openvas-manager 7.0.2 (2017-06-21)

This is the second maintenance release of the openvas-manager 7.0 module for the
Open Vulnerability Assessment System release 9 (OpenVAS-9). The OpenVAS Manager
is the central management service between the actual security scanners and the
user clients.

This release addresses a serious issue which could cause preferences of
unrelated tasks to be reset when deleting preferences associated with a task.

Many thanks to everyone who has contributed to this release:
Benot Allard, Matthew Mundell, Timo Pollmeier, Bjrn Ricks and Michael Wiegand.

Main changes since 7.0.1:
* An issue which caused preferences of unrelated tasks to be reset when deleting
  preferences associated with a task.
* An issue which caused deleting roles to fail under certain circumstances has
  been addressed.
* An issue which caused credential type names to be migrated incorrectly has
  been addressed.
* An issue which caused the 'Send to host' alert method to fail has been
  addressed.
* An issue which caused hostname queries to fail for hosts with multiple
  hostnames has been addressed.
* An issue which caused schedules to be triggered multiple times after a time
  shift (e.g. DST switch) has been addressed.
* An issue which caused deleting roles to fail under certain circumstances has
  been addressed.
* Handling of invalid time zones has been improved.
* An issue which caused a crash when importing private keys without a trailing
  newline character has been addressed.
* Support for increasing the IP limit per target via command line parameters has
  been reintroduced.
* Performance improvements.


openvas-manager 7.0.1 (2017-03-07)

This is the first maintenance release of the openvas-manager 7.0 module for the
Open Vulnerability Assessment System release 9 (OpenVAS-9). The OpenVAS Manager
is the central management service between the actual security scanners and the
user clients.

This release fixes various issues and especially improves the migration
routine from SQLite to PostgreSQL.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Bjrn Ricks, Michael Wiegand
and Jan-Oliver Wagner.

Main changes since 7.0.0:
* Lowered minimum for automatic report removal from 5 to 2.
* Bug fixes for long-duration schedules.
* Add authentication cache for LDAP and Radius.
* Improved cleanup of tmp directory upon errors.
* Use global SSH known hosts for alert type "SCP".
* Improved quoting for RFP "CSV Results".
* Fix race condition for SecInfo-based alerts.
* Updated migration routine from SQLite to PostgreSQL.
* Internal code cleanups.


openvas-manager 7.0.0 (2016-11-09)

This is the first release of the openvas-manager 7.0 module for the Open
Vulnerability Assessment System release 9 (OpenVAS-9). The OpenVAS Manager is
the central management service between the actual security scanners and the
user clients.

OpenVAS Manager 7.0 introduces an explicit asset management and the built-in
CVE scanner. It also replaces the 'Slaves' type by the new Scanner type
'OMP Slave'.  Please see the comprehensive list below for more details.

Please make sure to read the INSTALL file for important installation and
migration information, even and especially if you have used OpenVAS Manager
before.

Many thanks to everyone who has contributed to this release:
Benot Allard, Hani Benhabiles, Sven Haardiek, Matthew Mundell, Timo Pollmeier,
Jan-Oliver Wagner and Michael Wiegand.

Main changes compared to the 6.0 series:
* Added asset management for hosts and operating systems.
* Added internal CVE Scanner.
* Added SecInfo alerts.
* The type 'Slaves' was replaced by the 'Scanner' type 'OMP Slave'.
* The OMP protocol version is now OMP 7.0.
* Added support for communicating via Unix domain sockets with OTP scanners
  and with clients.
* GET_REPORTS now uses regular powerfilter.
* Authentication configuration (for example LDAP) is now handled within
  the database and not in a separate file ('auth.conf') anymore.
* Several new OMP commands and some changes/renaming to existing commands.
  Please refer to the OMP documentation for details about new and changed
  commands.
* Consolidation of credentials into the the type Credentials.
* New Alerts 'SCP' and TCP upload.
* Improved OSP support, permissions management, QoD handling,  built-in
  report formats, alerts.
* Merging openvas-scapdata-sync into greenbone-scapdata-sync.
* Merging openvas-certdata-sync into greenbone-certdata-sync.
* Minimum required version GnuTLS raised to 3.2.15.
* Minimum required version GLib raised to 2.32.
* Minimum required version CMake raised to 2.8.

Main changes since 6.1+beta3:
* The concept of slaves has been replaced by OMP slaves.
* The OMP protocol version is now OMP 7.
* Support for grouping data by two columns has been added.
* Support for the new 'SNMP' alert method has been added.
* A new "Max Rows Per Page" setting has been introduced which defaults to 1000,
  please see the INSTALL file for details.
* The handling of Internal Errors has been made more consistent.
* A support scripts for gathering statistics on the SQLite3 back-end has been
  added.
* Credentials are now consistently handled as credential objects.
* Support for sorting by multiple fields in OMP command GET_AGGREGATES has been
  added.
* The process title of processes handling scans will now contain the report
  UUID.
* Resuming of scheduled slave scans has been improved.
* Internal use of logging has been made more consistent.
* Support for migrating data from an SQLite3 database to a PostgreSQL database
  has been improved.
* Handling of slave scans has been improved.
* The handling of report format plugins has been improved.
* The LDAP CA certificate is now stored in the internal database instead as a
  separate file on disk.
* The predefined target 'Localhost' has been removed.
* Users are now allowed to access feed descriptions.
* Support for including the result of one report format in the result of another
  report format has been added.
* The 'Anonymous_XML' report format now strips even more potentially sensitive
  information.
* Support for custom predefined report formats has been improved.
* Support for communicating via Unix domain sockets has been added and now is
  the default for communication with OTP scanners and with clients.
* NVTs in the ACT_SETTINGS family are no longer automatically enabled.
* Log messages have been improved to include the resource name wherever
  possible.
* The 'openvas-manage-certs' support script has been moved here from OpenVAS
  Scanner.
* The minimum required version of the GnuTLS library has been raised to 3.2.15
  in order to enforce the presence of newer (more secure) TLS and ciphers.
* The minimum required version of the OpenVAS libraries has been raised to
  9.0.0.
* The minimum required version of the GLib library has been raised to 2.32 in
  order to allow the use of newer API elements.
* The minimum required version of the CMake build framework has been raised to
  2.8.
* Numerous code cleanups.
* The build process has been improved.
* Code documentation has been updated.
* Support for PostgreSQL has been improved.


openvas-manager 6.1+beta3 (2016-04-14)

This is the third beta version of the upcoming 6.1 release of the
OpenVAS Manager. It will be part of the upcoming OpenVAS-9 release.
This module is the central management service between
security scanners and user clients.

This release adds various alerts, consolidates credentials and
applies the standard powerfilter now also for the report results
to name just a few of the improvements.

Many thanks to everyone who has contributed to this release:
Benot Allard, Hani Benhabiles, Sven Haardiek, Matthew Mundell,
Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 6.1+beta2:
* Consolidation of credentials: Introduce various types of credentials and
  use these reseources whenever a credential is required. Also the migration
  will handle this properly.
* Add task preference for auto deleting reports.
* Add credential type "client certificate".
* Add SNMP credential type.
* Make login information of slaves a credentials resource.
* Add SNMP credentials to targets.
* Add new alert conditions "Filter count at least" and "Filter count changed".
* Add alert method "Send", for sending the report to a TCP listener.
* Add new alert method 'SCP'.
* Add alert event "New NVTs arrived".
* Add event type "Updated NVTs arrived".
* Add support for SecInfo type in SecInfo alerts.
* Add SYNC_CONFIG OMP command.
* Introduce Scan Configs for OSP scanners.
* Make GET_REPORTS command use the normal powerfilter and remove some
  redundant command attributes and now unused functions.
* Prevent concurrent NVT cache updates from being initiated via SIGHUP.
* Add "ISM Control Description" parameter to "Verinice ISM" report format.
* Ensure sequences for automatically assigning primary key ids in
  PostgreSQL are consistent with table contents on startup.
* Remove any special handling of a tag "risk_factor".
* When using SQLite, ensure that all three databases are in WAL mode.
* Merging openvas-certdata-sync into greenbone-certdata-sync
  in order to maintain only a single sync script instead
  of two mostly identical ones.
* Merging openvas-scapdata-sync into greenbone-scapdata-sync
  in order to maintain only a single sync script instead
  of two mostly identical ones.
* Add --check-alerts, which runs any SecInfo alerts that are due.
* Various database performance improvements.
* Various code improvements.


openvas-manager 6.1+beta2 (2015-10-21)

This is the second beta version of the upcoming 6.1 release of the
OpenVAS Manager. It is the central management service between the actual
security scanners and various user clients.

