This article includes a list the new features and bug fixes that are included in Lucent Sky AVM 4.1.1, as well as known issues of this release.
For more information about this release, visit the blog post Lucent Sky AVM 4.1.1 released.
Updates in Lucent Sky AVM 4.1.1
-
Updates to CLI - The CLI has been a workhorse for many of Lucent Sky AVM's customers, who rely on it to integrate application vulnerability mitigation in their build routines. In the last release, we introduced asynchronized methods for all long-running operations, including Analyze, Import, Report and Mitigate. In v4.1.1, our engineering team redesigned the underlying engine of the CLI to improve its scalability and error reporting. If your build scripts or integration scripts were designed to work with a CLI version older than v4.1, they will need to be updated to work with the new CLI. For a list of changes made to the CLI, view this KB article.
-
Updates to IDE plug-ins - The IDE plug-ins for Visual Studio and Eclipse were both updated to take advantage of the new CLI.
-
Updates to Web UI - JavaScript libraries used by the Web UI were updated to improve performance. A UI-breaking bug in batch editor was also fixed.
-
Update on PHP mitigation - The algorithms used in mitigation for PHP applications have been updated, allowing more accurate Instant Fix placement.
-
Bug fixes - Several bugs were fixed in this release, among them are a bug causing report generation to fail for scans with a very large amount of results, and a bug causing scan to fail (instead of complete partially) on some ASP.NET web sites with syntax errors.
List of fixes included in Lucent Sky AVM 4.1.1
The result filter in Web UI is broken
You are unable to use the result filter to update the list of results being shown, such as modifying the rule and vector filters, or selecting a priority score.
This issue has been resolved in Lucent Sky AVM 4.1.1.
Known issues of Lucent Sky AVM 4.1.1
Source code and configuration analysis rules in a custom rule package are ignored
If a custom rule package includes rules for source code and configuration analysis, these rules are ignored. Other rules, such as those for binary analysis and for mitigation are not affected.
A hotfix is available. To obtain the hotfix, contact Lucent Sky support. This issue is expected to be resolved in Lucent Sky AVM 4.2.