ZLint 3.5.0
34 views
Skip to first unread message
chris
Jun 11, 2023, 1:43:34 PM6/11/23
to ZLint Announcements
# ZLint v3.5.0
The ZMap team is happy to share ZLint v3.5.0 (https://github.com/zmap/zlint/releases/tag/v3.5.0).
Thank you to everyone who contributes to ZLint!
## Breaking Changes:
No breaking changes were made in this release.
## New Features:
New infrastructure has been added that supports linting Certificate Revocation Lists.
A special thank you to Amir Omidi for their work on this contribution!
## New Lints:
* `e_crl_has_next_update` Conforming CRL issuers MUST include the nextUpdate field in all CRLs.
## Bug Fixes:
* Changed `e_cert_unique_identifier_version_not_2_or_3` to apply to all certificates, effectively changin a `N/A` result to a `PASS` result.
* Changed several unit tests that asserted on string messages, resulting in brittle tests.
## Security Updates
* Patch for security vulnerability CVE-2021-38561 (CVSS 7.5)
* Patch for security vulnerability CVE-2021-33194 (CVSS 7.5)
* Patch for security vulnerability CVE-2022-32149 (CVSS 7.5)
* Patch for security vulnerability CVE-2022-27664 (CVSS 7.5)
* Patch for security vulnerability CVE-2021-43565 (CVSS 7.5)
* Patch for security vulnerability CVE-2022-27191 (CVSS 7.5)
* Patch for security vulnerability CVE-2022-29526 (CVSS 5.3)
* Patch for security vulnerability CVE-2021-31525 (CVSS 5.9)
* Patch for security vulnerability CVE-2022-41723 (CVSS "low")
* Patch for security vulnerability CVE-2022-27664 (CVSS 7.5)
## Changelog
* 45e8dff Update README.md (#719)
* af90382 Enable accepting a PEM encoded CRL via the command line interface (#721)
* 1d8591c Remove references in comments to Initialize() method of lints (#718)
* 2438596 Always perform e_cert_unique_identifier_version_not_2_or_3 (#711)
* a5c869f Update copyright text to 2023 (#716)
* 997ad51 Add CRL linting infrastructure (#699)
* 64ae4e5 build(deps): bump golang.org/x/net in /v3/cmd/genTestCerts (#704)
* 68901ea build(deps): bump golang.org/x/net in /v3 (#702)
* 5ed8e34 asserting human readable strings is error prone (#707)
* c7740fa build(deps): bump golang.org/x/text in /v3/cmd/genTestCerts (#701)
* a476724 Upgrading golangci-lint to v1.51.2 (#705)
* 46f7185 build(deps): bump golang.org/x/text from 0.3.7 to 0.3.8 in /v3 (#700)
* 8a9f61e test.ReadTestCert breaks for downstream consumers dependent on the previous relative certificate path building behavior (#695)
* 6292ca4 Adding support for linting profiles (#595)
* c627333 util: gtld_map autopull updates for 2022-10-10T19:22:35 UTC (#694)
* 13fcc6f util: gtld_map autopull updates for 2022-10-06T19:22:06 UTC (#693)
**Full Changelog**:https://github.com/zmap/zlint/compare/v3.4.1...v3.5.0
The ZMap team is happy to share ZLint v3.5.0 (https://github.com/zmap/zlint/releases/tag/v3.5.0).
Thank you to everyone who contributes to ZLint!
## Breaking Changes:
No breaking changes were made in this release.
## New Features:
New infrastructure has been added that supports linting Certificate Revocation Lists.
A special thank you to Amir Omidi for their work on this contribution!
## New Lints:
* `e_crl_has_next_update` Conforming CRL issuers MUST include the nextUpdate field in all CRLs.
## Bug Fixes:
* Changed `e_cert_unique_identifier_version_not_2_or_3` to apply to all certificates, effectively changin a `N/A` result to a `PASS` result.
* Changed several unit tests that asserted on string messages, resulting in brittle tests.
## Security Updates
* Patch for security vulnerability CVE-2021-38561 (CVSS 7.5)
* Patch for security vulnerability CVE-2021-33194 (CVSS 7.5)
* Patch for security vulnerability CVE-2022-32149 (CVSS 7.5)
* Patch for security vulnerability CVE-2022-27664 (CVSS 7.5)
* Patch for security vulnerability CVE-2021-43565 (CVSS 7.5)
* Patch for security vulnerability CVE-2022-27191 (CVSS 7.5)
* Patch for security vulnerability CVE-2022-29526 (CVSS 5.3)
* Patch for security vulnerability CVE-2021-31525 (CVSS 5.9)
* Patch for security vulnerability CVE-2022-41723 (CVSS "low")
* Patch for security vulnerability CVE-2022-27664 (CVSS 7.5)
## Changelog
* 45e8dff Update README.md (#719)
* af90382 Enable accepting a PEM encoded CRL via the command line interface (#721)
* 1d8591c Remove references in comments to Initialize() method of lints (#718)
* 2438596 Always perform e_cert_unique_identifier_version_not_2_or_3 (#711)
* a5c869f Update copyright text to 2023 (#716)
* 997ad51 Add CRL linting infrastructure (#699)
* 64ae4e5 build(deps): bump golang.org/x/net in /v3/cmd/genTestCerts (#704)
* 68901ea build(deps): bump golang.org/x/net in /v3 (#702)
* 5ed8e34 asserting human readable strings is error prone (#707)
* c7740fa build(deps): bump golang.org/x/text in /v3/cmd/genTestCerts (#701)
* a476724 Upgrading golangci-lint to v1.51.2 (#705)
* 46f7185 build(deps): bump golang.org/x/text from 0.3.7 to 0.3.8 in /v3 (#700)
* 8a9f61e test.ReadTestCert breaks for downstream consumers dependent on the previous relative certificate path building behavior (#695)
* 6292ca4 Adding support for linting profiles (#595)
* c627333 util: gtld_map autopull updates for 2022-10-10T19:22:35 UTC (#694)
* 13fcc6f util: gtld_map autopull updates for 2022-10-06T19:22:06 UTC (#693)
**Full Changelog**:https://github.com/zmap/zlint/compare/v3.4.1...v3.5.0
Reply all
Reply to author
Forward
0 new messages