openvas-manager 6.0.9 (2016-08-30)

This is the ninth maintenance release of the openvas-manager 6.0 module for
the Open Vulnerability Assessment System release 8 (OpenVAS-8).

This release adds the new 'SCP' and 'SNMP' alert methods and addresses a number
of issues discovered after the release of OpenVAS Manager 6.0.8. It also
incorporates several improvements from the development branch of OpenVAS.
Please see below for a comprehensive list of changes.

Many thanks to everyone who contributed to this release:
Hani Benhabiles, Matthew Mundell and Timo Pollmeier.

Main changes compared to 6.0.8:
* Support for the new 'SCP' alert method has been added.
* Support for the new 'SNMP' alert method has been added.
* The documentation of the OMP protocol has been updated.
* Handling of report deltas has been improved.
* Handling of filtered host counts has been improved.
* An issue which caused long OSP scans to terminate prematurely has been fixed.
* Pagination handling has been improved.
* Handling of unknown severities has been improved.
* Handling of long inputs from the scanner has been improved.
* Clones of predefined report formats are now implicitly trusted.
* Handling of dependant resources in GET command responses has been improved.
* Support for filtering for orphaned permissions has been added.
* Log messages have been improved to include the resource name wherever
  possible.
* Log messages for internal error cases have been improved.
* The process title of processes handling scans will now contain the report
  UUID.
* An issue which cause an unfinished task with a schedule to be restarted on
  the second period instead of being resumed has been fixed.
* Resuming of scheduled slave scans has been improved.
* An issue which cause the NVT selection of an imported scan config to be empty
  under certain circumstances has been fixed.
* Handling of failed slave connections has been improved.
* An issue which caused users to appear multiple times in an observer list
  under certain circumstances has been fixed.
* Handling of empty credentials has been improved.
* Handling of targets belonging to another user has been improved.
* An issue which caused unrelated error messages to be shown when creating new
  tasks under certain circumstances has been fixed.
* An issue which cause the alive check setting to revert to its default value
  when cloning targets has been fixed.
* Handling of internal database backups has been improved.
* Results used in alerts are now sorted by severity.
* The 'Anonymous_XML' report format now strips even more potentially sensitive
  information.
* Signal handling has been improved.


openvas-manager 6.0.8 (2016-02-26)

This is the eighth maintenance release of the openvas-manager 6.0 module for
the Open Vulnerability Assessment System release 8 (OpenVAS-8).

This release addresses a number of issues discovered after the release of
OpenVAS Manager 6.0.7 and incorporates several improvements from the development
branch of OpenVAS. Please see below for a comprehensive list of changes.

Many thanks to everyone who contributed to this release:
Hani Benhabiles and Matthew Mundell.

Main changes compared to 6.0.7:
* An issue which caused the trashcans of other users to be emptied as well when
  one user emptied their trashcan has been fixed.
* An issue which caused some scheduled tasks to sometimes not be executed when
  the Manager was started with disabled commands has been addressed.
* An issue which caused incorrect task counts under certain conditions has been
  addressed.
* The Verinice_ISM report format now support setting an "ISM Control
  Description" parameter.
* Support for automatically deleting older reports has been added.
* Handling of OSP errors has been improved.
* Documentation has been updated.


openvas-manager 6.0.7 (2015-12-21)

This is the seventh maintenance release of the openvas-manager 6.0 module for
the Open Vulnerability Assessment System release 8 (OpenVAS-8).

This release addresses a number of issues discovered after the release of
OpenVAS Manager 6.0.6 and incorporates several improvements from the development
branch of OpenVAS. Please see below for a comprehensive list of changes.

Many thanks to everyone who contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Michael Wiegand.

Main changes compared to 6.0.6:
* A new alert method "Send" has been added, for sending the report to a TCP
  listener.
* Support for using the 'Verinice Source ID' tag in the Verinice_ISM report
  format has been added.
* Support for triggering and alert when a powerfilter matches a certain number
  of results has been added.
* Support for importing OSP scan configs has been added.
* OSP support has been improved.
* An issue which caused a master to attempt to clean up non-existent
  credentials on its slave has been fixed.
* An issue which caused prognostic reports to be unavailable in the NBE report
  format has been fixed.
* An issue which caused a database migration to fail under certain
  circumstances has been fixed.
* An issue which caused overrides to not be applied in the CSV report format
  has been fixed.
* An issue which caused the internal scheduler to stop manually started tasks
  under certain circumstances has been fixed.
* An issue which made it possible to delete ESXi credentials while they were
  still be used by a task has been addressed.
* An issue which caused rebuild processes to hang under certain circumstances
  has been fixed.
* An issue which caused incorrect NVT counts under certain circumstances has
  been fixed.
* An issue which caused the "Attach HTML report" parameter to be absent from
  the Verinice_ISM report format has been fixed.
* The handling of slave task after a connection loss between master and slave
  has been improved.
* The handling of the "once" schedule has been improved.
* Database locking when rebuilding has been improved to prevent processes from
  accessing the database in an inconsistent state.
* Improved handling of signals during an active rebuild.
* A number of memory leaks have been removed.
* Documentation has been updated.
* Several performance improvements.


openvas-manager 6.0.6 (2015-09-28)

This is the sixth maintenance release of the openvas-manager 6.0 module for
the Open Vulnerability Assessment System release 8 (OpenVAS-8).

This release addresses a number of issues discovered after the release of
OpenVAS Manager 6.0.5 and incorporates several improvements from the development
branch of OpenVAS. It raises the required minimum OpenVAS Libraries version to
8.0.5. Please see below for a comprehensive list of changes.

Many thanks to everyone who contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Michael Wiegand.

Main changes compared to 6.0.5:
* The required minimum OpenVAS Libraries version has increased to 8.0.5.
* An issue which caused different permission when sharing objects in a group has
  been fixed.
* An issue with displaying error results when using dynamic severity has been
  fixed.
* Support for OSP parameter names has been improved.
* Conditions triggering a privilege drop are checked more precisely.
* An issue which cause the current_credentials table to be missing under certain
  circumstances has been fixed.
* The Verinice_ISM report format plugin has been updated.
* An issue which caused inconsistent severity values under certain circumstances
  has been fixed.
* The responsiveness under heavy load has been improved.
* Host details for slave tasks are now available during running tasks.
* Task user tags are now available in the report XML export.
* OSP scan details are now only requested once the scan has finished.
* NVTi cache update handling has been improved.
* Authentication failures are now logged.
* An issue which caused incorrect NVT counts in scan configurations has been
  addressed.


openvas-manager 6.0.5 (2015-08-03)

This is the fifth maintenance release of the openvas-manager 6.0 module for
the Open Vulnerability Assessment System release 8 (OpenVAS-8).

This release addresses a number of issues discovered after the release of
OpenVAS Manager 6.0.4 and incorporates several improvements from the development
branch of OpenVAS. Please see below for a comprehensive list of changes.

Many thanks to everyone who contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Michael Wiegand.

Main changes compared to 6.0.4:
* An issue which caused reports to appear empty due to report generation scripts
  being installed with insufficient permissions has been fixed.
* An issue which caused processes spawned by OpenVAS Manager when executing
  schedules to miss signals when executing scheduled task due to an overly
  restrictive signal mask has been fixed.
* An issue which caused credentials to not be used when a user ran
  a task for which the target credentials were owned by another user has been
  addressed.
* The activation and expiration time of certificates used for OSP scanners is
  now properly verified.
* The handling of dynamic severities for OSP results has been improved.
* Usernames are now allowed to contain dot (".") characters.
* Manager now uses "zh_CN" instead of "zh" when referring to the Chinese
  language.
* Support for configurable subjects and messages in email alerts has been added.
* Support for ports in OSP results has been added.


openvas-manager 6.0.4 (2015-07-09)

This is the fourth maintenance release of the openvas-manager 6.0 module for
the Open Vulnerability Assessment System release 8 (OpenVAS-8).

This release addresses a number of issues discovered after the release of
OpenVAS Manager 6.0.3 and incorporates several improvements from the development
branch of OpenVAS. Please see below for a comprehensive list of changes.

Many thanks to everyone who contributed to this release:
Benot Allard, Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Michael
Wiegand.

Main changes compared to 6.0.3:
* An issue which caused duplicate scan results under certain circumstances has
  been fixed.
* An issue which caused a segmentation fault when deleting tasks referring to
  nonexistent targets from the trash can has been fixed.
* An issue which caused scheduled tasks to be executed multiple times when
  multiple users had the correct permissions has been fixed.
* An issue which caused processes spawned by OpenVAS Manager to miss signals
  when executing scheduled task due to an overly restrictive signal mask has
  been fixed.
* An issue which caused results not in the critical range to be not displayed
  when using the PCI-DSS severity class type has been addressed.
* An issue which cause global users to be missing from selection when creating
  new permissions has been addressed.
* An issue which caused the result description to not be imported correctly when
  importing reports has been fixed.
* An issue which caused results with the "Log" level to be missing from reports
  when using the PostgreSQL back end has been fixed.
* An issue which caused an internal error when using invalid minimum CVSS base
  values has been addressed.
* An issue with incorrect result counting has been addressed.
* Performance of database access when a report is created from an alert has been
  improved.
* CVE results from OSP scanners with known CVEs now automatically use the CVE
  severity.
* The critical range for the PCI-DSS severity class type now correctly starts at
  4.0 instead of 4.3.
* Handling of CVEs associated with results has been improved.
* Users are now allowed to create a resource permission if they have GET access
  to the subject instead of MODIFY access.
* Several support scripts are now executed directly instead of via an additional
  shell.
* The RFP "generate" scripts are now installed with executable permissions.
* A number of issues found with static code analysis have been addressed.
* The QoD value for "general_note" results is now set correctly.
* Support for filtering reports by CVE has been added.
* Timestamp support has been added for OSP scan results.


openvas-manager 6.0.3 (2015-05-11)

This is the third maintenance release of the openvas-manager 6.0 module for
the Open Vulnerability Assessment System release 8 (OpenVAS-8).

This release adds the "Verinice ITG" report format to the list of predefined
report formats and improves the handling of QoD information in report lists. It
also fixes an issue with signal handling and improves cross device support.

Many thanks to everyone who contributed to this release:
Matthew Mundell and Timo Pollmeier.

