gsa 2.0.1 (2011-03-02)

This is the first maintenance release of the Greenbone Security Assistant (GSA)
2.0 module for the Open Vulnerability Assessment System release 4 (OpenVAS-4).
It is the web client that makes the full feature set of OpenVAS Manager
available in a web browser.

This release fixes three memory and resource leaks discovered after the release
of GSA 2.0.0. It also switches XSL transformations to a separate process, which
protects the GSA from threading and memory errors in libxslt and libxml.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Pavel Sejnoha, Michael Wiegand and Felix Wolfsteller.

Main changes since 2.0.0:
* Two memory leaks discovered by Pavel Sejnoha and one resource leak discovered
  by Felix Wolfsteller have been closed.
* GSA now does XSL transformation in a separate process by default.


gsa 2.0.0 (2011-02-21)

This is the first release of the Greenbone Security Assistant (GSA) 2.0 module
for the Open Vulnerability Assessment System release 4 (OpenVAS-4).
It is the web client that makes the full feature set of OpenVAS Manager
available in a web browser.

GSA 2.0 implements all of the new features of the protocol OMP 2.0.
This includes the plugin based report format framework, the master-slave
mode and many other changes and improvements. It also brings several
improvements to existing features, like credential management, session
management and an improved build environment.

Many thanks to everyone who has contributed to this release:
Stephan Kleine, Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix
Wolfsteller.

Main changes since 1.0.x:
* Support for report format plugin framework has been added.
* Support for master-slave mode has been added.
* Support for editing credentials has been added.
* Support for agent verification has been added.
* Input validation for user names and passwords has been improved.
* Support for Microsoft Internet Explorer has been improved.
* The usability and layout of the web interface has been improved.
* GSA now builds with libmicrohttpd 0.9.2 and above.
* Target credentials for SMB and SSH are now separated.
* The user interface for displaying filtered reports and for report downloads
  has been improved.
* Hardening flags are now enabled during compile time to increase code quality.
* Support for setting the port range for a target has been added.
* If no port is specified, GSA will now attempt to listen on the appropriate
  privileged port (80 or 443) and fall back to listening on its default port
  (9392) if those are unavailable.
* GSA now uses pkg-config to find required libraries.
* The HTTP Basic Auth based session management has been replace with a token
  based session management.
* A JavaScript indicator has been added.
* Support for fallback system reports has been added.
* The "About" page has been reworked.
* Cookie based session identification has been added.

Main changes since 2.0+rc5:
* The JavaScript indicator has been improved.
* GSA now checks for required libxml threading support.


gsa 2.0+rc5 (2011-02-18)

This is the fifth release candidate for the upcoming 2.0 release of the
Greenbone Security Assistant (GSA). It is the web client that makes the full
feature set of OpenVAS Manager available in a web browser.  Release 2.0 is part
of OpenVAS 4, the next generation of the Open Vulnerability Assessment System.

This release fixes an issue which caused some actions in the GSA to fail due to
an error in the cookie base session identification and improves the handling of
relogins after expired sessions.

Many thanks to everyone who has contributed to this release:
Matthew Mundell.

Main changes since 2.0+rc4:
* The cookie base session identification has been improved.
* An issue with parsing the session cookie has been fixed.
* The handling of POST requests after a relogin has been improved.


gsa 2.0+rc4 (2011-02-17)

This is the fourth release candidate for the upcoming 2.0 release of the
Greenbone Security Assistant (GSA). It is the web client that makes the full
feature set of OpenVAS Manager available in a web browser.  Release 2.0 is part
of OpenVAS 4, the next generation of the Open Vulnerability Assessment System.

This release features a new cookie based session identification infrastructure,
several improvements to user interface, documentation and build environment and
adds support for fallback system reports.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 2.0+rc3:
* The documentation and the build environment have been updated.
* The scan config overview now shows the number of selected NVT through family
  selection as well.
* A JavaScript indicator has been added.
* Support for fallback system reports has been added.
* An issue which caused logins to fail under certain circumstances due to overly
  strict input validation has been fixed.
* The "About" page has been reworked.
* Cookie base session identification has been added.


gsa 2.0+rc3 (2011-02-04)

This is the third release candidate for the upcoming 2.0 release of the
Greenbone Security Assistant (GSA). It is the web client that makes the full
feature set of OpenVAS Manager available in a web browser.  Release 2.0 is part
of OpenVAS 4, the next generation of the Open Vulnerability Assessment System.