This release adds explicit asset management for hosts and operating
systems, first OSP 1.1 features, started consolidation of Credentials -
to name just a few of the many improvements.

Many thanks to everyone who has contributed to this release:
Benot Allard, Hani Benhabiles, Sven Haardiek, Matthew Mundell,
Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 6.1+beta1:
* Add asset management for hosts and operating systems via new OMP
  commands CREATE_ASSET, GET_ASSETS, MODIFY_ASSET and DELETE_ASSET.
* Make it possible to import OSP scan configs.
* Allow specifying multiple data columns via elements in the OMP command
  GET_AGGREGATES and change the response to list statistics grouped for
  each data_column.
* Add new alert method "Start Task".
* Replace the LSC_CREDENTIAL type with CREDENTIAL type.
* Handle free-form text in Postgres sorting of hosts, instead of
  requiring IPs.
* Add new OMP command MOVE_TASK to move a task to a new slave, even
  when it is running.
* Add support for some of the upcoming OSP 1.1 features.
* Extend CREATE_GROUP with option to create "super on self" permission
  for the group, so that all member resources are shared.
* Updated the HTML report format plugin with slightly lighter design and
  better performance.
* Add "subject" and "message" method data for email alerts, so that the
  user can set these fields. Also add various variables for the message
  via various variables.
* Add options to have a user inherit resources from a user being
  deleted.
* Add new setting "Default Severity".
* Record in each report in the db whether the task was started by the
  scheduler.  Use this info to prevent the scheduler from stopping
  manually started tasks.
* For slave tasks, add the host details of finished hosts, even if the
  task is still running.
* Add a "word_counts" mode to the GET_AGGREGATES OMP command.
* If NVT cannot be found for dynamic severity without overrides, use
  static severity instead.
* Add host and result counts to task iterators and add "text columns"
  option to get_aggregates.
* Allow dot (.) in username.
* Give up when doing the nvti cache update check and the database is
  busy, because this is done in the main omp service loop, so it could
  delay the service of OMP clients.
* Add params ignore_pagination and schedules_only for OMP GET_TASKS.
* Improved certificate checks.
* Simplify project version setting. Use SVN version at build time in
  binary instead of SVN version at configuration time.
* Various code improvements.


openvas-manager 6.1+beta1 (2015-07-17)

This is the first beta version of the upcoming 6.1 release of the OpenVAS
Manager. It is the central management service between the actual security
scanners and various user clients.

This release moves authentication configuration from file based function to the
Manager database. It also adds support for CVE scanning and contains a number of
other improvements.

Please make sure to read the INSTALL file for important installation and
migration information, even and especially if you have used OpenVAS Manager
before.

Many thanks to everyone who has contributed to this release:
Benot Allard, Hani Benhabiles, Sven Haardiek, Matthew Mundell, Timo Pollmeier and Michael Wiegand.

Main changes since 6.0 series:
* The required minimum version of OpenVAS Libraries has been raised to 8.1.0.
* Authentication checks are now handled locally instead of file based OpenVAS
  Libraries functions.
* Permission management has been improved.
* OSP support has been improved.
* Support for CVE scanning has been added.
* Handling of QoD information has been improved.
* PostgreSQL support has been improved.
* Internal improvements.
* The built-in LaTeX report format has been improved.
* Support for running cppcheck from the build environment has been added.
* A number of issues discovered through static code analysis have been
  addressed.
* Documentation has been updated.


openvas-manager 6.0.1 (2015-04-01)

This is the first maintenance release of the openvas-manager 6.0 module for
the Open Vulnerability Assessment System release 8 (OpenVAS-8).

This release addresses various improvements and bug fixes of which
none is particularly outstanding, but not all just minor either.

Many thanks to everyone who contributed to this release:
Matthew Mundell, Timo Pollmeier and Michael Wiegand.

Main changes compared to 6.0.0:
* Treat missing filter keywords owner and permission as if they had the
  value "any". The old default behavior can be reproduced by using the
  keywords with an empty value.
* Task severity: Consider based on QoD default (70%) instead of 0%.
  This way the task severity matches the results severity when using
  defaults.
* Allow the user to create a permission if the user has "modify" access
  to the subject. This allows users to create permissions on roles owned
  by other users, for example.
* Bugfix to enable autoamtic update of CERT-Bund.
* Bugfix to re-add the cvss base vector of NVTs.
* Bugfixes/improvements about object managment for objects
  with dependencies dependencies (for example: target has
  credentials).
* Always set trust as "yes" for predefined report formats.
* Bugfix: Quote timezones as these can have multiple words.
* Bugfix: Get results severity based on user, not based on owner.
* Improved package config and build routine.
* Various minor bugfixes.


openvas-manager 6.0.0 (2015-03-17)

This is the first release of the openvas-manager 6.0 module for the Open
Vulnerability Assessment System release 8 (OpenVAS-8). The OpenVAS Manager is
the central management service between the actual security scanner and various
user clients.

OpenVAS Manager 6.0 introduces a large number of new and improved features, for
example scanner management, the alternative use of PostgreSQL as database back
end and Quality of Detection (QoD) information. It also introduces the new roles
"Guest", "Monitor" and "Super Admin". Please see the comprehensive list below
for more details.

Please make sure to read the INSTALL file for important installation and
migration information, even and especially if you have used OpenVAS Manager
before.

Many thanks to everyone who has contributed to this release:
Benot Allard, Michal Ambroz, Hani Benhabiles, Henri Doreau, Michael Meyer,
Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand.

Main changes compared to the 5.0 series:
* OpenVAS Manager now supports the alternative use of PostgreSQL as database
  back end instead of SQLite3.
* Support for Scanner Management has been added. This includes the configuration
  part for scanners accompanied with a new set of OMP commands (create_scanner,
  get_scanners, modify_scanner, delete_scanner and verity_scanner). Next, it
  covers the extensions of tasks with the selected scanner type and the
  extension of Scan Configurations to reflect different scanner types.
* Support for the new SecInfo subtype CERT-Bund Advisory (CERT_BUND_ADV) has
  been added.
* Support for QoD (Quality of Detection) information has been added.
* Support for mixing objects owned by different users has been extended.
* Support for a "Guest" role has been added.
* Support for a "Monitor" role has been added.
* Support for a "Super Admin" role has been added.
* Support for associating ESXi credentials with targets has been added.
* The new OMP command "GET_AGGREGATES" has been added in order to deliver data
  tables for use in diagrams.
* Support for task charts has been added.
* Support for filtering NVTs based on their script_tags has been added.
* A new "Modify Task" wizard has been added.
* Support for displaying solution type information has been added.
* Support for internal database optimization has been added.
* Support for ownership of users, roles, groups and permissions has been
  introduced.
* Support for the changing of user names has been added.
* Support for Once-off schedules has been added.
* Support for limiting the number of times a task runs with a periodic schedule
  has been added.
* Support for splitting the CPE dictionary has been added to the SCAP data
  synchronization script.
* The "xml_split" helper script for splitting SCAP data is now installed by
  default.
* Report powerfilters now support the "timezone" keyword.
* The OMP version is now included in reports.
* Tasks on slaves are now stopped when the controlling master is terminated.
* Alterable task now stay alterable even when their last report has been
  removed.
* Solution type information is now included in report formats.
* OpenVAS Manager will no longer abort if previous attempts to the rebuild or
  update the database have failed.
* The results table and the OMP results objects have been extended.
* The "Anonymous XML" report format has been added.
* Support for displaying host authentication results has been added to the
  LaTeX, PDF and HTML reports.
* The GET_INFO command can now be used for NVTs as well.
* Support for "openvasrc" files has been removed from OMP.
* For SSH credentials, the certificate is now extracted from private key when
  needed.
* Preemptive Scanner connecting has been removed. Manager now only connects on
  NVT cache update or task starting, resuming and stopping. This improves
  response time.
* Support for the task pausing feature has been removed. This includes the
  removal of OMP commands "pause_task" and "resume_paused_task".
* Support for the target locators feature has been removed. This includes the
  removal of the OMP command "get_target_locators".
* The "--slisten" and "--sport" command line options have been removed as they
  are now part of the scanner properties.
* An issue which caused individual NVT timeout values to not be transferred
  to slaves has been fixed.
* The "--list-users" command line option has been renamed to "--get-users".
* The "--role" command line option now applies to "--get-users" as well.
* The "get_results" OMP command now behaves more consistent with other get_...
  OMP commands.
* The task name is now included in more report formats.
* The value of the NVT tag "affected" is now included in more report formats.
* The performance has been improved in a number of places.
* The strategy of SQL retries in high-load situation has been improved.
* The handling of user groups when dropping privileges has been improved.
* The manager will now retry starting of scheduled tasks when the start OMP fails.
* Sorting of numerical values has been improved.
* Library checks during package configuration have been improved and are now
  more comprehensive and consistent.
* Signal handling has been improved.
* The OMP protocol documentation has been updated.
* Code cleanups.