Main changes compared to 6.0.2:
* Cross device support when deleting RFPs has been improved.
* The "Verinice ITG" report format is now a predefined report format.
* An issue which caused processes spawned by OpenVAS Manager to miss signals
  due to an overly restrictive signal mask has been fixed.
* The handling of QoD information in report lists has been improved.


openvas-manager 6.0.2 (2015-04-30)

This is the second maintenance release of the openvas-manager 6.0 module for
the Open Vulnerability Assessment System release 8 (OpenVAS-8).

This release adds support for listening on IPv6 addresses, fixes inconsistencies
in the reported severity level and improves the handling of search phrases.

Many thanks to everyone who contributed to this release:
Hani Benhabiles, Miguel Angel Cabrera Moya, Sven Haardiek, Timo Pollmeier, Ryan
Schulze and Michael Wiegand.

Main changes compared to 6.0.1:
* Support for listening on IPv6 addresses has been added.
* An issue which caused inconsistencies in the reported severity level when
  removing overrides in some circumstances has been addressed.
* Improved handling of exact search phrases in powerfilter.
* An issue which cause the search phrase to not be applied properly when
  filtering NVTs has been addressed.
* Two new "--optimize" options have been added.
* The detection of the PostgreSQL include directories has been made more robust.
* An issue which prevented openvas-manager from building with GLib =< 2.32 has
  been addressed.


openvas-manager 6.0.1 (2015-04-01)

This is the first maintenance release of the openvas-manager 6.0 module for
the Open Vulnerability Assessment System release 8 (OpenVAS-8).

This release addresses various improvements and bug fixes of which
none is particularly outstanding, but not all just minor either.

Many thanks to everyone who contributed to this release:
Matthew Mundell, Timo Pollmeier and Michael Wiegand.

Main changes compared to 6.0.0:
* Treat missing filter keywords owner and permission as if they had the
  value "any". The old default behavior can be reproduced by using the
  keywords with an empty value.
* Task severity: Consider based on QoD default (70%) instead of 0%.
  This way the task severity matches the results severity when using
  defaults.
* Allow the user to create a permission if the user has "modify" access
  to the subject. This allows users to create permissions on roles owned
  by other users, for example.
* Bugfix to enable autoamtic update of CERT-Bund.
* Bugfix to re-add the cvss base vector of NVTs.
* Bugfixes/improvements about object managment for objects
  with dependencies dependencies (for example: target has
  credentials).
* Always set trust as "yes" for predefined report formats.
* Bugfix: Quote timezones as these can have multiple words.
* Bugfix: Get results severity based on user, not based on owner.
* Improved package config and build routine.
* Various minor bugfixes.


openvas-manager 6.0.0 (2015-03-17)

This is the first release of the openvas-manager 6.0 module for the Open
Vulnerability Assessment System release 8 (OpenVAS-8). The OpenVAS Manager is
the central management service between the actual security scanner and various
user clients.

OpenVAS Manager 6.0 introduces a large number of new and improved features, for
example scanner management, the alternative use of PostgreSQL as database back
end and Quality of Detection (QoD) information. It also introduces the new roles
"Guest", "Monitor" and "Super Admin". Please see the comprehensive list below
for more details.

Please make sure to read the INSTALL file for important installation and
migration information, even and especially if you have used OpenVAS Manager
before.

Many thanks to everyone who has contributed to this release:
Benot Allard, Michal Ambroz, Hani Benhabiles, Henri Doreau, Michael Meyer,
Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand.

Main changes compared to the 5.0 series:
* OpenVAS Manager now supports the alternative use of PostgreSQL as database
  back end instead of SQLite3.
* Support for Scanner Management has been added. This includes the configuration
  part for scanners accompanied with a new set of OMP commands (create_scanner,
  get_scanners, modify_scanner, delete_scanner and verity_scanner). Next, it
  covers the extensions of tasks with the selected scanner type and the
  extension of Scan Configurations to reflect different scanner types.
* Support for the new SecInfo subtype CERT-Bund Advisory (CERT_BUND_ADV) has
  been added.
* Support for QoD (Quality of Detection) information has been added.
* Support for mixing objects owned by different users has been extended.
* Support for a "Guest" role has been added.
* Support for a "Monitor" role has been added.
* Support for a "Super Admin" role has been added.
* Support for associating ESXi credentials with targets has been added.
* The new OMP command "GET_AGGREGATES" has been added in order to deliver data
  tables for use in diagrams.
* Support for task charts has been added.
* Support for filtering NVTs based on their script_tags has been added.
* A new "Modify Task" wizard has been added.
* Support for displaying solution type information has been added.
* Support for internal database optimization has been added.
* Support for ownership of users, roles, groups and permissions has been
  introduced.
* Support for the changing of user names has been added.
* Support for Once-off schedules has been added.
* Support for limiting the number of times a task runs with a periodic schedule
  has been added.
* Support for splitting the CPE dictionary has been added to the SCAP data
  synchronization script.
* The "xml_split" helper script for splitting SCAP data is now installed by
  default.
* Report powerfilters now support the "timezone" keyword.
* The OMP version is now included in reports.
* Tasks on slaves are now stopped when the controlling master is terminated.
* Alterable task now stay alterable even when their last report has been
  removed.
* Solution type information is now included in report formats.
* OpenVAS Manager will no longer abort if previous attempts to the rebuild or
  update the database have failed.
* The results table and the OMP results objects have been extended.
* The "Anonymous XML" report format has been added.
* Support for displaying host authentication results has been added to the
  LaTeX, PDF and HTML reports.
* The GET_INFO command can now be used for NVTs as well.
* Support for "openvasrc" files has been removed from OMP.
* For SSH credentials, the certificate is now extracted from private key when
  needed.
* Preemptive Scanner connecting has been removed. Manager now only connects on
  NVT cache update or task starting, resuming and stopping. This improves
  response time.
* Support for the task pausing feature has been removed. This includes the
  removal of OMP commands "pause_task" and "resume_paused_task".
* Support for the target locators feature has been removed. This includes the
  removal of the OMP command "get_target_locators".
* The "--slisten" and "--sport" command line options have been removed as they
  are now part of the scanner properties.
* An issue which caused individual NVT timeout values to not be transferred
  to slaves has been fixed.
* The "--list-users" command line option has been renamed to "--get-users".
* The "--role" command line option now applies to "--get-users" as well.
* The "get_results" OMP command now behaves more consistent with other get_...
  OMP commands.
* The task name is now included in more report formats.
* The value of the NVT tag "affected" is now included in more report formats.
* The performance has been improved in a number of places.
* The strategy of SQL retries in high-load situation has been improved.
* The handling of user groups when dropping privileges has been improved.
* The manager will now retry starting of scheduled tasks when the start OMP fails.
* Sorting of numerical values has been improved.
* Library checks during package configuration have been improved and are now
  more comprehensive and consistent.
* Signal handling has been improved.
* The OMP protocol documentation has been updated.
* Code cleanups.

Main changes compared to 6.0+beta6:
* Solution type information is now included in report formats.
* An issue with empty scan end times has been fixed.
* Performance of report result counting has been improved.
* A check which resulted in scheduled tasks not starting at all if they could
  not start within a short interval has been removed.
* Signal handling has been improved.
* Support for splitting the CPE dictionary has been added to the SCAP data
  synchronization script.
* OpenVAS Manager will no longer abort if previous attempts to the rebuild or
  update the database have failed.
* The "Anonymous XML" report format has been added.
* The OMP protocol documentation has been updated.
* The GET_INFO command can now be used for NVTs as well.
* Result in report results counting and caching functions now use a default
  minimum QoD of 70 for consistency.
* Support for displaying host authentication results has been added to the
  LaTeX, PDF and HTML reports.
* Support for CERT-Bund advisories has been improved.
* An issues which caused a segmentation fault when rebuilding the database of 32
  bit installations under certain circumstances has been fixed.
* The "xml_split" helper script for splitting SCAP data is now installed by
  default.
* Support for mixing of the current user's targets and tasks, with other
  people's targets and tasks has been added.
* Support for mixing of the current user's configs and tasks, with other
  people's configs and tasks has been added.
* Support for mixing of the current user's scanners and tasks, with other
  people's scanners and tasks has been added.
* Support for mixing of the current user's port lists and targets, with other
  people's port lists and targets has been added.
* Support for mixing of the current user's credentials and targets, with other
  people's credentials and targets has been added.
* Support for mixing of the current user's report formats and alerts, with other
  people's report formats and alerts has been added.
* Support for mixing of the current user's filters and alerts, with other
  people's filters and alerts has been added.
* Code cleanups.


openvas-manager 6.0+beta6 (2015-02-11)

This is the sixth beta version of the upcoming 6.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanners and various user clients.

This release improves support for OSP scanner and introduces support for
Quality of Detection (QoD) information. It also adds support for once-off
schedules, for limiting the number of times a task runs with a periodic
schedule and for more resource mixing between users. It also contains a number
of bug fixes and various other improvements.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Michael Wiegand.

Main changes since 6.0+beta5:
* Support for OSP host details has been added.
* Support for modifying an existing scanner has been added.
* Support for Once-off schedules has been added.
* Support for limiting the number of times a task runs with a periodic schedule
  has been added.
* Enable mixing of the current user's alerts, schedules and tasks, with other
  people's alerts, schedules and tasks, when permissions allow it.
* Support for Quality of Detection (QoD) information has been introduced.
* A segmentation fault which occurred when deleting users using the
  "--delete-user" parameter has been fixed.
* An issue which caused individual NVT timeout values to not be transferred
  to slaves has been fixed.
* An issue with NVT counting in scan configs has been fixed.
* Incorrect column name in the SCAP database have been fixed.
* An issue with result counting when using certain filters has been fixed.
* An issue which prevented the Super Admin from cloning certain objects has been
  fixed.
* An issue with running scheduled tasks with durations has been fixed.
* Tasks on slaves are now stopped when the controlling master is terminated.
* Alterable task now stay alterable even when their last report has been
  removed.
* The default value for the "autofp" setting used for alerts has been changed
  to 0 for consistency with other views.
* Report lists now ensure that a apply_overrides value is set.
* Sorting of numerical values has been improved.
* Handling of missing report format plugins for alerts has been made more
  consistent.
* Library checks during package configuration have been improved and are now
  more comprehensive and consistent.
* OSP support has been improved.
* PostgreSQL support has been improved.
* The OMP documentation has been updated.
* Documentation of database optimization has been improved.
* Code cleanups.


openvas-manager 6.0+beta5 (2015-01-12)

This is the fifth beta version of the upcoming 6.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanners and various user clients.