This release features a complete replacement of the HTTP Basic Auth based
session management with a token based session management. It also contains
improved documentation and improvements to the build environment.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 2.0+rc2:
* A notice is added to the log if binding to the default port failed and the
  fallback port was used.
* GSA now uses pkg-config to find required libraries.
* The HTTP Basic Auth based session management has been replace with a token
  based session management.
* GSA now provides a manual page for the gsad binary.


gsa 2.0+rc2 (2011-01-21)

This is the second release candidate for the upcoming 2.0 release of the
Greenbone Security Assistant (GSA). It is the web client that makes the full
feature set of OpenVAS Manager available in a web browser.  Release 2.0 is part
of OpenVAS 4, the next generation of the Open Vulnerability Assessment System.

This release extends the range of valid characters for LSC credential passwords,
improves the behavior if no port is specified and makes the output of --version
compliant with the GNU Coding Standards.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 2.0+rc1:
* The output of --version now complies with the GNU Coding Standards.
* The range of valid characters for LSC credential passwords has been extended
  further.
* If no port is specified, GSA will now attempt to listen on the appropriate
  privileged port (80 or 443) and fall back to listening on its default port
  (9392) if those are unavailable.


gsa 2.0+rc1 (2010-12-21)

This is the first release candidate for the upcoming 2.0 release of the
Greenbone Security Assistant (GSA). It is the web client that makes the full
feature set of OpenVAS Manager available in a web browser.  Release 2.0 is part
of OpenVAS 4, the next generation of the Open Vulnerability Assessment System.

This release adds support for separate SMB and SSH credentials and for setting
per-target port ranges. It improves the user interface for displaying filtered
reports and for report downloads.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 2.0+beta1:
* Error handling for reports has been improved.
* A bug which cause credential comments to be ignored when creating new LSC
  credentials has been fixed.
* Target credentials for SMB and SSH are now separated.
* The user interface for displaying filtered reports and for report downloads
  has been improved.
* Hardening flags are now enabled during compile time to increase code quality.
* Support for setting the port range for a target has been added.


gsa 2.0+beta1 (2010-11-19)

This is the first beta version of the upcoming 2.0 release of the
Greenbone Security Assistant (GSA). It is the web client that makes
the full feature set of OpenVAS Manager available in a web browser.
Release 2.0 is part of OpenVAS 4, the next generation
of the Open Vulnerability Assessment System.

GSA 2.0 implements all of the new features of the protocol OMP 2.0.
This include the plugin based report format framework, the master-slave
mode and many other changes and improvements.

Many thanks to everyone who has contributed to this release:
Stephan Kleine, Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix
Wolfsteller.

Central new features of Greenbone Security Assistant 2.0:

* Support for report format plugin framework has been added.
* Support for master-slave mode has been added.
* Support for editing credentials has been added.
* Support for agent verification has been added.
* Input validation for user names and passwords has been improved.
* Support for Microsoft Internet Explorer has been improved.
* The usability and layout of the web interface has been improved.
* GSA now builds with libmicrohttpd 0.9.2 and above.


gsa 1.0.0 (2010-08-02)

This is the 1.0.0 release of GSA (Greenbone Security Assistant), an OMP web client
for the Open Vulnerability Assessment System (OpenVAS).

GSA 1.0 represents almost 2 years of intensive work. The mission of GSA is to be
a web client to the OpenVAS Manager 1.0 via the OpenVAS Management Protocol (OMP).

GSA offers a complete implementation of OMP in order to access all features
to organize and manage OpenVAS vulnerability scans. Additionally, GSA
optionally acts as a client for the upcoming openvas-administrator using the
OpenVAS Administration Protocol (OAP) which allows e.g. management of scan users.

Central features of Greenbone Security Assistant are:

* Full OMP 1.0 client. The XML-based OMP responses are transformed into
  web pages via XSLT.

* No additional web-server required. The GSA daemon (gsad) uses microhttpd
  to implement a HTTP service on its own.

* Plain HTML. Neither cookies, JavaScript nor other dynamic elements are used.
  GSA works stateless and uses HTTP Basic Auth.

Greenbone Security Assistant is Free Software (Open Source), licensed
under GNU General Public License Version 2 or any later version.

The OpenVAS development team offers support for any efforts to create binary
packages for the various Linux distributions in order have this new server
readily available for users as soon as possible. Please use our openvas-distro
mailing list for this purpose.


