Skip to content

1.1.0
Compare
Choose a tag to compare
@mprpic mprpic released this 11 Nov 18:22
· 49 commits to master since this release
1.1.0
37c98bf

Changes:

  • The publish and reject subcommands have a new -f/--cve-json-file option that allows submitting CVE records from
    a file (#18).
  • Added CVE v5 JSON schema (5.0.0) validation when publishing a CVE record (#39).
  • Full CVE v5 records can now be used when publishing a CVE; the CNA container is parsed from the CVE record
    automatically (#42).
  • Automatically add providerMetadata from the org used when authenticating against CVE Services if it is missing in
    the supplied CVE record (#19).
  • Added CVE v5 JSON 5.0.0 schemas under cvelib/schemas along with a script that extracts container-level sub-schemas.
  • cve show --show-record --raw now outputs a valid CVE record only (#44).
  • Dropped support for Python 3.6.

Update your existing cvelib package with:

pip install --user --upgrade cvelib

or update your container image with:

podman pull quay.io/prodsecdev/cvelib
# OR
docker pull quay.io/prodsecdev/cvelib
Assets 2
Loading