This release improves support for the "Super Admin" permission, introduce
ownership for users, roles and groups, allow sharing of sensors and task
between users, adds a `--optimize` command line option, start work on
consolidation of the different RESUME_* OMP commands as well as fixes various
smaller issues.

Many thanks to everyone who has contributed to this release:
Timo Pollmeier, Jan-Oliver Wagner, Matthew Mundell, Michael Wiegand and Hani
Benhabiles.

Main changes since 6.0+beta4:
* Add settings for default resource selections on the "New Task" and "New
  Target" pages in GSA and get settings in Advanced Task Wizard.
* LaTeX report format improvement
* Retry starting of scheduled tasks when the start OMP fails.
* Add new "Modify Task" wizard.
* Add RESOURCE/TYPE to CREATE_PERMISSION, so that Super permissions can be
  created on Roles, Groups and Users.
* Add RESOURCE/TYPE to MODIFY_PERMISSION, so that editing of Super
  permissions works.
* Allow severity to be null in CERT-Bund and DFN-CERT Advisories, CPEs and OVAL
  definitions if no severity is available from CVEs.
* Performance improvement for GET_REPORTS.
* Add solution_type column to NVTs.
* Enable mixing of the current user's slaves and tasks, with other people's
  slaves and tasks, when permissions allow it.
* Add command line option --optimize, with arguments "analyze" and "vacuum".
* Add indices for NVTs, CVEs and CPEs and change init_aggregate_iterator to use
  them. Remove unused features from init_aggregate_iterator for	simplicity.
* Make --role apply to --get-users too.
* Introduce ownership of users, roles and groups.
* Major rewrite of the RESUME_* OMP commands.
* Introduce ownership of permissions.
* Account for Super permissions in asset reports.
* Add NEW_NAME to OMP MODIFY_USER, to allow changing of user names.


openvas-manager 6.0+beta4 (2014-11-21)

This is the fourth beta version of the upcoming 6.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanners and various user clients.

This release establishes support for PostgreSQL as an alternative database
backend. It also adds support for a "Super Admin" role and contains a number of
smaller improvements.

Many thanks to everyone who has contributed to this release:
Benot Allard, Michal Ambroz, Hani Benhabiles, Henri Doreau, Michael Meyer,
Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 6.0+beta3:
* OpenVAS Manager now supports the alternative use of PostgreSQL as database
  backend instead of SQLite3.
* Support for a "Super Admin" role has been added.
* Performance for iterating over host details has been improved.
* The handling of SIGABRT signals has been improved, ensuring an appropriate
  exit code if such a signal occurs.
* The handling of task end times has been improved.
* The strategy of SQL retries in high-load situation has been improved.
* Support for filtering NVTs based on their script_tags has been added.
* Logging has been improved.
* The handling of user groups when dropping privileges has been improved.
* Timezone usage has been improved.
* The build process has been adjusted for changes in OpenVAS Libraries.
* The OMP version is now included in reports.
* Code cleanups.


openvas-manager 6.0+beta3 (2014-10-14)

This is the third beta version of the upcoming 6.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanners and various user clients.

This release continues the efforts towards PostgreSQL support and support of
multiple scanners. It also introduces support for a "Monitor" role and for the
"timezone" keyword in report powerfilters and harmonizes the handling of the
creation time for the different SecInfo object types. A workaround for an issue
with SQLite versions before 3.8.3 is included as is support for task charts.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Michael Wiegand.

Main changes since 6.0+beta2:
* Further steps towards alternative use of PostgreSQL as database backend
  instead of SQLite3. The PostgreSQL support does not yet cover all of the
  OpenVAS Manager functionalities.
* Further steps for Scanner Management.
* Support for task charts has been added.
* Report powerfilters now support the "timezone" keyword.
* Handling of different SecInfo object creation times has been harmonized.
* Support for a "Monitor" role has been added.
* A workaround for an issue with concurrent SQLite processes when using SQLite
  versions older than 3.8.3 has been added.
* PostgreSQL support has been added to the various support scripts.
* Code cleanups.


openvas-manager 6.0+beta2 (2014-09-23)

This is the second beta version of the upcoming 6.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanners and various user clients.

This release continues the efforts towards PostgreSQL support and support of
multiple scanners. It also introduces support for a "Guest" role and for
associating ESXi credentials with targets, along with a number of smaller
improvements and code cleanup.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael
Wiegand.

Main changes since 6.0+beta1 series:
* Further steps towards alternative use of PostgreSQL as database backend
  instead of SQLite3. The PostgreSQL support does not yet cover all of the
  OpenVAS Manager functionalities.
* Further steps for Scanner Management.
* Support for a "Guest" role has been added.
* Support for associating ESXi credentials with targets has been added.
* The get_results command now behaves more consistent with other get_... OMP
  commands.
* The task name is now included in more report formats.
* The value of the NVT tag "affected" is now included in more report formats.
* GPLv2+ licence notices now contain the exact wording suggested by the Free
  Software Foundation.
* Code cleanups.


openvas-manager 6.0+beta1 (2014-08-23)

This is the first beta version of the upcoming 6.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanners and various user clients.

This release introduces first steps towards multi-scanner support, adds support
for SecInfo type "CERT-Bund" and extends the results object. Apart from this
the alternative support for PostgreSQL works to some extend but is not
complete yet.

Please make sure to read the INSTALL file for important installation and
migration information, even and especially if you have used OpenVAS Manager
before.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Michael Wiegand

Main changes since 5.0 series:
* Added first steps for Scanner Management. This includes the configration part
  for scanners accompanied with a new set of OMP commands (create_scanner,
  get_scanners, modify_scanner, delete_scanner and verity_scanner). Next,
  it covers the extensions of tasks with the selected scanner type and the
  extension of Scan Configurations to reflect different scanner types.
* First steps towards alternative use of PostgreSQL as database backend instead
  of SQLite3. The PostgreSQL support does not yet cover all of the OpenVAS Manager
  functionalities.
* Added new SecInfo subtype CERT-Bund Advisory (CERT_BUND_ADV).
* Added new OMP command GET_AGGREGATES in order to deliver data tables for
  use in diagrams.
* Extended results table and OMP results objects.
* Removed openvasrc file support from OMP.
* For SSH credentials, the public part is now extracted from private key
  when needed.
* Removed preemptive Scanner connecting. Connect only on NVT cache update
  or task starting, resuming and stopping. This improves response time.
* Removed task pausing feature. This includes the removal of OMP commands
  pause_task and resume_paused_task.
* Removed target locators feature. This includes the removal of the
  OMP command get_target_locators.
* First steps towards a QoD (Quality of Detection) concept as an attribute
  of the results.
* Rebuild CERT database as version 6 to apply fix for problems with CVEs
  in older DFN-CERT advisories.
* Increased limit of max number of hosts specified in user Host Access
  Control to 16,777,216.
* Removed --slisten and --sport options.
* Renamed --list-users to --get-users.
* Added --get-scanners.
* Added --create-scanner with --scanner-host, --scanner-port and
  --scanner-type options.
* Added --delete-scanner option.
* Added --verify-scanner option.
* Added --scanner-ca-pub, --scanner-key-pub and --scanner-key-priv
  command-line arguments.
* Added options --max-email-attachment-size and --max-email-include-size.
* Various minor improvements.
* Code cleanups.


openvas-manager 5.0.0 (2014-04-23)

This is the first release of the openvas-manager 5.0 module for the Open
Vulnerability Assessment System release 7 (OpenVAS-7). The OpenVAS Manager is
the central management service between the actual security scanner and various
user clients.

OpenVAS Manager 5.0 introduces a large number of new and improved features, for example
the entire user management is now done in OpenVAS Manager, tagging of objects,
"Severity" concept to replace "Threat" concept, Alive-Test property of Targets,
a number of new command line parameter, extended access control with groups, roles
and permissions.  For a complete list of changes, please refer to the list below.
The whole functionality is available via the extended protocol OMP 5.0.

Please make sure to read the INSTALL file for important installation and
migration information, even and especially if you have used OpenVAS Manager
before.

Many thanks to everyone who has contributed to this release:
Benot Allard, Hani Benhabiles, Henri Doreau, Rodolfo Gouveia, Andre Heinecke,
Werner Koch, Matthew Mundell, Timo Pollmeier, Stefan Schwarz, Stefan Sperling,
Jan-Oliver Wagner and Michael Wiegand.

Main changes since 4.0.x:
* User management has been consolidated in OpenVAS Manager. It was moved
  from OpenVAS Scanner and OpenVAS Administrator into OpenVAS Manager.
* New: Groups, Roles and Permissions.
* New: Tags.
* New: Default scan configurations "Discovery", "Host Discovery" and
  "System Discovery".
* New: Support for searching in the complete SecInfo data.
* New: Support for regular expression searching in the powerfilter.
* New: New "Severity" concept to replace "Threat" concept.
* Removed: OTP port forwarding.
* Removed: Support for obsolete scanner preferences.
* Improved: Support for the new host management offered by Scanner has been added.
* Improved: Schedule handling during long running operations.
* Changed: Simplified host access conrol replaces old rules-based concept.
* New: Support for Alterable Tasks.
* New: Support for Source Interface access control has been added.
* New: Alive Test property to Targets, which can override the scan config
  settings.
* Remove NVTs 810002 "CPE Inventory" and 810003 "Host Summary" from predefined
  configs.
* Orphaned results are now removed from the database when starting.
* The speed of retrieving a task details overview has been improved.
* Database rebuild performance has been improved.
* Performance with large databases has been improved.
* Updated: Verinice ISM report format plugin.
* Updated: The NBE report format plugin.
* New: Predefined report format CSV Hosts.
* New: Predefined report format CSV Results.
* New: Report format plugin for exporting TLS mapping results into a CSV file.
* New: User setting for preferred interface language.
* Logging has been improved and made more consistent.
* OpenVAS Manager will now attempt to reduce database fragmentation.
* Use UTF-8 for OTP.
* Report scanner loading progress to client/GSA.
* New: Support for user defined OVAL repositories in private subdirectories.
* The scripts for SCAP and CERT data synchronization have been improved.
* Handling of NVT risk factors has been removed as this is handled via CVSS scores now.
* The handling of the obsolete "subnet" element in the results has been
  removed.
* NVT descriptions are no longer stored separately in the database and thus no
  longer duplicate information already present in the NVT tags.
* The credential encryption keyring is now placed in var/lib/openvas/gnupg
  instead of etc/openvas/gnupg.
* Support for changing a user password on the command line has been added.
* New option --max-ips-per-target.
* New option --delete-user.
* New option --create-user.
* Add option --role, which allows to set the role with --create-user.
* The --migrate option now also migrates SCAP and CERT databases.
* New option "--list-users".
* Made --migrate succeed when the database has not yet been initialised.
* Add --gnutls-priorities option.
* Add --dh-params command-line option.
* The command line parameter "--disable-scheduling" has been added.
* The required minimum GnuTLS version has increased to 2.8.
* The required minimum OpenVAS Libraries version has increased to 7.0.0.
* Signature verification now uses the "gpgv" command.
* Make --rebuild and --update wait for scanner when scanner is busy
  loading NVTs.  This matches the behaviour when rebuild is called via
  SIGHUP.
* Startup speed has been improved.
* Add a utility to split huge xml files in a memory efficient way
* The handling of missing, inaccessible or corrupt database files has been
  improved.
* Moved some functions to openvas-libraries.
* Large number of small fixes and speed improvements.
* Code cleanup.