Main changes compared to 6.0+beta6:
* Solution type information is now included in report formats.
* An issue with empty scan end times has been fixed.
* Performance of report result counting has been improved.
* A check which resulted in scheduled tasks not starting at all if they could
  not start within a short interval has been removed.
* Signal handling has been improved.
* Support for splitting the CPE dictionary has been added to the SCAP data
  synchronization script.
* OpenVAS Manager will no longer abort if previous attempts to the rebuild or
  update the database have failed.
* The "Anonymous XML" report format has been added.
* The OMP protocol documentation has been updated.
* The GET_INFO command can now be used for NVTs as well.
* Result in report results counting and caching functions now use a default
  minimum QoD of 70 for consistency.
* Support for displaying host authentication results has been added to the
  LaTeX, PDF and HTML reports.
* Support for CERT-Bund advisories has been improved.
* An issues which caused a segmentation fault when rebuilding the database of 32
  bit installations under certain circumstances has been fixed.
* The "xml_split" helper script for splitting SCAP data is now installed by
  default.
* Support for mixing of the current user's targets and tasks, with other
  people's targets and tasks has been added.
* Support for mixing of the current user's configs and tasks, with other
  people's configs and tasks has been added.
* Support for mixing of the current user's scanners and tasks, with other
  people's scanners and tasks has been added.
* Support for mixing of the current user's port lists and targets, with other
  people's port lists and targets has been added.
* Support for mixing of the current user's credentials and targets, with other
  people's credentials and targets has been added.
* Support for mixing of the current user's report formats and alerts, with other
  people's report formats and alerts has been added.
* Support for mixing of the current user's filters and alerts, with other
  people's filters and alerts has been added.
* Code cleanups.


openvas-manager 6.0+beta6 (2015-02-11)

This is the sixth beta version of the upcoming 6.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanners and various user clients.

This release improves support for OSP scanner and introduces support for
Quality of Detection (QoD) information. It also adds support for once-off
schedules, for limiting the number of times a task runs with a periodic
schedule and for more resource mixing between users. It also contains a number
of bug fixes and various other improvements.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Michael Wiegand.

Main changes since 6.0+beta5:
* Support for OSP host details has been added.
* Support for modifying an existing scanner has been added.
* Support for Once-off schedules has been added.
* Support for limiting the number of times a task runs with a periodic schedule
  has been added.
* Enable mixing of the current user's alerts, schedules and tasks, with other
  people's alerts, schedules and tasks, when permissions allow it.
* Support for Quality of Detection (QoD) information has been introduced.
* A segmentation fault which occurred when deleting users using the
  "--delete-user" parameter has been fixed.
* An issue which caused individual NVT timeout values to not be transferred
  to slaves has been fixed.
* An issue with NVT counting in scan configs has been fixed.
* Incorrect column name in the SCAP database have been fixed.
* An issue with result counting when using certain filters has been fixed.
* An issue which prevented the Super Admin from cloning certain objects has been
  fixed.
* An issue with running scheduled tasks with durations has been fixed.
* Tasks on slaves are now stopped when the controlling master is terminated.
* Alterable task now stay alterable even when their last report has been
  removed.
* The default value for the "autofp" setting used for alerts has been changed
  to 0 for consistency with other views.
* Report lists now ensure that a apply_overrides value is set.
* Sorting of numerical values has been improved.
* Handling of missing report format plugins for alerts has been made more
  consistent.
* Library checks during package configuration have been improved and are now
  more comprehensive and consistent.
* OSP support has been improved.
* PostgreSQL support has been improved.
* The OMP documentation has been updated.
* Documentation of database optimization has been improved.
* Code cleanups.


openvas-manager 6.0+beta5 (2015-01-12)

This is the fifth beta version of the upcoming 6.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanners and various user clients.

This release improves support for the "Super Admin" permission, introduce
ownership for users, roles and groups, allow sharing of sensors and task
between users, adds a `--optimize` command line option, start work on
consolidation of the different RESUME_* OMP commands as well as fixes various
smaller issues.

Many thanks to everyone who has contributed to this release:
Timo Pollmeier, Jan-Oliver Wagner, Matthew Mundell, Michael Wiegand and Hani
Benhabiles.

Main changes since 6.0+beta4:
* Add settings for default resource selections on the "New Task" and "New
  Target" pages in GSA and get settings in Advanced Task Wizard.
* LaTeX report format improvement
* Retry starting of scheduled tasks when the start OMP fails.
* Add new "Modify Task" wizard.
* Add RESOURCE/TYPE to CREATE_PERMISSION, so that Super permissions can be
  created on Roles, Groups and Users.
* Add RESOURCE/TYPE to MODIFY_PERMISSION, so that editing of Super
  permissions works.
* Allow severity to be null in CERT-Bund and DFN-CERT Advisories, CPEs and OVAL
  definitions if no severity is available from CVEs.
* Performance improvement for GET_REPORTS.
* Add solution_type column to NVTs.
* Enable mixing of the current user's slaves and tasks, with other people's
  slaves and tasks, when permissions allow it.
* Add command line option --optimize, with arguments "analyze" and "vacuum".
* Add indices for NVTs, CVEs and CPEs and change init_aggregate_iterator to use
  them. Remove unused features from init_aggregate_iterator for	simplicity.
* Make --role apply to --get-users too.
* Introduce ownership of users, roles and groups.
* Major rewrite of the RESUME_* OMP commands.
* Introduce ownership of permissions.
* Account for Super permissions in asset reports.
* Add NEW_NAME to OMP MODIFY_USER, to allow changing of user names.


openvas-manager 6.0+beta4 (2014-11-21)

This is the fourth beta version of the upcoming 6.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanners and various user clients.

This release establishes support for PostgreSQL as an alternative database
backend. It also adds support for a "Super Admin" role and contains a number of
smaller improvements.

Many thanks to everyone who has contributed to this release:
Benot Allard, Michal Ambroz, Hani Benhabiles, Henri Doreau, Michael Meyer,
Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 6.0+beta3:
* OpenVAS Manager now supports the alternative use of PostgreSQL as database
  backend instead of SQLite3.
* Support for a "Super Admin" role has been added.
* Performance for iterating over host details has been improved.
* The handling of SIGABRT signals has been improved, ensuring an appropriate
  exit code if such a signal occurs.
* The handling of task end times has been improved.
* The strategy of SQL retries in high-load situation has been improved.
* Support for filtering NVTs based on their script_tags has been added.
* Logging has been improved.
* The handling of user groups when dropping privileges has been improved.
* Timezone usage has been improved.
* The build process has been adjusted for changes in OpenVAS Libraries.
* The OMP version is now included in reports.
* Code cleanups.


openvas-manager 6.0+beta3 (2014-10-14)

This is the third beta version of the upcoming 6.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanners and various user clients.

