-
Notifications
You must be signed in to change notification settings - Fork 569
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #815 from mandiant/feature-3.0.3
v3.0.3
- Loading branch information
Showing
2 changed files
with
36 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,15 +1,44 @@ | ||
| # Change Log | ||
|
|
||
|
|
||
| ## master (unreleased) | ||
|
|
||
| ### New Features | ||
|
|
||
| ### Breaking Changes | ||
|
|
||
| ### New Rules (0) | ||
|
|
||
| - | ||
|
|
||
| ### Bug Fixes | ||
|
|
||
| ### capa explorer IDA Pro plugin | ||
|
|
||
| ### Development | ||
|
|
||
| ### Raw diffs | ||
| - [capa <release>...master](https://github.com/mandiant/capa/compare/v3.0.3...master) | ||
| - [capa-rules <release>...master](https://github.com/mandiant/capa-rules/compare/v3.0.3...master) | ||
|
|
||
|
|
||
| ## v3.0.3 (2021-10-27) | ||
|
|
||
| This is primarily a rule maintenance release: | ||
| - eight new rules, including all relevant techniques from [ATT&CK v10](https://medium.com/mitre-attack/introducing-attack-v10-7743870b37e3), and | ||
| - two rules removed, due to the prevalence of false positives | ||
|
|
||
| We've also tweaked the status codes returned by capa.exe to be more specific and added a bit more metadata to the JSON output format. | ||
|
|
||
| As always, welcome first time contributors! | ||
| - [email protected] | ||
| - [email protected] | ||
|
|
||
|
|
||
| ### New Features | ||
|
|
||
| - show in which function a BB match is #130 @williballenthin | ||
| - main: exit with unique error codes when bailing #802 @williballenthin | ||
|
|
||
| ### Breaking Changes | ||
|
|
||
| ### New Rules (8) | ||
|
|
||
| - nursery/resolve-function-by-fnv-1a-hash [email protected] | ||
|
|
@@ -20,21 +49,18 @@ | |
| - persistence/iis/persist-via-iis-module [email protected] | ||
| - persistence/iis/persist-via-isapi-extension [email protected] | ||
| - targeting/language/identify-system-language-via-api [email protected] | ||
| - | ||
|
|
||
| ## Removed rules (2) | ||
| - load-code/pe/parse-pe-exports: too many false positives in unrelated structure accesses | ||
| - anti-analysis/anti-vm/vm-detection/execute-anti-vm-instructions: too many false positives in junk code | ||
|
|
||
| ### Bug Fixes | ||
|
|
||
| ### capa explorer IDA Pro plugin | ||
|
|
||
| ### Development | ||
| - update references from FireEye to Mandiant | ||
|
|
||
| ### Raw diffs | ||
| - [capa v3.0.2...master](https://github.com/fireeye/capa/compare/v3.0.2...master) | ||
| - [capa-rules v3.0.2...master](https://github.com/fireeye/capa-rules/compare/v3.0.2...master) | ||
| - [capa v3.0.2...v3.0.3](https://github.com/fireeye/capa/compare/v3.0.2...v3.0.3) | ||
| - [capa-rules v3.0.2...v3.0.3](https://github.com/fireeye/capa-rules/compare/v3.0.2...v3.0.3) | ||
|
|
||
| ## v3.0.2 (2021-09-28) | ||
|
|
||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1 @@ | ||
| __version__ = "3.0.2" | ||
| __version__ = "3.0.3" |