Many thanks to everyone who has contributed to this release since 1.0.0.rc1:
Matthew Mundell, Michael Wiegand.

Main changes since 1.0.0.rc1:
* A bug which caused NVT preferences to be saved incorrectly under certain
  circumstances has been fixed.


gsa 1.0.0.rc1 (2010-07-16)

This is the first release candidate of the optional gsa module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming gsa 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.

Main changes since 1.0.0-beta6:
* Support for LDAP and ADS has been added.
* A number of changes have been made to stay compatible with the updated OMP
  specification.
* Initial support for fetching targets from external sources has been added.
* Support for threat overrides has been added.
* Support for Syslog and SNMP escalators has been added.
* Support for agents has been improved.


gsa 1.0.0-beta7 (2010-05-28)

This is the seventh beta release of the optional gsa module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming gsa 1.0.

Many thanks to everyone who has contributed to this release:
Hartmut Goebel, Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix
Wolfsteller.

Main changes since 1.0.0-beta6:
* An issue which caused empty charts in the performance monitor has been fixed.
* An issue which caused a new task created with both an escalator and a schedule
  to lose the schedule has been fixed.
* Support for Internet Explorer 6 clients has been improved.
* Support for using the "Threat Level Change" escalator condition has been
  added.
* The handling of uploaded preference files has been improved.
* The handling of requests for nonexistent pages has been improved.
* Support for pausing of tasks has been added.
* Support for displaying CVSS scores and Risk Factor values has been added.
* The handling of errors during XSL transformation has been improved.
* The scan start time and end time for individual host are now displayed in the
  report.
* Support for excluding hosts without results from the report has been added.
* Support for filtering results based on CVSS scores has been fixed.


gsa 1.0.0-beta6 (2010-04-15)

This is the sixth beta release of the optional gsa module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming gsa 1.0.

Many thanks to everyone who has contributed to this release:
Stephan Kleine, Matthew Mundell, Mareike Piechowiak, Karl-Heinz Ruskowski,
Jan-Oliver Wagner and Michael Wiegand.

Main changes since 1.0.0-beta5:

* Support for ITG and CPE reports has been improved.
* Support for resuming stopped tasks has been added.
* Support for task scheduling has been added.
* Initial support for editing tasks has been added.
* Support for displaying the version of an installed feed has been added.
* A number of build issues have been fixed.
* The documentation available via the "?" icon has been updated.
* The gsad binary is now installed to /usr/sbin instead of /usr/bin.


gsa 1.0.0-beta5 (2010-03-04)

This is the fifth beta release of the optional gsa module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming gsa 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.

Main changes since 1.0.0-beta4:

* Support for notes has been added.
* Support for ITG and CPE reports has been added.
* Improved HTTP conformity.
* Significant speed-up.
* Various cosmetic changes of the html pages
  as well as of some report types.


gsa 1.0.0-beta4 (2010-02-05)

This is the fourth beta release of the optional gsa module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming gsa 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.

Main changes since 1.0.0-beta3:

* Improved HTTP conformity.
* Improved Feed synchronization support.
* Improved line wrapping in reports.
* A bug in the report pagination has been fixed.


gsa 1.0.0-beta3 (2010-01-27)

This is the third beta release of the optional gsa module
for the Open Vulnerability Assessment System (OpenVAS) leading up to the
upcoming gsa 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Felix Wolfsteller.

Main changes since 1.0.0-beta2:

* Improved HTTP conformity.
* Fixed resource leak.
* Improved input checking.
* Add option to run in chroot.


gsa 1.0.0-beta2 (2010-01-27)

This is the second beta release of the optional gsa module
for the Open Vulnerability Assessment System (OpenVAS) leading up to the
upcoming gsa 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner and Felix Wolfsteller.

Main changes since 1.0.0-beta1:

* Integrated online help extended. 
* Improved handling of feed management.
* Added support for administrator feature to edit
  scanner settings.
* Added support for administrator feature to edit
  user details (password, IP-based access rules).
* Allow "\" as part of a credential login name.
* Remain on the task page after deleting the
  task's last report.
* Improved handling of XML/HTML report exports.
* Added command line option "--listen", "--alisten",
  "--mlisten".


gsa 1.0.0-beta1 (2010-01-12)

This is the first beta release of the optional gsa module
for the Open Vulnerability Assessment System (OpenVAS) leading up to the
upcoming gsa 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner, Felix Wolfsteller and Michael Wiegand.