This release continues the efforts towards PostgreSQL support and support of
multiple scanners. It also introduces support for a "Monitor" role and for the
"timezone" keyword in report powerfilters and harmonizes the handling of the
creation time for the different SecInfo object types. A workaround for an issue
with SQLite versions before 3.8.3 is included as is support for task charts.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Michael Wiegand.

Main changes since 6.0+beta2:
* Further steps towards alternative use of PostgreSQL as database backend
  instead of SQLite3. The PostgreSQL support does not yet cover all of the
  OpenVAS Manager functionalities.
* Further steps for Scanner Management.
* Support for task charts has been added.
* Report powerfilters now support the "timezone" keyword.
* Handling of different SecInfo object creation times has been harmonized.
* Support for a "Monitor" role has been added.
* A workaround for an issue with concurrent SQLite processes when using SQLite
  versions older than 3.8.3 has been added.
* PostgreSQL support has been added to the various support scripts.
* Code cleanups.


openvas-manager 6.0+beta2 (2014-09-23)

This is the second beta version of the upcoming 6.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanners and various user clients.

This release continues the efforts towards PostgreSQL support and support of
multiple scanners. It also introduces support for a "Guest" role and for
associating ESXi credentials with targets, along with a number of smaller
improvements and code cleanup.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Jan-Oliver Wagner and Michael
Wiegand.

Main changes since 6.0+beta1 series:
* Further steps towards alternative use of PostgreSQL as database backend
  instead of SQLite3. The PostgreSQL support does not yet cover all of the
  OpenVAS Manager functionalities.
* Further steps for Scanner Management.
* Support for a "Guest" role has been added.
* Support for associating ESXi credentials with targets has been added.
* The get_results command now behaves more consistent with other get_... OMP
  commands.
* The task name is now included in more report formats.
* The value of the NVT tag "affected" is now included in more report formats.
* GPLv2+ licence notices now contain the exact wording suggested by the Free
  Software Foundation.
* Code cleanups.


openvas-manager 6.0+beta1 (2014-08-23)

This is the first beta version of the upcoming 6.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanners and various user clients.

This release introduces first steps towards multi-scanner support, adds support
for SecInfo type "CERT-Bund" and extends the results object. Apart from this
the alternative support for PostgreSQL works to some extend but is not
complete yet.

Please make sure to read the INSTALL file for important installation and
migration information, even and especially if you have used OpenVAS Manager
before.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Michael Wiegand

Main changes since 5.0 series:
* Added first steps for Scanner Management. This includes the configration part
  for scanners accompanied with a new set of OMP commands (create_scanner,
  get_scanners, modify_scanner, delete_scanner and verity_scanner). Next,
  it covers the extensions of tasks with the selected scanner type and the
  extension of Scan Configurations to reflect different scanner types.
* First steps towards alternative use of PostgreSQL as database backend instead
  of SQLite3. The PostgreSQL support does not yet cover all of the OpenVAS Manager
  functionalities.
* Added new SecInfo subtype CERT-Bund Advisory (CERT_BUND_ADV).
* Added new OMP command GET_AGGREGATES in order to deliver data tables for
  use in diagrams.
* Extended results table and OMP results objects.
* Removed openvasrc file support from OMP.
* For SSH credentials, the public part is now extracted from private key
  when needed.
* Removed preemptive Scanner connecting. Connect only on NVT cache update
  or task starting, resuming and stopping. This improves response time.
* Removed task pausing feature. This includes the removal of OMP commands
  pause_task and resume_paused_task.
* Removed target locators feature. This includes the removal of the
  OMP command get_target_locators.
* First steps towards a QoD (Quality of Detection) concept as an attribute
  of the results.
* Rebuild CERT database as version 6 to apply fix for problems with CVEs
  in older DFN-CERT advisories.
* Increased limit of max number of hosts specified in user Host Access
  Control to 16,777,216.
* Removed --slisten and --sport options.
* Renamed --list-users to --get-users.
* Added --get-scanners.
* Added --create-scanner with --scanner-host, --scanner-port and
  --scanner-type options.
* Added --delete-scanner option.
* Added --verify-scanner option.
* Added --scanner-ca-pub, --scanner-key-pub and --scanner-key-priv
  command-line arguments.
* Added options --max-email-attachment-size and --max-email-include-size.
* Various minor improvements.
* Code cleanups.


openvas-manager 5.0.0 (2014-04-23)

This is the first release of the openvas-manager 5.0 module for the Open
Vulnerability Assessment System release 7 (OpenVAS-7). The OpenVAS Manager is
the central management service between the actual security scanner and various
user clients.

OpenVAS Manager 5.0 introduces a large number of new and improved features, for example
the entire user management is now done in OpenVAS Manager, tagging of objects,
"Severity" concept to replace "Threat" concept, Alive-Test property of Targets,
a number of new command line parameter, extended access control with groups, roles
and permissions.  For a complete list of changes, please refer to the list below.
The whole functionality is available via the extended protocol OMP 5.0.

Please make sure to read the INSTALL file for important installation and
migration information, even and especially if you have used OpenVAS Manager
before.

Many thanks to everyone who has contributed to this release:
Benot Allard, Hani Benhabiles, Henri Doreau, Rodolfo Gouveia, Andre Heinecke,
Werner Koch, Matthew Mundell, Timo Pollmeier, Stefan Schwarz, Stefan Sperling,
Jan-Oliver Wagner and Michael Wiegand.

Main changes since 4.0.x:
* User management has been consolidated in OpenVAS Manager. It was moved
  from OpenVAS Scanner and OpenVAS Administrator into OpenVAS Manager.
* New: Groups, Roles and Permissions.
* New: Tags.
* New: Default scan configurations "Discovery", "Host Discovery" and
  "System Discovery".
* New: Support for searching in the complete SecInfo data.
* New: Support for regular expression searching in the powerfilter.
* New: New "Severity" concept to replace "Threat" concept.
* Removed: OTP port forwarding.
* Removed: Support for obsolete scanner preferences.
* Improved: Support for the new host management offered by Scanner has been added.
* Improved: Schedule handling during long running operations.
* Changed: Simplified host access conrol replaces old rules-based concept.
* New: Support for Alterable Tasks.
* New: Support for Source Interface access control has been added.
* New: Alive Test property to Targets, which can override the scan config
  settings.
* Remove NVTs 810002 "CPE Inventory" and 810003 "Host Summary" from predefined
  configs.
* Orphaned results are now removed from the database when starting.
* The speed of retrieving a task details overview has been improved.
* Database rebuild performance has been improved.
* Performance with large databases has been improved.
* Updated: Verinice ISM report format plugin.
* Updated: The NBE report format plugin.
* New: Predefined report format CSV Hosts.
* New: Predefined report format CSV Results.
* New: Report format plugin for exporting TLS mapping results into a CSV file.
* New: User setting for preferred interface language.
* Logging has been improved and made more consistent.
* OpenVAS Manager will now attempt to reduce database fragmentation.
* Use UTF-8 for OTP.
* Report scanner loading progress to client/GSA.
* New: Support for user defined OVAL repositories in private subdirectories.
* The scripts for SCAP and CERT data synchronization have been improved.
* Handling of NVT risk factors has been removed as this is handled via CVSS scores now.
* The handling of the obsolete "subnet" element in the results has been
  removed.
* NVT descriptions are no longer stored separately in the database and thus no
  longer duplicate information already present in the NVT tags.
* The credential encryption keyring is now placed in var/lib/openvas/gnupg
  instead of etc/openvas/gnupg.
* Support for changing a user password on the command line has been added.
* New option --max-ips-per-target.
* New option --delete-user.
* New option --create-user.
* Add option --role, which allows to set the role with --create-user.
* The --migrate option now also migrates SCAP and CERT databases.
* New option "--list-users".
* Made --migrate succeed when the database has not yet been initialised.
* Add --gnutls-priorities option.
* Add --dh-params command-line option.
* The command line parameter "--disable-scheduling" has been added.
* The required minimum GnuTLS version has increased to 2.8.
* The required minimum OpenVAS Libraries version has increased to 7.0.0.
* Signature verification now uses the "gpgv" command.
* Make --rebuild and --update wait for scanner when scanner is busy
  loading NVTs.  This matches the behaviour when rebuild is called via
  SIGHUP.
* Startup speed has been improved.
* Add a utility to split huge xml files in a memory efficient way
* The handling of missing, inaccessible or corrupt database files has been
  improved.
* Moved some functions to openvas-libraries.
* Large number of small fixes and speed improvements.
* Code cleanup.

