609] Fixed a memory leak in Nsock: compiled pcap filters were not freed. + +o [Ncat][GH#2685] Fixed Ncat UDP server mode to not quit after EOF on stdin. Reported + as Debian bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039613 + +o [GH#2658] Fixed a crash when using service name wildcards with -p, as in -p "http*" + o [NSE] Fixed DNS TXT record parsing which caused asn-query to fail in Nmap 7.80 and later. [David Fifield, Mike Pattrick]