And additionally changes compared to 5.0+beta13:
* Added HELP permission check.
* New: Role "Info".
* Clean up of OMP and OMP documentation.


openvas-manager 5.0+beta13 (2014-04-10)

This is the thirteenth beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and its various user clients.

This release further improves role management and adds the MODIFY_ROLE OMP
command. It also features an improved startup speed and an updated OMP
documentation as well as improvements to the alive test and wizard
functionalities.

Many thanks to everyone who contributed to this release:
Matthew Mundell, Timo Pollmeier and Michael Wiegand.

Main changes since 5.0+beta12:
* The OMP command MODIFY_ROLE has been added.
* Role management has been improved.
* The OMP documentation has been updated.
* The handling of unavailable commands in the quick_task wizard has been
  improved.
* The command line parameter "--disable-scheduling" has been added.
* Startup speed has been improved.
* The alive test "TCP Service Ping" has been renamed to "TCP-ACK Service Ping".
* The alive test "TCP-SYN Service Ping" has been added.


openvas-manager 5.0+beta12 (2014-03-28)

This is the twelfth beta version of the upcoming 5.0 release of the OpenVAS
Manager. it is the central management service between the actual security
scanner and its various user clients.

This release add an OMP DELETE_ROLE commands and a --dh-params command-line
option to specify Diffie-Hellman ciphers parameters.

Many thanks to everyone who contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Jan-Oliver Wagner

Main changes since 5.0+beta11:
* Add OMP DELETE_ROLE.
* Add --dh-params command-line option.
* code cleanup


openvas-manager 5.0+beta11 (2014-03-26)

This is the eleventh beta version of the upcoming 5.0 release of the OpenVAS
Manager. it is the central management service between the actual security
scanner and its various user clients.

This release adds a --gnutls-priorities option to specify the cipher priority
as well as adds a CREATE_ROLE OMP command and solve a number of small issues.

Many thanks to everyone who contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Jan-Oliver Wagner

Main changes since 5.0+beta10:
* Get tags for resources by ROWID instead of UUID. Make iterator functions for
  active and orphan fields return int.
* Rename "attach_id" to "resource_uuid", "attach_type" to "resource_type" add
  resource rowid "resource" and "resource_location" to tags tables. Hence
  increase database version to 117.  Add database migration from version 116 to
  117.
* Change tag OMP elements accordingly and make them more consistent with the
  resource in permissions overall. Allow tags to be attached to resources in
  trash. Rename "orphaned" in tags to "orphan".
* Add OMP CREATE_ROLE.
* Remove NVTs 810002 "CPE Inventory" and 810003 "Host Summary" from predefined
  configs.  Hence increase database version to 116.  Add database migration
  from version 115 to 116.
* Drop sign_key_ids column from nvts table.  Hence increase database version to
  115.  Add database migration from version 114 to 115.
* Add alive test "Consider Alive".
* Add --gnutls-priorities option to Manager.
* Report scanner loading progress to client/GSA.
* Added regex-based parameter validation and support of alternative run modes,
  e.g. an init mode to get resource lists to display in the client, to wizards.
* Switch the type check on the filters associated with alerts from "report" to
  "result".  Alerts were migrated from "report" to "result" in db version 92.
* Code cleanup.


openvas-manager 5.0+beta10 (2014-03-18)

This is the tenth beta version of the upcoming 5.0 release of the OpenVAS
Manager. it is the central management service between the actual security
scanner and its various user clients.

This release Correct the behavior of the manager when called with --rebuild,
--update or --migrate in order to produce a more consistent experience, as
well as solve a number of small issues.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell and Jan-Oliver Wagner.

Main changes since 5.0+beta9:
* Remove handling of CERTIFICATES otp command.
* Make --rebuild and --update wait for scanner when scanner is busy
  loading NVTs.  This matches the behaviour when rebuild is called via
  SIGHUP.
* Add scan-time record of slave and source interface to reports.
* Remove handling of PLUGINS_DEPENDENCIES OTP command and get_dependencies
  OMP command.
* Make --migrate succeed when the database has not yet been initialised.
* Code cleanup.


openvas-manager 5.0+beta9 (2014-03-12)

This is the ninth beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and its various user clients.

This release introduces the new "System Discovery" config, improves handling of
the OpenVAS Scanner connection and fixes two issues related to UTF-8 encoded
text in overrides and notes and to result counts.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell and Michael Wiegand.

Main changes since 5.0+beta8:
* A new predefined "System Discovery" config has been added.
* The handling of the connection to the OpenVAS Scanner has been improved.
* An issue which caused a segmentation fault due to incorrect truncation of
  UTF-8 encoded text in overrides and notes has been fixed.
* An issue which caused incorrect result counts has been fixed.


openvas-manager 5.0+beta8 (2014-03-06)

This is the eighth beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and its various user clients.

This release adjusts the built-in Report Format Plugins (RFPs) to expect NVT
information to be in the new style. It also removes sections of unused code,
improves Host Discovery handling and fixes a password generation issue.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell and Michael Wiegand.

Main changes since 5.0+beta7:
* NVTs are expected to be in the new style by the built-in RFPs.
* Host Discovery will now fall back on more Ping Host defaults.
* An issue which resulted in unusable passwords for LSC credentials being
  generated in rare circumstances has been fixed.


openvas-manager 5.0+beta7 (2014-02-27)

This is the seventh beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and its various user clients.

This release fixes a large number of small issues.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Timo Pollmeier and Hani Benhabiles.

Main changes since 5.0+beta6:
* Update documentation about the alive tests property.
* Increase the OMP version to 5.0.
* Prevent targets curently used to be modified.
* Remove need for all elements to be given in MODIFY_TARGET.
* Large number of small fixes and improvements.


openvas-manager 5.0+beta6 (2014-02-16)

This is the sixth beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds user language setting, Alive Test property for Targets
and fixes a large number of small bugs.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Michael Wiegand
and Jan-Oliver Wagner

Main changes since 5.0+beta5:
* Add an Alive Test property to Targets, which can override the scan config
  settings.
* Added user setting for preferred interface language.
* Removed column "Most Severe Result(s)" from LaTeX/PDF report format plugin.
* New option "--list-users".
* Moved some functions to openvas-libraries.
* Severity classes added to report XML.
* Large number of small fixes and improvements.


openvas-manager 5.0+beta5 (2014-01-28)

This is the fifth beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release improves the reports to include a new results section.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Timo Pollmeier, Michael Wiegand, Benot Allard, and Jan-Oliver
Wagner

Main changes since 5.0+beta4:
* Update reports to use the new results sections.
* Add a utility to split huge xml files in a memory efficient way
* Large number of small fixes and improvements


openvas-manager 5.0+beta4 (2014-01-15)

This is the fourth beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds a couple of new command line options and report format
plugins.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Henri Doreau, Matthew Mundell Timo Pollmeier,
Jan-Oliver Wagner and Michael Wiegand.

Main changes since 5.0+beta3:
* Use UTF-8 for OTP.
* New option --max-ips-per-target.
* New predefined report format CSV Hosts.
* New predefined report format CSV Results.
* Extended report format plugin for verinice.
* New report format plugin for exporting TLS mapping results into a CSV file.
* Add option --delete-user.
* Rename option --first-user to --create-user.
* Add option --role, which allows to set the role with --create-user.
* New predefined config Host Discovery.
* Large number of small fixes and improvements, especially
  regarding permissions.
* The --migrate option now also migrates SCAP and CERT databases.


openvas-manager 5.0+beta3 (2013-11-22)

This is the third beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds support for Alterable Tasks and Source Interface access
control and features a reworked host access control concept replacing the old
rules based concept. It also features further integration of the new concepts
for severity and permission checks as well as numerous small improvements.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Andre Heinecke, Matthew Mundell, Timo Pollmeier, Stefan
Schwarz and Michael Wiegand.

Main changes since 5.0+beta2:
* Support for Alterable Tasks has been added.
* Support for Source Interface access control has been added.
* The host access control concept has been reworked, resulting in a removal of
  the old rules based concept.
* Support for the new "Severity" concept has been added in more places.
* Resource level permission checking has been improved.
* An issue which caused new databases to be initialised improperly has been
  fixed.
* NVT descriptions are no longer stored separately in the database and thus no
  longer duplicate information already present in the NVT tags.
* OpenVAS Manager will now attempt to reduce database fragmentation.
* The handling of the obsolete "subnet" element in the results has been
  removed.
* The NBE report format plugin has been updated.
* The verinice ISM report format plugin has been updated.
* Support for changing a user password on the command line has been added.
* Large number of small fixes and speed improvements.
* Code cleanup.
* Documentation has been updated.


openvas-manager 5.0+beta2 (2013-09-30)

This is the second beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release fixes an issue with autogenerated credentials being unable to
login. It adds support for new functionality added to OpenVAS Scanner since the
last OpenVAS Manager release and features a number of internal improvements
regarding performance, logging and scheduling.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Andre Heinecke, Werner Koch, Matthew Mundell, Timo Pollmeier,
Jan-Oliver Wagner and Michael Wiegand.