And additionally changes compared to 5.0+beta13:
* Added HELP permission check.
* New: Role "Info".
* Clean up of OMP and OMP documentation.


openvas-manager 5.0+beta13 (2014-04-10)

This is the thirteenth beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and its various user clients.

This release further improves role management and adds the MODIFY_ROLE OMP
command. It also features an improved startup speed and an updated OMP
documentation as well as improvements to the alive test and wizard
functionalities.

Many thanks to everyone who contributed to this release:
Matthew Mundell, Timo Pollmeier and Michael Wiegand.

Main changes since 5.0+beta12:
* The OMP command MODIFY_ROLE has been added.
* Role management has been improved.
* The OMP documentation has been updated.
* The handling of unavailable commands in the quick_task wizard has been
  improved.
* The command line parameter "--disable-scheduling" has been added.
* Startup speed has been improved.
* The alive test "TCP Service Ping" has been renamed to "TCP-ACK Service Ping".
* The alive test "TCP-SYN Service Ping" has been added.


openvas-manager 5.0+beta12 (2014-03-28)

This is the twelfth beta version of the upcoming 5.0 release of the OpenVAS
Manager. it is the central management service between the actual security
scanner and its various user clients.

This release add an OMP DELETE_ROLE commands and a --dh-params command-line
option to specify Diffie-Hellman ciphers parameters.

Many thanks to everyone who contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Jan-Oliver Wagner

Main changes since 5.0+beta11:
* Add OMP DELETE_ROLE.
* Add --dh-params command-line option.
* code cleanup


openvas-manager 5.0+beta11 (2014-03-26)

This is the eleventh beta version of the upcoming 5.0 release of the OpenVAS
Manager. it is the central management service between the actual security
scanner and its various user clients.

This release adds a --gnutls-priorities option to specify the cipher priority
as well as adds a CREATE_ROLE OMP command and solve a number of small issues.

Many thanks to everyone who contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier and Jan-Oliver Wagner

Main changes since 5.0+beta10:
* Get tags for resources by ROWID instead of UUID. Make iterator functions for
  active and orphan fields return int.
* Rename "attach_id" to "resource_uuid", "attach_type" to "resource_type" add
  resource rowid "resource" and "resource_location" to tags tables. Hence
  increase database version to 117.  Add database migration from version 116 to
  117.
* Change tag OMP elements accordingly and make them more consistent with the
  resource in permissions overall. Allow tags to be attached to resources in
  trash. Rename "orphaned" in tags to "orphan".
* Add OMP CREATE_ROLE.
* Remove NVTs 810002 "CPE Inventory" and 810003 "Host Summary" from predefined
  configs.  Hence increase database version to 116.  Add database migration
  from version 115 to 116.
* Drop sign_key_ids column from nvts table.  Hence increase database version to
  115.  Add database migration from version 114 to 115.
* Add alive test "Consider Alive".
* Add --gnutls-priorities option to Manager.
* Report scanner loading progress to client/GSA.
* Added regex-based parameter validation and support of alternative run modes,
  e.g. an init mode to get resource lists to display in the client, to wizards.
* Switch the type check on the filters associated with alerts from "report" to
  "result".  Alerts were migrated from "report" to "result" in db version 92.
* Code cleanup.


openvas-manager 5.0+beta10 (2014-03-18)

This is the tenth beta version of the upcoming 5.0 release of the OpenVAS
Manager. it is the central management service between the actual security
scanner and its various user clients.

This release Correct the behavior of the manager when called with --rebuild,
--update or --migrate in order to produce a more consistent experience, as
well as solve a number of small issues.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell and Jan-Oliver Wagner.

Main changes since 5.0+beta9:
* Remove handling of CERTIFICATES otp command.
* Make --rebuild and --update wait for scanner when scanner is busy
  loading NVTs.  This matches the behaviour when rebuild is called via
  SIGHUP.
* Add scan-time record of slave and source interface to reports.
* Remove handling of PLUGINS_DEPENDENCIES OTP command and get_dependencies
  OMP command.
* Make --migrate succeed when the database has not yet been initialised.
* Code cleanup.


openvas-manager 5.0+beta9 (2014-03-12)

This is the ninth beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and its various user clients.

This release introduces the new "System Discovery" config, improves handling of
the OpenVAS Scanner connection and fixes two issues related to UTF-8 encoded
text in overrides and notes and to result counts.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell and Michael Wiegand.

Main changes since 5.0+beta8:
* A new predefined "System Discovery" config has been added.
* The handling of the connection to the OpenVAS Scanner has been improved.
* An issue which caused a segmentation fault due to incorrect truncation of
  UTF-8 encoded text in overrides and notes has been fixed.
* An issue which caused incorrect result counts has been fixed.


openvas-manager 5.0+beta8 (2014-03-06)

This is the eighth beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and its various user clients.

This release adjusts the built-in Report Format Plugins (RFPs) to expect NVT
information to be in the new style. It also removes sections of unused code,
improves Host Discovery handling and fixes a password generation issue.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell and Michael Wiegand.

Main changes since 5.0+beta7:
* NVTs are expected to be in the new style by the built-in RFPs.
* Host Discovery will now fall back on more Ping Host defaults.
* An issue which resulted in unusable passwords for LSC credentials being
  generated in rare circumstances has been fixed.


openvas-manager 5.0+beta7 (2014-02-27)

This is the seventh beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and its various user clients.

This release fixes a large number of small issues.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Timo Pollmeier and Hani Benhabiles.

Main changes since 5.0+beta6:
* Update documentation about the alive tests property.
* Increase the OMP version to 5.0.
* Prevent targets curently used to be modified.
* Remove need for all elements to be given in MODIFY_TARGET.
* Large number of small fixes and improvements.


openvas-manager 5.0+beta6 (2014-02-16)

This is the sixth beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds user language setting, Alive Test property for Targets
and fixes a large number of small bugs.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Matthew Mundell, Timo Pollmeier, Michael Wiegand
and Jan-Oliver Wagner

Main changes since 5.0+beta5:
* Add an Alive Test property to Targets, which can override the scan config
  settings.
* Added user setting for preferred interface language.
* Removed column "Most Severe Result(s)" from LaTeX/PDF report format plugin.
* New option "--list-users".
* Moved some functions to openvas-libraries.
* Severity classes added to report XML.
* Large number of small fixes and improvements.


openvas-manager 5.0+beta5 (2014-01-28)

This is the fifth beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release improves the reports to include a new results section.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Timo Pollmeier, Michael Wiegand, Benot Allard, and Jan-Oliver
Wagner

Main changes since 5.0+beta4:
* Update reports to use the new results sections.
* Add a utility to split huge xml files in a memory efficient way
* Large number of small fixes and improvements


openvas-manager 5.0+beta4 (2014-01-15)

This is the fourth beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds a couple of new command line options and report format
plugins.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Henri Doreau, Matthew Mundell Timo Pollmeier,
Jan-Oliver Wagner and Michael Wiegand.

