Changes in Update Released on 29-August-2024
This Update includes the changes described in the following sections.
Issues/Bugs Addressed
The following issues were addressed in the Update:
| Issue ID | Issue Summary |
|---|---|
| SCA-54501 | Fixed False positive vulnerability mappings to multiple maven components added by the legacy Maven Mapper. |
| SCA-53350 | Fixed license detection capability for CDDL-1.1 and GPL-2.0-with-classpath-exception licenses to remove false positive inventories |
| SCA-54217 | Deprecated the incorrect version (1.0.0.0) and added the correct license mappings to microsoft.web.infrastructure component. |
| SCA-54532 | Fixed the False positive license for freemarker 2.3.8. |
New/Update License Mappings Requests
- Added component and version level license mappings to the component "microsoft.web.infrastructure" (componentId: 3529708).
New/Update component_version Requests
- Deprecated the incorrect version (1.0.0.0) of microsoft.web.infrastructure component. (versionId: 9997221).
New/Update License Requests
- Updated license URL of FreeMarker License (licenseid: 1482)
Enhanced License Detection Capability for Licenses
License detection capability and license evidence mechanism for the following licenses were updated/added:
-
CDDL-1.1
-
GPL-2.0-with-classpath-exception
Collector Status
The following table lists Collector Status information.
| Name | Date of Last Successful Run |
|---|---|
| Alpine | 08/22/2024 |
| Clojars | 08/22/2024 |
| Cocoapods | 08/22/2024 |
| Conan | 08/22/2024 |
| Cpan | 08/22/2024 |
| Cran | 08/24/2024 |
| Crates | 08/25/2022 |
| Debian | 08/26/2024 |
| fedora-koji | 08/22/2024 |
| Github | 08/26/2024 |
| Gitlab | 06/06/2023 |
| Go | 08/05/2024 |
| Hackage | 08/25/2024 |
| maven2-ibiblio | 08/05/2024 |
| maven-google | 08/23/2024 |
| Npm | 08/27/2024 |
| nuget gallery | 08/16/2024 |
| packagist | 08/25/2024 |
| Pypi | 08/19/2024 |
| rubygems | 08/22/2024 |