Main changes since 5.0+beta1:
* An issue which caused autogenerated credentials to fail to login has been
  fixed.
* Support for regular expression searching has been added to the powerfilter.
* Support for the new "Severity" concept has been added in a number of places.
* The greenbone-scapdata-sync and greenbone-certdata-sync scripts have been
  updated.
* Support for the new Scanner message type "Alarm" has been added.
* Support for OTP port forwarding has been removed.
* Support for obsolete scanner preferences has been removed.
* Support for the new host management offered by Scanner has been added.
* Logging has been improved and made more consistent.
* Schedule handling during long running operations has been improved.
* Orphaned results are now removed from the database when starting.
* Database rebuild performance has been improved.
* Performance with large databases has been improved.
* The NBE report format plugin has been updated.
* The verinice ISM report format plugin has been updated.
* Code cleanup.
* Documentation has been updated.


openvas-manager 5.0+beta1 (2013-06-25)

This is the first beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release moves user management to OpenVAS Manager from OpenVAS Scanner and
OpenVAS Administrator, introduces group and permissions management and tag
management among other new features.

Please note that this release changes the location of the credential encryption
key.

Please make sure to read the INSTALL file for important installation and
migration information, even and especially if you have used OpenVAS Manager
before.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Rodolfo Gouveia, Andre Heinecke, Werner Koch, Matthew Mundell,
Timo Pollmeier, Stefan Sperling, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 4.0 series:
* The credential encryption keyring is now placed in var/lib/openvas/gnupg
  instead of etc/openvas/gnupg.
* The required minimum GnuTLS version has increased to 2.8.
* The required minimum OpenVAS Libraries version has increased to 7.0.0.
* User management has been moved to OpenVAS Manager from OpenVAS Scanner and
  OpenVAS Administrator.
* Support for group and permission management has been added.
* Support for managing network service port names has been added.
* Tag management has been added.
* Handling of NVT risk factors has been removed as this is handled via CVSS scores now.
* Handling of the OTP protocol has been updated to match the changes in OpenVAS
  Libraries and OpenVAS Scanner.
* Support for user defined OVAL repositories in private subdirectories has been added.
* The scripts for SCAP and CERT data synchronization have been improved.
* Support for searching in the complete SecInfo data has been added.
* The speed of retrieving a task details overview has been improved.
* The handling of missing, inaccessible or corrupt database files has been
  improved.
* A default "Discovery" scan configuration hase been added.
* Signature verification now uses the "gpgv" command.
* The verinice ISM report format plugin has been updated.
* Code cleanup.
* Documentation has been updated.


openvas-manager 4.0+beta5 (2013-02-22)

This is the fifth beta version of the upcoming 4.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds support for accessing OVAL and DFN-CERT SecInfo data,
for encrypting credentials and for checking user passwords against a
policy. It also features improvements to the report performance,
Master-Slave communication and numerous smaller improvements.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Andre Heinecke, Werner Koch, Matthew Mundell, Timo
Pollmeier, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 4.0+beta4:
* New: Support for accessing OVAL SecInfo data.
* New: Support for accessing DFN-CERT SecInfo data.
* New: The risk factor of an NVT is now calculated from the CVSS score.
* New: Support for encrypted credentials has been added.
* New: Support for checking user passwords against a policy has been
  added.
* Extended: New object management now supports for schedules, tasks,
* slaves, report formats, port lists and scan configs.
* Improved: Override management now supports Powerfilter and Trashcan.
* Improved: Additional parameters in SCAP synchronization script.
* Improved: Handling of the SCAP database.
* Improved: Classification in the report format plugin for ISMS tool "verinice".
* Improved: Performance with large database.
* Improved: Handling of client timeouts during very long operations.
* Improved: Faster report format plugins LaTeX, TXT, HTML and PDF.
* Improved: Master-Slave communication.
* Improved: IPv6 address validation.
* Some functionality has been moved to the openvas-libraries module.
  This means that openvas-manager 4.0.+beta5 requires openvas-libraries
  6.0+beta5 or newer to build.


openvas-manager 4.0+beta4 (2012-11-05)

This is the fourth beta version of the upcoming 4.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release reveals a large number of new and improved features. Noteworthy
are the new features Auto-FP, Wizard-Framework, Multiple Alerts and the
extended Powerfilter that also was connected to more object classes.

Many thanks to everyone who has contributed to this release:
Sebastien Aucouturier, Andre Heinecke, Matthew Mundell, Jan-Oliver Wagner
and Michael Wiegand.

Main changes since 4.0+beta3:
* New: Auto-FP feature to filter out likely false positives in a report.
* New: Manage closed CVEs, as reported by the Scanner (trusted vendor updates).
* New: Multiple alerts can now be attached to a task.
* New: Wizard framework with first wizard "quick_first_scan" and user setting
  for wizard appearance.
* New: Management for Filter objects.
* New: Report format plugins for ISMS tool "verinice".
* New: Alert for sending results to a verinice .PRO server.
* Extended: Management for information such as CPE, including a extended SCAP
  data synchronization.
* Extended: Powerfilter now available for Reports.
* Extended: Powerfilters can now be attached to Alerts.
* Improved: Task overview now faster via extra caching methods.
* Improved: Handle daylight saving in schedules.
* Improved: Extended features of Powerfilter such as sorting and result ranges.
* Improved: When importing a report, now the host details are also imported.
* Improved: Reduced database locking times during some operations so that
  less blocking happens.
* Improved: Manager serves OMP even when the scanner is down.
* Improved: Notes management now supports Powerfilter and Trashcan.
* Improved: Added switch to control whether a task should contribute to asset
  management.
* Improved: Report exports now also contain the comment of the respective task.
* Improved: Report exports now also contain the family of NVTs.
* Improved: Faster report format plugins LaTeX and PDF.
* The ARF report format plugin is now a pre-defined format.
* Added creation and modification times to the powerfilter.
* Added handling of OTP 1.1.
* Improved: Hostname validation.
* Simplified Report Format Plugin handling for pre-defined plugins.
* Various bug fixes and small improvements.


openvas-manager 4.0+beta3 (2012-05-04)

This is the third beta version of the upcoming 4.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds support for disabling OMP commands and extends object
management.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Michael Wiegand.

Main changes since 4.0+beta2:
* Object management has been extended to support creation and modification
  times.
* Support for disabling OMP commands via the command line has been added.


openvas-manager 4.0+beta2 (2012-04-25)

This is the second beta version of the upcoming 4.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release contains an improved powerfilter feature, updated protocol
documentation and an improved target object management. It also fixes an issue
with the port list selection.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Michael Wiegand.

Main changes since 4.0+beta1:
* Improvements to the target object management; targets can now be edited when
  they are associated with a task and the task has not yet run.
* A bug which caused the port list selection to be empty has been fixed.
* The protocol documentation has been updated.
* The powerfilter now handles spaces in index filters.


openvas-manager 4.0+beta1 (2012-04-16)

This is the first beta version of the upcoming 4.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release introduces name change from Escalator to Alert and extended
handling of Target object lists.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Michael Wiegand.

Main changes since 3.0 series:
* Renamed Escalator to Alert.
* Added keyword filter, pagination and edit to Targets.
* New command line options --listen2 and --port2 for a second
  OMP address.


openvas-manager 3.0.0 (2012-03-26)

This is the first release of the openvas-manager 3.0 module for the Open
Vulnerability Assessment System release 5 (OpenVAS-5). The OpenVAS Manager is
the central management service between the actual security scanner and various
user clients.

OpenVAS Manager 3.0 represents a significantly advanced feature set. Most
notable is Asset Management, Port Lists, SecInfo Management with SCAP data,
delta reports and prognostic reports.
The whole functionality is available via the extended protocol: OMP 3.0.

Many thanks to everyone who has contributed to this release:
Henri Doreau, Stephan Kleine, Matthew Mundell, Jan-Oliver Wagner,
Michael Wiegand and Felix Wolfsteller.

Main changes since 2.0.x:

* New: Configuration object 'Port Lists'. 
* New: Integrated Asset Management.
* New: Security Information Database: Integrated SCAP data (CPE, CVE) including
  update method via feed service.
* New: Delta reports to analyse differences between two scans.
* New: Prognostic scans based on asset data and current SCAP data.
* New: Support for individual time zones for users.
* New: Tasks can be assigned "observes" for read-only access.
* New: Role "Observer" for read-only access.
* New: Support for notes/overrides lifetimes.
* New: Trashcan. It is now possible to place some objects in a trashcan
  instead of deleting them directly.
* New: Container tasks for importing reports.
* New: SSH port for Local Security Checks configurable.
* New: Product detections as reported by Scanner are handled to allow detailed
  cross-referenced detection information.
* Updated builtin Report Format Plugins HTML, Text and LaTeX/PDF to reflect
  various new features that are already present in GSA, including delta and
  prognostic reports. 
* Improved product detection information in results XML.
* Improved performance for massiv scanner results by using transaction groups.
* Improved Import of Target lists to allow comma-separated, line-by-line lists.
* Doubled entries in Target lists are now eliminated.
* New optional Report Format Plugin for ARF.
* OMP 3.0: All new functionalities form the new version 3.0 of the OpenVAS
  Management Protocol (OMP)
* Changed: Report format signatures no longer contain user editable fields.
* Support for large database files on 32-bit platforms has been improved.
* A bug which caused the filter result count to be calculated incorrectly when
  searching for text phrases has been fixed.
* Support for sorting results by CVSS score has been added.
* Support for importing results sent through the XML escalator has been added.
* The max_host and max_checks scan performance parameters have been moved from
  scan configs to tasks.
* An issue which caused meta data for NVTs in the "Credentials" family to be not
  present in the database has been fixed.
* A number of compiler warnings discovered by Stephan Kleine have been
  addressed.
* Scan start and end times are now set for imported reports.
* An issue which caused the import of very large reports to fail under certain
  circumstances has been fixed.
* The handling of long host lists has been improved.
* Security: Enforces strict permissions on sensitive OpenVAS Manager files.
* Security: Drop privileges before executing report format plugins if running with
  elevated privileges.
* Security: Ensures report formats are trusted before executing them.
* Support for escalating result to a Sourcefire Defense Center has been added.
* Support for using an SSH key pair for SSH authentication has been added.