Main changes since 5.0+beta3:
* Use UTF-8 for OTP.
* New option --max-ips-per-target.
* New predefined report format CSV Hosts.
* New predefined report format CSV Results.
* Extended report format plugin for verinice.
* New report format plugin for exporting TLS mapping results into a CSV file.
* Add option --delete-user.
* Rename option --first-user to --create-user.
* Add option --role, which allows to set the role with --create-user.
* New predefined config Host Discovery.
* Large number of small fixes and improvements, especially
  regarding permissions.
* The --migrate option now also migrates SCAP and CERT databases.


openvas-manager 5.0+beta3 (2013-11-22)

This is the third beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds support for Alterable Tasks and Source Interface access
control and features a reworked host access control concept replacing the old
rules based concept. It also features further integration of the new concepts
for severity and permission checks as well as numerous small improvements.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Andre Heinecke, Matthew Mundell, Timo Pollmeier, Stefan
Schwarz and Michael Wiegand.

Main changes since 5.0+beta2:
* Support for Alterable Tasks has been added.
* Support for Source Interface access control has been added.
* The host access control concept has been reworked, resulting in a removal of
  the old rules based concept.
* Support for the new "Severity" concept has been added in more places.
* Resource level permission checking has been improved.
* An issue which caused new databases to be initialised improperly has been
  fixed.
* NVT descriptions are no longer stored separately in the database and thus no
  longer duplicate information already present in the NVT tags.
* OpenVAS Manager will now attempt to reduce database fragmentation.
* The handling of the obsolete "subnet" element in the results has been
  removed.
* The NBE report format plugin has been updated.
* The verinice ISM report format plugin has been updated.
* Support for changing a user password on the command line has been added.
* Large number of small fixes and speed improvements.
* Code cleanup.
* Documentation has been updated.


openvas-manager 5.0+beta2 (2013-09-30)

This is the second beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release fixes an issue with autogenerated credentials being unable to
login. It adds support for new functionality added to OpenVAS Scanner since the
last OpenVAS Manager release and features a number of internal improvements
regarding performance, logging and scheduling.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Andre Heinecke, Werner Koch, Matthew Mundell, Timo Pollmeier,
Jan-Oliver Wagner and Michael Wiegand.

Main changes since 5.0+beta1:
* An issue which caused autogenerated credentials to fail to login has been
  fixed.
* Support for regular expression searching has been added to the powerfilter.
* Support for the new "Severity" concept has been added in a number of places.
* The greenbone-scapdata-sync and greenbone-certdata-sync scripts have been
  updated.
* Support for the new Scanner message type "Alarm" has been added.
* Support for OTP port forwarding has been removed.
* Support for obsolete scanner preferences has been removed.
* Support for the new host management offered by Scanner has been added.
* Logging has been improved and made more consistent.
* Schedule handling during long running operations has been improved.
* Orphaned results are now removed from the database when starting.
* Database rebuild performance has been improved.
* Performance with large databases has been improved.
* The NBE report format plugin has been updated.
* The verinice ISM report format plugin has been updated.
* Code cleanup.
* Documentation has been updated.


openvas-manager 5.0+beta1 (2013-06-25)

This is the first beta version of the upcoming 5.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release moves user management to OpenVAS Manager from OpenVAS Scanner and
OpenVAS Administrator, introduces group and permissions management and tag
management among other new features.

Please note that this release changes the location of the credential encryption
key.

Please make sure to read the INSTALL file for important installation and
migration information, even and especially if you have used OpenVAS Manager
before.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Rodolfo Gouveia, Andre Heinecke, Werner Koch, Matthew Mundell,
Timo Pollmeier, Stefan Sperling, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 4.0 series:
* The credential encryption keyring is now placed in var/lib/openvas/gnupg
  instead of etc/openvas/gnupg.
* The required minimum GnuTLS version has increased to 2.8.
* The required minimum OpenVAS Libraries version has increased to 7.0.0.
* User management has been moved to OpenVAS Manager from OpenVAS Scanner and
  OpenVAS Administrator.
* Support for group and permission management has been added.
* Support for managing network service port names has been added.
* Tag management has been added.
* Handling of NVT risk factors has been removed as this is handled via CVSS scores now.
* Handling of the OTP protocol has been updated to match the changes in OpenVAS
  Libraries and OpenVAS Scanner.
* Support for user defined OVAL repositories in private subdirectories has been added.
* The scripts for SCAP and CERT data synchronization have been improved.
* Support for searching in the complete SecInfo data has been added.
* The speed of retrieving a task details overview has been improved.
* The handling of missing, inaccessible or corrupt database files has been
  improved.
* A default "Discovery" scan configuration hase been added.
* Signature verification now uses the "gpgv" command.
* The verinice ISM report format plugin has been updated.
* Code cleanup.
* Documentation has been updated.


openvas-manager 4.0+beta5 (2013-02-22)

This is the fifth beta version of the upcoming 4.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds support for accessing OVAL and DFN-CERT SecInfo data,
for encrypting credentials and for checking user passwords against a
policy. It also features improvements to the report performance,
Master-Slave communication and numerous smaller improvements.

Many thanks to everyone who has contributed to this release:
Hani Benhabiles, Andre Heinecke, Werner Koch, Matthew Mundell, Timo
Pollmeier, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 4.0+beta4:
* New: Support for accessing OVAL SecInfo data.
* New: Support for accessing DFN-CERT SecInfo data.
* New: The risk factor of an NVT is now calculated from the CVSS score.
* New: Support for encrypted credentials has been added.
* New: Support for checking user passwords against a policy has been
  added.
* Extended: New object management now supports for schedules, tasks,
* slaves, report formats, port lists and scan configs.
* Improved: Override management now supports Powerfilter and Trashcan.
* Improved: Additional parameters in SCAP synchronization script.
* Improved: Handling of the SCAP database.
* Improved: Classification in the report format plugin for ISMS tool "verinice".
* Improved: Performance with large database.
* Improved: Handling of client timeouts during very long operations.
* Improved: Faster report format plugins LaTeX, TXT, HTML and PDF.
* Improved: Master-Slave communication.
* Improved: IPv6 address validation.
* Some functionality has been moved to the openvas-libraries module.
  This means that openvas-manager 4.0.+beta5 requires openvas-libraries
  6.0+beta5 or newer to build.


openvas-manager 4.0+beta4 (2012-11-05)

This is the fourth beta version of the upcoming 4.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release reveals a large number of new and improved features. Noteworthy
are the new features Auto-FP, Wizard-Framework, Multiple Alerts and the
extended Powerfilter that also was connected to more object classes.

Many thanks to everyone who has contributed to this release:
Sebastien Aucouturier, Andre Heinecke, Matthew Mundell, Jan-Oliver Wagner
and Michael Wiegand.

Main changes since 4.0+beta3:
* New: Auto-FP feature to filter out likely false positives in a report.
* New: Manage closed CVEs, as reported by the Scanner (trusted vendor updates).
* New: Multiple alerts can now be attached to a task.
* New: Wizard framework with first wizard "quick_first_scan" and user setting
  for wizard appearance.
* New: Management for Filter objects.
* New: Report format plugins for ISMS tool "verinice".
* New: Alert for sending results to a verinice .PRO server.
* Extended: Management for information such as CPE, including a extended SCAP
  data synchronization.
* Extended: Powerfilter now available for Reports.
* Extended: Powerfilters can now be attached to Alerts.
* Improved: Task overview now faster via extra caching methods.
* Improved: Handle daylight saving in schedules.
* Improved: Extended features of Powerfilter such as sorting and result ranges.
* Improved: When importing a report, now the host details are also imported.
* Improved: Reduced database locking times during some operations so that
  less blocking happens.
* Improved: Manager serves OMP even when the scanner is down.
* Improved: Notes management now supports Powerfilter and Trashcan.
* Improved: Added switch to control whether a task should contribute to asset
  management.
* Improved: Report exports now also contain the comment of the respective task.
* Improved: Report exports now also contain the family of NVTs.
* Improved: Faster report format plugins LaTeX and PDF.
* The ARF report format plugin is now a pre-defined format.
* Added creation and modification times to the powerfilter.
* Added handling of OTP 1.1.
* Improved: Hostname validation.
* Simplified Report Format Plugin handling for pre-defined plugins.
* Various bug fixes and small improvements.


openvas-manager 4.0+beta3 (2012-05-04)

This is the third beta version of the upcoming 4.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds support for disabling OMP commands and extends object
management.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Michael Wiegand.

