Sagacity is not fully compatible with PHP 7.3. There are deprecation warnings and other possible unknown affects, so please use PHP 7.2 until we can thoroughly test.
Ubuntu.png - Add new Ubuntu checklist icon
Database_Baseline.zip - Update software detection tables
checklist.inc - Fix software icon detection for IE and SLES, and added detection for Ubuntu
software.inc - Fix bug adding extra spaces to software strings
parse_stig.php - Formatting and add save for when icon is updated
parse_stig_viewer.php - Add scan note when CKL file is missing or has empty <HOST_NAME> tag
Fix#87
In a previous pull config.inc file was overwritten and I missed committing the new HOST_LIST constant which resulted in a warning in the log file
fix#86
parse_excel_echecklist.php - change preg_match to a stripos method check for notes string and add update_Scan_Host_List call after importing all worksheets
database.inc - add a check for if appending a duplicate string to the checklist notes. add update_Target_Counts call when updating host list
fix#80, #10
Fix for Uninstall leaves www/exec #53 and other improvements
- Split regular installation and install-dev into separate scripts
- Streamlined the installation script (only requires <enter> at the end to move to setup)
- Redirected some unnecessary output to nul
- Made formatting changes to prettify the output
This should remedy the reported behavior of statuses quietly being changed to "Not Reviewed".
scan.inc - Added new set_Host_Error method to set the error value for a specific host
parse_excel_echecklist.php - explicitly check for the status to equal 1-of-7 expected values, if not, add note to finding, set scan error message, and default status to "Not Reviewed"
export.php - Added cell lock for A11:E{last row} with the default password of "sagacity" (all lowercase)
Fixes#80
Added a "group by STIG_ID" statement to fix a bug. This is a short-term fix as it will result in random VMS IDs populating where there is a duplicate. A real fix will require capturing the checklist ID and saving it as part of the VMS ID.
#78 fixed
Skip parsing orphan worksheet
Issue error if there are more than 100 targets in any worksheet
Save findings when you get above 1000
database.inc:
Comment out block of code to retrieve orphan findings to export to the eChecklist
setup.php:
Convert possible algorithms to lower case. (should fix bug that person on FB was seeing).
system.inc - fixed typo
parse_excel_echecklist.php - added functionality to assign OS and checklists based on worksheet contents
database.inc - Added a couple methods to support changes for #25
export.php - Minor change to OS listing and added add_cell_comment method to migrate scanner notes to a comment instead of the main note (separating the scanner and anaylst comments)
finding.inc - removed ID property to prevent duplicate findings from being added to the table
host_list.inc - deleted unused constructor
import.inc - formatting
db_schema.json - removed sagacity.findings.id field (making tgt_id and pdi_id new primary keys), and updated references
Database_Baseline.zip - updated routines for above change
background_results.php - fixed bug #19
export-ckl.php - performance adjustments
parse_excel_echecklist.php - performance improvements, ensure duplicate findings are not created, make eChecklist true status, update for removing findings.id field
parse_nvd_json_cve.php - convert reading json to array instead of object for reading CPEs (which were updated to CPE 2.3 instead of 2.2)
parse_* - remove findings.id field
database.inc - formatting, and update for removing findings.id field
index.php - ensure user can't import a host list without uploading a host list file
Fixed:
#65, #51, #28, #27, #10