And additionally changes compared to last release candidate 3.0+rc1:

* Extra report formats work standalone.
* Observer lists now may also use ',' as separator.
* Observers may now also create notes and overrides for observed tasks.
* Opservers with with Role observer are now allowed to see single results
  of the observed tasks.
* Added handling of ssh keys for authenticated tests for Master-Slave mode.
* The PID file is created earlier to avoid daemon handling believe there
  is an error.
* Build improvements for modern gcc.


openvas-manager 3.0+rc1 (2012-03-15)

This is the first release candidate of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds the Port Lists feature and updates the built-in reports
to cover delta and prognostic results.

Many thanks to everyone who has contributed to this release:
Henri Doreau, Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta8:
* Support for Port Lists has been added.
* Updated builtin Report Format Plugins HTML, Text and LaTeX/PDF to reflect
  various new features that are already present in GSA, including delta and
  prognostic reports. 
* Changed signing of Report Format Plugins to exclude comment.
* Improved product detection information in results XML.
* Improved performance for massiv scanner results by using transaction groups.
* Improved Import of Target lists to allow comma-separated, line-by-line lists.
* Doubled entries in Target lists are now eliminated.
* New optional Report Format Plugin for ARF.
* Updated OMP documentation.
* Various little bugs fixed.


openvas-manager 3.0+beta8 (2011-12-02)

This is the eigth beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds support for note lifetimes and for displaying additional
information in the HTML, LaTeX and TXT report formats. It also fixes an
incorrect result count for Asset Management results.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta7:
* Support for note lifetimes has been added.
* A bug which caused an incorrect result count in the Asset Management view has
  been fixed.
* Support for displaying the hostname and the note and override lifetimes has
  been added to the following report formats: HTML, LaTeX and TXT.


openvas-manager 3.0+beta7 (2011-11-23)

This is the seventh beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release improves the handling of timestamps in reports and uses report
format signatures without the user editable fields, ensure the trust level stays
correct if these fields have been changed.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta6:
* The handling of timestamps in reports has been improved.
* Report format signatures no longer contain user editable fields.


openvas-manager 3.0+beta6 (2011-11-16)

This is the sixth beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds support for listing NVTs addressing a certain CVE and for
override lifetimes. It fixes a bug in the threat level display and improves the
handling of SCAP data.

Many thanks to everyone who has contributed to this release:
Henri Doreau, Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta5:
* Support for listing NVTs addressing a certain CVE has been added.
* A bug which cause the wrong threat level to be displayed for tasks with
  multiple reports under rare circumstances has been fixed.
* Support for override lifetimes has been added.
* Support for displaying the SCAP update timestamp has been added.


openvas-manager 3.0+beta5 (2011-10-10)

This is the fifth beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds support for a number of new features, including asset
management, direct use of SCAP data, prognostic scans, task observers and
individual time zones for users. It also improves support for large database
files on 32-bit platforms.

NOTE: The Manager now expects the OpenVAS Scanner to send timestamps based on
the UTC time zone. Care must be take to use UTC for the Scanner or upgrade to
OpenVAS Scanner >= 3.3+beta2, which enforces the use of UTC internally.

Many thanks to everyone who has contributed to this release:
Henri Doreau, Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta4:
* Support for asset management been added.
* Support for using SCAP data directly has been added.
* A support script for retrieving SCAP data has been added.
* Support for prognostic scans has been added.
* Support for large database files on 32-bit platforms has been improved.
* Support for task observers has been added.
* Support for individual time zones for users has been added.


openvas-manager 3.0+beta4 (2011-07-21)

This is the fourth beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release resolves a minor issue discovered after the release of OpenVAS
Manager 3.0+beta3 and adds support for sorting results by CVSS. For details,
please refer to the list of changes below.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta3:
* A bug which caused the filter result count to be calculated incorrectly when
  searching for text phrases has been fixed.
* Support for sorting results by CVSS score has been added.
* Support for importing results sent through the XML escalator has been added.
* The max_host and max_checks scan performance parameters have been moved from
  scan configs to tasks.


openvas-manager 3.0+beta3 (2011-06-24)

This is the third beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release resolves several minor issues discovered after the release of
OpenVAS Manager 3.0+beta2 and adds support for delta reports. For details,
please refer to the list of changes below.

Many thanks to everyone who has contributed to this release:
Henri Doreau, Stephan Kleine, Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta2:
* Support for delta reports has been added.
* An issue which caused meta data for NVTs in the "Credentials" family to be not
  present in the database has been fixed.
* A number of compiler warnings discovered by Stephan Kleine have been
  addressed.
* A race condition which caused empty reports from the slave when running in
  master-slave mode under certain conditions has been fixed.
* Scan start and end times are now set for imported reports.


openvas-manager 3.0+beta2 (2011-05-19)

This is the second beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release resolves several minor issues discovered after the release of
OpenVAS Manager 3.0+beta1. For details, please refer to the list of changes
below.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta1:
* An issue which caused the import of very large reports to fail under certain
  circumstances has been fixed.
* An issue which caused the date of the scan end to be missing from scans if
  they were associated with an escalator created with an early Manager version
  has been fixed.
* The handling of long host lists has been improved.


openvas-manager 3.0+beta1 (2011-03-02)

This is the first beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release introduces a number of new features. For details, please refer to
the list of changes below.

Many thanks to everyone who has contributed to this release:
Stephan, Kleine, Matthew Mundell, Michael Wiegand and Felix Wolfsteller.

Main changes since 2.0 series:
* New feature: Trashcan. It is now possible to place objects in a trashcan
  instead of deleting them directly.
* Support for Host Details reported by OpenVAS Scanner has been added.
* Support for container task (imported reports) has been added.
* Support for specifying an SSH port for Local Security Checks has been added.
* Security: Enforces strict permissions on sensitive OpenVAS Manager files.
* Security: Drop privileges before executing report format plugins if running with
  elevated privileges.
* Security: Ensures report formats are trusted before executing them.
* Support for escalating result to a Sourcefire Defense Center has been added.
* Support for using an SSH key pair for SSH authentication has been added.
* The mail addresses supplied for an email escalator are now used in the correct
  order.


openvas-manager 2.0.2 (2011-03-02)

This is the second maintenance release of the openvas-manager 2.0 module for the
Open Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager
is the central management service between the actual security scanner and
various user clients.

This release closes a number of memory and resource leaks discovered after the
release of OpenVAS Manager 2.0.1, fixes the host count calculation and fixes an
issue which occurred when upgrading very old installations.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Michael Wiegand and Felix Wolfsteller.

Main changes since 2.0.1:
* The test infrastructure has been updated.
* A bug which caused the host count to be calculated incorrectly under certain
  circumstances has been fixed.
* A number of memory and resource leaks discovered by Felix Wolfsteller have
  been closed.
* A bug which caused database migration to fail when upgrading very old
  installations has been fixed.


openvas-manager 2.0.1 (2011-02-18)

This is the first maintenance release of the openvas-manager 2.0 module for the
Open Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager
is the central management service between the actual security scanner and
various user clients.

This release adds support for fallback system reports, changes the default value
of the "unscanned_closed" preference to "yes" for predefined configurations and
fixes an issue with signature verification in the manager. It also contains
improvements to report format signature infrastructure and fixes an issue with
the host name validation.

Many thanks to everyone who has contributed to this release:
Stephan Kleine, Matthew Mundell and Michael Wiegand.

Main changes since 2.0.0:
* Support for fallback system reports has been added in case where a full system
  report is unavailable.
* The expected location for signatures has been updated to match the FHS related
  changes in OpenVAS Scanner.
* The "unscanned_closed" preference now defaults to "yes" for predefined
  configs.
* The report format signature infrastructure has been improved.
* A bug which caused valid host names to be reject under certain circumstances
  has been fixed.


openvas-manager 2.0.0 (2011-02-08)

This is the first release of the openvas-manager 2.0 module for the Open
Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager is
the central management service between the actual security scanner and various
user clients.

OpenVAS Manager 2.0 represents a significantly advanced feature set. Most
notable is the new plugin-based report format framework which allows to produce
arbitrary scan reports (text, graphs, maps, connectors etc.). The new
master-slave mode allow to network multiple Manager instances. The whole
functionality is available via the extended protocol: OMP 2.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.

Main changes since 1.0.x:

* Report Format plugin framework. All previous reporting features were converted
  to plugins. The XML representation of a report is now the base for any plugin
  and thus consistency of reports is improved.

  Report Format Plugins can be set active so that they appear in the selection
  lists. Selections can consider content types so that for example only the
  plugins with content type "text" are offered as email body.

  It is possible to use parameters for the plugins so the user can adjust the
  behaviour of the Report Format to the individual preferences or needs.

  A verification method allows to distribute signatures for valid plugins via
  the NVT Feed.

* New default Report Format: TXT for simple text.

* New default Report Format: LaTeX for LaTeX source.

* New sample Report Format: Simple Bar Chart.
  Demonstrates how to use Gnuplot for graphical reports.

* New sample Report Format: Simple Topo Plot.
  Demonstrates how to use Graphviz for graphical reports.

* New sample Report Format: Simple Pie Chart.
  Demonstrates how to use PyChart for graphical reports.

* New sample Report Format: Simple Map Plot.
  Demonstrates how to use MapServer and GDAL for graphical reports.

* New sample Report Format: Sourcefire Host Input.
  Demonstrates that Report Formats can be used to build connectors.

* Master-Slave feature. Any OpenVAS Manager can use one or many other OpenVAS
  Manager as slave to run scans. The whole scan task is transferred to the
  slave, results are continuously reported to the Master during scan process.
  After the scan is finished all data are removed from the slave.

  The master can also retrieve system reports from the slave and thus can
  collect the performance overview for all configured slaves.

* New Escalator: HTTP GET. This allows for example to access text message (SMS)
  gateways or ticket management systems.

* Extended Escalator: For email escalation it is now possible
  to select from configured Report Formats to be included in the email body.