Main changes since 4.0+beta2:
* Object management has been extended to support creation and modification
  times.
* Support for disabling OMP commands via the command line has been added.


openvas-manager 4.0+beta2 (2012-04-25)

This is the second beta version of the upcoming 4.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release contains an improved powerfilter feature, updated protocol
documentation and an improved target object management. It also fixes an issue
with the port list selection.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Michael Wiegand.

Main changes since 4.0+beta1:
* Improvements to the target object management; targets can now be edited when
  they are associated with a task and the task has not yet run.
* A bug which caused the port list selection to be empty has been fixed.
* The protocol documentation has been updated.
* The powerfilter now handles spaces in index filters.


openvas-manager 4.0+beta1 (2012-04-16)

This is the first beta version of the upcoming 4.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release introduces name change from Escalator to Alert and extended
handling of Target object lists.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Michael Wiegand.

Main changes since 3.0 series:
* Renamed Escalator to Alert.
* Added keyword filter, pagination and edit to Targets.
* New command line options --listen2 and --port2 for a second
  OMP address.


openvas-manager 3.0.0 (2012-03-26)

This is the first release of the openvas-manager 3.0 module for the Open
Vulnerability Assessment System release 5 (OpenVAS-5). The OpenVAS Manager is
the central management service between the actual security scanner and various
user clients.

OpenVAS Manager 3.0 represents a significantly advanced feature set. Most
notable is Asset Management, Port Lists, SecInfo Management with SCAP data,
delta reports and prognostic reports.
The whole functionality is available via the extended protocol: OMP 3.0.

Many thanks to everyone who has contributed to this release:
Henri Doreau, Stephan Kleine, Matthew Mundell, Jan-Oliver Wagner,
Michael Wiegand and Felix Wolfsteller.

Main changes since 2.0.x:

* New: Configuration object 'Port Lists'. 
* New: Integrated Asset Management.
* New: Security Information Database: Integrated SCAP data (CPE, CVE) including
  update method via feed service.
* New: Delta reports to analyse differences between two scans.
* New: Prognostic scans based on asset data and current SCAP data.
* New: Support for individual time zones for users.
* New: Tasks can be assigned "observes" for read-only access.
* New: Role "Observer" for read-only access.
* New: Support for notes/overrides lifetimes.
* New: Trashcan. It is now possible to place some objects in a trashcan
  instead of deleting them directly.
* New: Container tasks for importing reports.
* New: SSH port for Local Security Checks configurable.
* New: Product detections as reported by Scanner are handled to allow detailed
  cross-referenced detection information.
* Updated builtin Report Format Plugins HTML, Text and LaTeX/PDF to reflect
  various new features that are already present in GSA, including delta and
  prognostic reports. 
* Improved product detection information in results XML.
* Improved performance for massiv scanner results by using transaction groups.
* Improved Import of Target lists to allow comma-separated, line-by-line lists.
* Doubled entries in Target lists are now eliminated.
* New optional Report Format Plugin for ARF.
* OMP 3.0: All new functionalities form the new version 3.0 of the OpenVAS
  Management Protocol (OMP)
* Changed: Report format signatures no longer contain user editable fields.
* Support for large database files on 32-bit platforms has been improved.
* A bug which caused the filter result count to be calculated incorrectly when
  searching for text phrases has been fixed.
* Support for sorting results by CVSS score has been added.
* Support for importing results sent through the XML escalator has been added.
* The max_host and max_checks scan performance parameters have been moved from
  scan configs to tasks.
* An issue which caused meta data for NVTs in the "Credentials" family to be not
  present in the database has been fixed.
* A number of compiler warnings discovered by Stephan Kleine have been
  addressed.
* Scan start and end times are now set for imported reports.
* An issue which caused the import of very large reports to fail under certain
  circumstances has been fixed.
* The handling of long host lists has been improved.
* Security: Enforces strict permissions on sensitive OpenVAS Manager files.
* Security: Drop privileges before executing report format plugins if running with
  elevated privileges.
* Security: Ensures report formats are trusted before executing them.
* Support for escalating result to a Sourcefire Defense Center has been added.
* Support for using an SSH key pair for SSH authentication has been added.

And additionally changes compared to last release candidate 3.0+rc1:

* Extra report formats work standalone.
* Observer lists now may also use ',' as separator.
* Observers may now also create notes and overrides for observed tasks.
* Opservers with with Role observer are now allowed to see single results
  of the observed tasks.
* Added handling of ssh keys for authenticated tests for Master-Slave mode.
* The PID file is created earlier to avoid daemon handling believe there
  is an error.
* Build improvements for modern gcc.


openvas-manager 3.0+rc1 (2012-03-15)

This is the first release candidate of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds the Port Lists feature and updates the built-in reports
to cover delta and prognostic results.

Many thanks to everyone who has contributed to this release:
Henri Doreau, Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta8:
* Support for Port Lists has been added.
* Updated builtin Report Format Plugins HTML, Text and LaTeX/PDF to reflect
  various new features that are already present in GSA, including delta and
  prognostic reports. 
* Changed signing of Report Format Plugins to exclude comment.
* Improved product detection information in results XML.
* Improved performance for massiv scanner results by using transaction groups.
* Improved Import of Target lists to allow comma-separated, line-by-line lists.
* Doubled entries in Target lists are now eliminated.
* New optional Report Format Plugin for ARF.
* Updated OMP documentation.
* Various little bugs fixed.


openvas-manager 3.0+beta8 (2011-12-02)

This is the eigth beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds support for note lifetimes and for displaying additional
information in the HTML, LaTeX and TXT report formats. It also fixes an
incorrect result count for Asset Management results.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta7:
* Support for note lifetimes has been added.
* A bug which caused an incorrect result count in the Asset Management view has
  been fixed.
* Support for displaying the hostname and the note and override lifetimes has
  been added to the following report formats: HTML, LaTeX and TXT.


openvas-manager 3.0+beta7 (2011-11-23)

This is the seventh beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release improves the handling of timestamps in reports and uses report
format signatures without the user editable fields, ensure the trust level stays
correct if these fields have been changed.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta6:
* The handling of timestamps in reports has been improved.
* Report format signatures no longer contain user editable fields.


openvas-manager 3.0+beta6 (2011-11-16)

This is the sixth beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds support for listing NVTs addressing a certain CVE and for
override lifetimes. It fixes a bug in the threat level display and improves the
handling of SCAP data.

Many thanks to everyone who has contributed to this release:
Henri Doreau, Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta5:
* Support for listing NVTs addressing a certain CVE has been added.
* A bug which cause the wrong threat level to be displayed for tasks with
  multiple reports under rare circumstances has been fixed.
* Support for override lifetimes has been added.
* Support for displaying the SCAP update timestamp has been added.


openvas-manager 3.0+beta5 (2011-10-10)

This is the fifth beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release adds support for a number of new features, including asset
management, direct use of SCAP data, prognostic scans, task observers and
individual time zones for users. It also improves support for large database
files on 32-bit platforms.

NOTE: The Manager now expects the OpenVAS Scanner to send timestamps based on
the UTC time zone. Care must be take to use UTC for the Scanner or upgrade to
OpenVAS Scanner >= 3.3+beta2, which enforces the use of UTC internally.

