Changes in Update Released on 20-Oct-2020
This Update includes the changes described in the following sections.
Issues Addressed in the 20-Oct-2020 Release
The following issues were addressed in the Update:
| Issue ID | Issue Summary |
|---|---|
| SCA-28504 | Components information |
| SCA-28691 | NVD Feed: Upgrading NVD CVE-Feeds APIs (1.0) to NVD CVE-Feeds APIs (1.1) |
| SCA-27621 | Difference in vulnerability information for 'expat' and 'libexpat-libexpat' component |
| SCA-28970 | NVD-Feed Fix and client release to Codeaware |
| SCA-17974 | Duplicate Inventory found for "gettext" and for the duplicate inventory as found license text is wrong |
| SCA-28740 | With fresh scan, name of inventory item zlib is changed to madler-zlib in codeinsight 2020R4. |
| SCA-27773 | Search terms need to be improved for few components |
| SCA-28288 | False Positives for zlib and libjpeg |
| SCA-28508 | Components information |
| SCA-22072 | Stunnel support in DL |
| SCA-27119 | Missing versions |
| SCA-29156 | Pycryptodomex missing encryption flag |
New Component Detection Rules in the 20-Oct-2020 Release
This Update introduces new Automated Analysis rules for the following components:
-
Retry.js
-
Jquery-mobile for react
-
Expat (version released 2.2.6)
-
Novell.Directory.ldap
-
Spawn.js
-
Jquery-vsdoc.js
-
CodeMirror
-
NUnit.Framework.dll
-
Rsvp.js
-
Twbs-bootstrap and Mathiasbynens-jquery-placeholder
-
Libwebsockets
-
Globalize 1.1.1
-
CPU Topology
-
JSON v3.3.0
-
Pyomo v5.0.1
-
CPU Topology 1.2.8 Class library
-
Text-markdown
-
Json v2.1.1
-
V8
-
Libuv