* Agents: A verification method was added. This allows to distribute signatures
  for valid agents via the NVT Feed.

* Credentials: Can now be edited. This allows to change the login name or
  password without the need to create a new scan configuration.

* Credentials: Auto-generated installer packages are now created on the fly. If
  the generators are improved, it is now easy to create an updated package for
  already existing credentials.

* Credentials: Credentials for SMB and SSH are now separated.

* OMP self-documentation: Part of the Managers' XML-based communication protocol
  OMP 2.0 is to deliver the full specification and documentation of the
  protocol itself (command "HELP"). It can be retrieved as XML-,
  RNC- or HTML representation.

* Targets: Various opportunities have been added to specify and combine IP
  ranges and ports.

* Tasks: The task overview is delivered much faster now.

* Reports: The report filtering is much faster now.

* Hardening flags are now enabled during compile time to increase code quality.

* Compliance with the GNU Coding Standards and the Filesystem Hierarchy
  Standard has been improved.

* A security-relevant bug has been fixed regarding email escalation methods.
  Configured OpenVAS users were able to damage installation and/or gain higher
  privileges.

Main changes since 2.0+rc4:
* The logging behaviour when started with --verbose has been improved.
* The w3af NVT is no longer part of the Full and fast default scan config.
* The build environment has been cleaned up.


openvas-manager 2.0+rc4 (2011-02-04)

This is the fourth release candidate for the upcoming 2.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next
generation of the Open Vulnerability Assessment System.

It fixes an issue in override creation and feature an improved documentation and
build environment and is now compliant to the Filesystem Hierarchy Standard
(FHS), version 2.3.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 2.0+rc2:
* Documentation has been updated.
* OpenVAS Manager now uses pkg-config to find required libraries.
* An issue which caused the creation of overrides to fail under some
  circumstances has been fixed.
* The installation is now compliant with Filesystem Hierarchy Standard (FHS
  2.3).


openvas-manager 2.0+rc3 (2011-01-21)

This is the third release candidate for the upcoming 2.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next
generation of the Open Vulnerability Assessment System.

It fixes a serious security bug and it is highly recommended to update any
installation of OpenVAS Manager 2.0 with this release. It also fixes a database
migration issue and introduces a better setting for the default logging.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 2.0+rc2:
* A security-relevant bug has been fixed regarding email escalation methods.
  Configured OpenVAS users were able to damage installation and/or gain higher
  privileges.
* An issue which caused database migration to fail under certain circumstances
  has been fixed.
* The default log level has been reduced to warning to prevent the logging of
  potentially sensitive information in the default configuration.


openvas-manager 2.0+rc2 (2011-01-10)

This is the second release candidate for the upcoming 2.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next
generation of the Open Vulnerability Assessment System.

This release features updated protocol documentation, masks passwords when LSC
package creation commands are logged and makes the output of --version compliant
with the GNU Coding Standards.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.

Main changes since 2.0+rc1:
* The protocol documentation has been brought up to date.
* The output of --version now complies with the GNU Coding Standards.
* Passwords are now masked when loggings LSC package creation commands.


openvas-manager 2.0+rc1 (2010-12-21)

This is the first release candidate for the upcoming 2.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next
generation of the Open Vulnerability Assessment System.

This release adds support for separate SMB and SSH credentials, for setting
per-target port ranges and for retrieving the total number of results matching
an applied filter.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 2.0+beta3:
* The protocol documentation has been improved.
* Target credentials for SMB and SSH are now separated.
* Support for setting the port range for a target has been added.
* Hardening flags are now enabled during compile time to increase code quality.
* Support for retrieving the total number of results matching an applied filter
  has been added.


openvas-manager 2.0+beta3 (2010-12-10)

This is the third beta version of the upcoming 2.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.  Release 2.0 is part of OpenVAS 4, the next
generation of the Open Vulnerability Assessment System.

This release includes further improvements to the protocol self-documentation
and fixes two issues regarding internal links in PDF reports and downloads of
LSC credential packages. It also enables NTLMSSP support for NVTs by default to
improve LSC behaviour for Microsoft Windows, makes escalator messages more
informational and LaTeX and PDF reports more consistent with other report
formats.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 2.0+beta2:
* The protocol self-documentation has been improved.
* NTLMSSP is now enabled by default.
* Escalator message now include more information.
* The LaTeX and PDF reports have been made more consistent with the other
  report formats.
* An issue which caused internal links in the PDF report to link to wrong
  results under certain circumstances has been fixed.
* An issue which caused some existing LSC credential packages to be empty on
  subsequent downloads under certain circumstances has been fixed.


openvas-manager 2.0+beta2 (2010-12-01)

This is the second beta version of the upcoming 2.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.  Release 2.0 is part of OpenVAS 4, the next
generation of the Open Vulnerability Assessment System.

This release includes a fix for incorrect counting in the ports overview and
features an improved protocol self-documentation, an improved logging
infrastructure and a speed up for LaTeX and PDF report generation.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 2.0+beta2:
* The protocol self-documentation has been improved.
* A number of superfluous log messages has been downgraded or removed.
* A bug which caused issues to be counted incorrectly in the ports overview has
  been fixed.
* The generation of PDF and LaTeX reports is now faster.


openvas-manager 2.0+beta1 (2010-11-19)

This is the first beta version of the upcoming 2.0 release of the
OpenVAS Manager. It is the central management service between
the actual security scanner and various user clients.
Release 2.0 is part of OpenVAS 4, the next generation
of the Open Vulnerability Assessment System.

OpenVAS Manager 2.0 represents a significantly advanced feature set.
Most notable is the new plugin-based report format framework which
allows to produce arbitrary scan reports (text, graphs, maps, connectors etc).
The new master-slave mode allow to network multiple Manager instances.
The whole functionality is available via the extended protocol: OMP 2.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.

Central new features of OpenVAS Manager 2.0:

* Report Format plugin framework. All previous reporting features
  were converted to plugins. The XML representation of a report
  is now the base for any plugin and thus consistency of reports
  is improved.

  Report Format Plugins can be set active so that they
  appear in the selection lists. Selections can consider
  content types so that for example only the plugins with
  content type "text" are offered as Email body.

  It is possible to use parameters for the plugins so the
  user can adjust the behaviour of the Report Format to
  the individual preferences or needs.

  A verification method allows to distribute signatures
  for valid plugins via the NVT Feed.

* New default Report Format: TXT for simple text.

* New default Report Format: LaTeX for LaTeX source.

* New sample Report Format: Simple Bar Chart.
  Demonstrates how to use Gnuplot for graphical reports.

* New sample Report Format: Simple Topo Plot.
  Demonstrates how to use Graphviz for graphical reports.

* New sample Report Format: Simple Pie Chart.
  Demonstrates how to use PyChart for graphical reports.

* New sample Report Format: Simple Map Plot.
  Demonstrates how to use MapServer and GDAL for graphical reports.

* New sample Report Format: Sourcefire Host Input.
  Demonstrates that Report Formats can be used to build connectors.

* Master-Slave feature. Any OpenVAS Manager can use one or many other
  OpenVAS Manager as slave to run scans. The whole scan task
  is transferred to the slave, results are continuously reported
  to the Master during scan process. After the scan is finished
  all data are removed from the slave.

  The master can also retrieve system reports from the slave and
  thus can collect the performance overview for all configured slaves.

* New Escalator: HTTP GET. This allows for example to access
  text message (SMS) gateways or ticket management systems.

* Extended Escalator: For EMail escalation it is now possible
  to select from configured Report Formats to be included in the
  Email body.

* Agents: A verification method was added. This allows to
  distribute signatures for valid agents via the NVT Feed.

* Credentials: Can now be edited. This allows to change the login
  name or password without the need to create a new scan configuration.

* Credentials: Auto-generated installer packages are now created on
  the fly. If the generators are improved, it is now easy to create
  an updated package for already existing credentials.

* OMP self-documentation: Part of the Managers' XML-based communication protocol
  OMP 2.0 is to deliver the full specification and documentation of the
  protocol itself (command "HELP"). It can be retrieved as XML-,
  RNC- or HTML representation.

* Targets: Various opportunities have been added to specify and combine IP ranges.

* Tasks: The task overview is delivered much faster now.

* Reports: The report filtering is much faster now.


openvas-manager 1.0.0 (2010-07-29)

This is the 1.0.0 release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS).

OpenVAS Manager 1.0 represents almost 2 years of intensive work.  The mission of
OpenVAS Manager is to offer powerful and comfortable vulnerability management on
top of the actual vulnerability scanner, OpenVAS Scanner 3.1.

The OpenVAS Manager is a layer between the OpenVAS Scanner and various client
applications. The upcoming clients cover web, desktop and command line
technology and will replace the classic OpenVAS Client.

Central features of OpenVAS Manager are:

* New XML-based protocol OMP (OpenVAS Management Protocol) which client tools
  use to control scans, results, etc.

* SQL database where configurations, scan results etc. are stored. Thus, clients
  do not need to keep local storage anymore.

* Full control of scan processes. This includes multiple concurrent scans as
  well as stopping, pausing, resuming and not at least the scheduling of scans.

* Management of scan notes, false positives and result escalators (notification
  on finished scans).

OpenVAS Manager is Free Software (Open Source), licensed under GNU General
Public License Version 2 or any later version.

The first compatible client application to be released will be the web client
GSA (Greenbone Security Assistant), approximately next week.
Beta- and alpha versions of various clients are already available for download.

The OpenVAS development team offers support for any efforts to create binary
packages for the various Linux distributions in order have this new server
readily available for users as soon as possible. Please use our openvas-distro
mailing list for this purpose.

Many thanks to everyone who has contributed to this release since 1.0.0.rc1:
Stephan Kleine, Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix
Wolfsteller.

Main changes since 1.0.0.rc1:
* A number of build issues has been addressed.
* The code documentation has been updated.
* Code cleanup: Internal error handling has been made more consistent.
* A potential ressource leak identified by static analysis has been fixed.
* A bug which caused NVT preferences to be displayed incorrectly has been
  fixed.


openvas-manager 1.0.0.rc1 (2010-07-15)

This is the first release candidate of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming
openvas-manager 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Michael Wiegand and Felix Wolfsteller.

