Changes in Update Released on 20-Oct-2020
This Update includes the changes described in the following sections.
Issues Addressed in the 20-Oct-2020 Release
The following issues were addressed in the Update:
| Issue ID | Issue Summary |
|---|---|
| SCA-28504 | Components information |
| SCA-28691 | NVD Feed: Upgrading NVD CVE-Feeds APIs (1.0) to NVD CVE-Feeds APIs (1.1) |
| SCA-27621 | Difference in vulnerability information for 'expat' and 'libexpat-libexpat' component |
| SCA-28970 | NVD-Feed Fix and client release to Codeaware |
| SCA-17974 | Duplicate Inventory found for "gettext" and for the duplicate inventory as found license text is wrong |
| SCA-28740 | With fresh scan, name of inventory item zlib is changed to madler-zlib in codeinsight 2020R4. |
| SCA-27773 | Search terms need to be improved for few components |
| SCA-28288 | False Positives for zlib and libjpeg |
| SCA-28508 | Components information |
| SCA-22072 | Stunnel support in DL |
| SCA-27119 | Missing versions |
| SCA-29156 | Pycryptodomex missing encryption flag |
New Component Detection Rules in the 20-Oct-2020 Release
This Update introduces new Automated Analysis rules for the following components:
- Retry.js
- Jquery-mobile for react
- Expat (version released 2.2.6)
- Novell.Directory.ldap
- Spawn.js
- Jquery-vsdoc.js
- CodeMirror
- NUnit.Framework.dll
- Rsvp.js
- Twbs-bootstrap and Mathiasbynens-jquery-placeholder
- Libwebsockets
- Globalize 1.1.1
- CPU Topology
- JSON v3.3.0
- Pyomo v5.0.1
- CPU Topology 1.2.8 Class library
- Text-markdown
- Json v2.1.1
- V8
- Libuv