Main changes since 1.0.0-beta7:
* Code cleanup: Internal resource management has been improved to use UUIDs in
  more places.
* Support for agents has been improved.
* Support for external target sources has been added.
* A bug which caused PDF exports to fail if the NVT description contained
  certain characters has been fixed.
* A bug which caused hosts in the scan result to be sorted incorrectly under
  certain circumstances has been fixed.
* Support for defining threat overrides has been added.
* Some OMP commands have been renamed and adjusted to make the protocol more
  concise and useful.
* Support for event logging has been added.
* Support for syslog escalators has been added.
* The documentation has been updated.


openvas-manager 1.0.0-beta7 (2010-05-28)

This is the seventh beta release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming
openvas-manager 1.0.

IMPORTANT: Since version 1.0.0-beta6, the manager uses certificate based
authentication to authenticate against an openvas-scanner. Please do read the
INSTALL file provided with openvas-manager and make sure you have
openvas-scanner 3.0.2 or higher before installing this manager version!

Many thanks to everyone who has contributed to this release:
Stephan Kleine, Matthew Mundell, Michael Wiegand and Felix Wolfsteller.

Main changes since 1.0.0-beta6:

* A large amount of code which was present in both openvas-manager and
  openvas-administrator has been moved to openvas-libraries.
* An issue that caused started tasks to remain in the "Requested" stage
  indefinitely has been fixed.
* An issue that caused incorrect values of the scan progress under certain
  conditions has been fixed.
* A new escalator condition has been add: Threat Level Changed.
* Open ports are now included in scan reports even if no vulnerability was
  detected on that port.
* Support for CVSS scores and Risk Factors has been improved.
* Support for excluding host without any results from the report has been added.


openvas-manager 1.0.0-beta6 (2010-04-15)

This is the sixth beta release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming
openvas-manager 1.0.

IMPORTANT: The manager now uses certificate based authentication to authenticate
against an openvas-scanner. Please do read the INSTALL file provided with
openvas-manager and make sure you have openvas-scanner 3.0.2 or higher before
installing this manager version!

Many thanks to everyone who has contributed to this release:
Hartmut Goebel, Stephan Kleine, Matthew Mundell, Joseph Sokol-Margolis,
Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.

Main changes since 1.0.0-beta5:

* A bug which caused incorrect NVT counts in the scan config under certain
  circumstances has been fixed.
* The manager now uses certificate based authentication.
* Support for resuming stopped tasks has been added.
* Support for task scheduling has been added.
* The openvasmd binary will now install into /usr/sbin instead of /usr/bin.


openvas-manager 1.0.0-beta5 (2010-03-04)

This is the fifth beta release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming
openvas-manager 1.0.

Many thanks to everyone who has contributed to this release:
Stephan Kleine, Matthew Mundell and Felix Wolfsteller.

Main changes since 1.0.0-beta4:

* More internal data structures are now identified by UUID and not by
  name.
* Several build issues have been fixed.
* Note management has been introduced.
* Support for handling ITG and CPE reports has been added.
* OTP forwarding is now disabled by default.


openvas-manager 1.0.0-beta4 (2010-02-08)

This is the fourth beta release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming
openvas-manager 1.0.

Many thanks to everyone who has contributed to this release:
Stephan Kleine and Matthew Mundell.

Main changes since 1.0.0-beta3:

* More internal data structures are now identified by UUID and not by
  name.
* A bug which prevented PDF reports to be generated from certain results due to
  unescaped LaTeX characters has been fixed.
* A number of formatting and casting issues found by Stephan Kleine have been
  fixed.
* The man page has been updated.


openvas-manager 1.0.0-beta3 (2010-02-05)

This is the third beta release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming
openvas-manager 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Felix Wolfsteller.

Main changes since 1.0.0-beta2:

* Nmap is now the default port scanner for predefined configurations.
* The man page has been updated.
* LSC credential management has been improved.
* A number of internal data structures are now identified by UUID and not by
  name.
* The manager now converts all input from the scanner to UTF-8.
* The encoding of the LaTeX report has been switch to UTF-8.
* A bug that caused some settings to be ignored during scan configuration import
  has been fixed.


openvas-manager 1.0.0-beta2 (2010-01-26)

This is the second beta release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS) leading up to the
upcoming openvas-manager 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Felix Wolfsteller.

Main changes since 1.0.0-beta1:

* Deleting of active reports is prevented.
* Introduced ownership for all objects.
  This makes objects (like a "target") not
  appear for other users anymore.
* Improved ISO-8859-1 to UTF-8 conversion hacks.
* Allowed "\" for login names (important for windows)
* Send users host restrictions ("rules") via OTP when
  starting a scan.
* Activated NSIS package generator for credentials management.
* Filter out potentials passwords from logging.
* Introduced UUIDs for users.
* Improved PDF report generator.


openvas-manager 1.0.0-beta1 (2010-01-12)

This is the first beta release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS) leading up to the
upcoming openvas-manager 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Felix Wolfsteller and Michael Wiegand.

Main changes since 0.9.8:

* Agent support has been improved.
* Escalation support has been added.
* A bug in PDF generation which could cause the manager to stay in an infinite
  loop under certain conditions has been fixed.
* Support for exporting scan configurations has been added.
* Support for performance monitoring has been added.
* An issue which could cause some preferences not to be sent to the scanner has
  been fixed.
* Initial searching support has been added.


openvas-manager 0.9.8 (2009-12-21)

This is the fourteenth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner, Felix Wolfsteller and Michael Wiegand.

Main changes since 0.9.7:

* Database performance has been improved.
* Credential management has been improved.
* Initial agent support has been added.
* Support for cross-referencing in tasks, configs and targets has been added.


openvas-manager 0.9.7 (2009-12-08)

This is the thirteenth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Michael Wiegand and Tim Brown.

Main changes since 0.9.6:

* A bug which caused the number of selected NVTs within a family to be wrongly
  calculated under certain circumstances has been fixed.


openvas-manager 0.9.6 (2009-12-01)

This is the twelfth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Felix Wolfsteller.

Main changes since 0.9.5:

* Support for empty scan config templates has been added.


openvas-manager 0.9.5 (2009-11-30)

This is the eleventh development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Felix Wolfsteller.

Main changes since 0.9.4:

* Server preference handling has been improved.
* The build environment has been made more robust.
* Support for per-NVT timeouts has been added.
* The database upgrade has been made more flexible.
* The library used for UUID generation has been changed to a more widely
  available library.
* Updating of the internal cache has been improved.
* The layout of the PDF reports has been improved.
* An issue with long task start times has been fixed.
* Cache management has been improved.


openvas-manager 0.9.4 (2009-11-23)

This is the tenth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Felix Wolfsteller.

Main changes since 0.9.3:

* The layout of the PDF reports has been improved.
* A bug which broke DB migration under certain circumstances has been fixed.
* Support for NVT family retrieval and configuration management has been
  introduced.
* Cache management has been improved.


openvas-manager 0.9.3 (2009-11-09)

This is the ninth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Felix Wolfsteller and Michael Wiegand.

Main changes since 0.9.2:

* Database handling and migration has been improved.
* Code cleanup.
* NVT selection based on the family attributed has been introduced.
* Sorting parameters have been added to most data retrieval commands.
* Support for retrieving NVT preferences has been introduced.
* The NBE output has been harmonized with the NBE output of openvas-client.
* Support for filtering results has been added.
* The layout of the LaTeX reports has been improved.
* The layout of the PDF reports has been improved.


openvas-manager 0.9.2 (2009-10-26)

This is the eigth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Tim Brown, Matthew Mundell, Felix Wolfsteller, Jan-Oliver Wagner and Michael
Wiegand.

Main changes since 0.9.1:

* Improved preference caching.
* Support for migrating old openvas-manager databases has been added.
* Pidfile management has been refactored.
* LSC support has been improved.
* The layout of the LaTeX reports has been improved.
* Many more fixes and improvements.


openvas-manager 0.9.1 (2009-10-19)

This is the seventh development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Tim Brown, Matthew Mundell, Felix Wolfsteller, Jan-Oliver Wagner and Michael
Wiegand.

Main changes since 0.9.0:

* NVT preferences are now cached in the database.
* Support for storing and sending files has been added.
* Parsing of the NVT category has been fixed.
* Premature pidfile deletion has been fixed.
* The START_TASK response now contains the id of the report for this scan.
* Many more fixes and improvements.


openvas-manager 0.9.0 (2009-09-30)

This is the sixth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Mattew Mundell, Felix Wolfsteller and Jan-Oliver Wagner.

Main changes since 0.8.1:

* Moved OMP library to openvas-libraries
* openvas-libraries >= 3.0 now required
* Add support of OMP commands CREATE_LSC_CREDENTIAL,
  DELETE_LSC_CREDENTIAL and GET_LSC_CREDENTIALS.
* Many fixes and improvements

openvas-manager 0.8.1 (2009-09-14)

This is a maintenance release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS).

It contains a number of small improvements and bugfixes.


openvas-manager 0.7.0 (2009-08-21)

This is a maintenance release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS).

It contains considerable changes and vastly improved functionality.


openvas-manager 0.6.1 (2009-06-22)

This is a maintenance release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS).

It contains a few minor changes to improve compatibility with the Debian
packaging system and other OpenVAS modules.


openvas-manager 0.6.0 (2009-06-18)

This is the second public release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS).

It offers improved support for the new OpenVAS Management Protocol (OMP) and
new and improved functionality.
The following areas have been added or significantly improved:
- User authentication
- Task ID assignment (UUIDs)
- Retrieving checksums of the NVT collection
- NVT information retrieval
- Certificate handling

In addition, the protocol implementation has been updated to match
the specification more closely.


openvas-manager 0.5.0 (2009-05-08)

This is the first public release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS).

The OpenVAS Manager aims to be a layer between OpenVAS-Client and
the actual OpenVAS Server. Basically it should be responsible for
any tasks where no high system privileges are required.

This module is in an early development stage and not yet intended for
production use.

It is not mandatory to have OpenVAS Manager for using OpenVAS 1.0 or 2.0.

Usage example:
If openvasd is running on port 7772, the following command starts the manager
on port 1241.  The client can then connect to port 1241 as though it was
connecting to openvasd.

# openvasmd --port 1241 --sport 7772

More information about the command line arguments can be obtained using:

# openvasmd --help