Many thanks to everyone who has contributed to this release:
Henri Doreau, Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta4:
* Support for asset management been added.
* Support for using SCAP data directly has been added.
* A support script for retrieving SCAP data has been added.
* Support for prognostic scans has been added.
* Support for large database files on 32-bit platforms has been improved.
* Support for task observers has been added.
* Support for individual time zones for users has been added.


openvas-manager 3.0+beta4 (2011-07-21)

This is the fourth beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release resolves a minor issue discovered after the release of OpenVAS
Manager 3.0+beta3 and adds support for sorting results by CVSS. For details,
please refer to the list of changes below.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta3:
* A bug which caused the filter result count to be calculated incorrectly when
  searching for text phrases has been fixed.
* Support for sorting results by CVSS score has been added.
* Support for importing results sent through the XML escalator has been added.
* The max_host and max_checks scan performance parameters have been moved from
  scan configs to tasks.


openvas-manager 3.0+beta3 (2011-06-24)

This is the third beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release resolves several minor issues discovered after the release of
OpenVAS Manager 3.0+beta2 and adds support for delta reports. For details,
please refer to the list of changes below.

Many thanks to everyone who has contributed to this release:
Henri Doreau, Stephan Kleine, Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta2:
* Support for delta reports has been added.
* An issue which caused meta data for NVTs in the "Credentials" family to be not
  present in the database has been fixed.
* A number of compiler warnings discovered by Stephan Kleine have been
  addressed.
* A race condition which caused empty reports from the slave when running in
  master-slave mode under certain conditions has been fixed.
* Scan start and end times are now set for imported reports.


openvas-manager 3.0+beta2 (2011-05-19)

This is the second beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release resolves several minor issues discovered after the release of
OpenVAS Manager 3.0+beta1. For details, please refer to the list of changes
below.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 3.0+beta1:
* An issue which caused the import of very large reports to fail under certain
  circumstances has been fixed.
* An issue which caused the date of the scan end to be missing from scans if
  they were associated with an escalator created with an early Manager version
  has been fixed.
* The handling of long host lists has been improved.


openvas-manager 3.0+beta1 (2011-03-02)

This is the first beta version of the upcoming 3.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.

This release introduces a number of new features. For details, please refer to
the list of changes below.

Many thanks to everyone who has contributed to this release:
Stephan, Kleine, Matthew Mundell, Michael Wiegand and Felix Wolfsteller.

Main changes since 2.0 series:
* New feature: Trashcan. It is now possible to place objects in a trashcan
  instead of deleting them directly.
* Support for Host Details reported by OpenVAS Scanner has been added.
* Support for container task (imported reports) has been added.
* Support for specifying an SSH port for Local Security Checks has been added.
* Security: Enforces strict permissions on sensitive OpenVAS Manager files.
* Security: Drop privileges before executing report format plugins if running with
  elevated privileges.
* Security: Ensures report formats are trusted before executing them.
* Support for escalating result to a Sourcefire Defense Center has been added.
* Support for using an SSH key pair for SSH authentication has been added.
* The mail addresses supplied for an email escalator are now used in the correct
  order.


openvas-manager 2.0.2 (2011-03-02)

This is the second maintenance release of the openvas-manager 2.0 module for the
Open Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager
is the central management service between the actual security scanner and
various user clients.

This release closes a number of memory and resource leaks discovered after the
release of OpenVAS Manager 2.0.1, fixes the host count calculation and fixes an
issue which occurred when upgrading very old installations.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Michael Wiegand and Felix Wolfsteller.

Main changes since 2.0.1:
* The test infrastructure has been updated.
* A bug which caused the host count to be calculated incorrectly under certain
  circumstances has been fixed.
* A number of memory and resource leaks discovered by Felix Wolfsteller have
  been closed.
* A bug which caused database migration to fail when upgrading very old
  installations has been fixed.


openvas-manager 2.0.1 (2011-02-18)

This is the first maintenance release of the openvas-manager 2.0 module for the
Open Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager
is the central management service between the actual security scanner and
various user clients.

This release adds support for fallback system reports, changes the default value
of the "unscanned_closed" preference to "yes" for predefined configurations and
fixes an issue with signature verification in the manager. It also contains
improvements to report format signature infrastructure and fixes an issue with
the host name validation.

Many thanks to everyone who has contributed to this release:
Stephan Kleine, Matthew Mundell and Michael Wiegand.

Main changes since 2.0.0:
* Support for fallback system reports has been added in case where a full system
  report is unavailable.
* The expected location for signatures has been updated to match the FHS related
  changes in OpenVAS Scanner.
* The "unscanned_closed" preference now defaults to "yes" for predefined
  configs.
* The report format signature infrastructure has been improved.
* A bug which caused valid host names to be reject under certain circumstances
  has been fixed.


openvas-manager 2.0.0 (2011-02-08)

This is the first release of the openvas-manager 2.0 module for the Open
Vulnerability Assessment System release 4 (OpenVAS-4). The OpenVAS Manager is
the central management service between the actual security scanner and various
user clients.

OpenVAS Manager 2.0 represents a significantly advanced feature set. Most
notable is the new plugin-based report format framework which allows to produce
arbitrary scan reports (text, graphs, maps, connectors etc.). The new
master-slave mode allow to network multiple Manager instances. The whole
functionality is available via the extended protocol: OMP 2.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.

Main changes since 1.0.x:

* Report Format plugin framework. All previous reporting features were converted
  to plugins. The XML representation of a report is now the base for any plugin
  and thus consistency of reports is improved.

  Report Format Plugins can be set active so that they appear in the selection
  lists. Selections can consider content types so that for example only the
  plugins with content type "text" are offered as email body.

  It is possible to use parameters for the plugins so the user can adjust the
  behaviour of the Report Format to the individual preferences or needs.

  A verification method allows to distribute signatures for valid plugins via
  the NVT Feed.

* New default Report Format: TXT for simple text.

* New default Report Format: LaTeX for LaTeX source.

* New sample Report Format: Simple Bar Chart.
  Demonstrates how to use Gnuplot for graphical reports.

* New sample Report Format: Simple Topo Plot.
  Demonstrates how to use Graphviz for graphical reports.

* New sample Report Format: Simple Pie Chart.
  Demonstrates how to use PyChart for graphical reports.

* New sample Report Format: Simple Map Plot.
  Demonstrates how to use MapServer and GDAL for graphical reports.

* New sample Report Format: Sourcefire Host Input.
  Demonstrates that Report Formats can be used to build connectors.

* Master-Slave feature. Any OpenVAS Manager can use one or many other OpenVAS
  Manager as slave to run scans. The whole scan task is transferred to the
  slave, results are continuously reported to the Master during scan process.
  After the scan is finished all data are removed from the slave.

  The master can also retrieve system reports from the slave and thus can
  collect the performance overview for all configured slaves.

* New Escalator: HTTP GET. This allows for example to access text message (SMS)
  gateways or ticket management systems.

* Extended Escalator: For email escalation it is now possible
  to select from configured Report Formats to be included in the email body.

* Agents: A verification method was added. This allows to distribute signatures
  for valid agents via the NVT Feed.

* Credentials: Can now be edited. This allows to change the login name or
  password without the need to create a new scan configuration.

* Credentials: Auto-generated installer packages are now created on the fly. If
  the generators are improved, it is now easy to create an updated package for
  already existing credentials.

* Credentials: Credentials for SMB and SSH are now separated.

* OMP self-documentation: Part of the Managers' XML-based communication protocol
  OMP 2.0 is to deliver the full specification and documentation of the
  protocol itself (command "HELP"). It can be retrieved as XML-,
  RNC- or HTML representation.

* Targets: Various opportunities have been added to specify and combine IP
  ranges and ports.

* Tasks: The task overview is delivered much faster now.

* Reports: The report filtering is much faster now.

* Hardening flags are now enabled during compile time to increase code quality.

* Compliance with the GNU Coding Standards and the Filesystem Hierarchy
  Standard has been improved.

* A security-relevant bug has been fixed regarding email escalation methods.
  Configured OpenVAS users were able to damage installation and/or gain higher
  privileges.

Main changes since 2.0+rc4:
* The logging behaviour when started with --verbose has been improved.
* The w3af NVT is no longer part of the Full and fast default scan config.
* The build environment has been cleaned up.


openvas-manager 2.0+rc4 (2011-02-04)

This is the fourth release candidate for the upcoming 2.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next
generation of the Open Vulnerability Assessment System.

It fixes an issue in override creation and feature an improved documentation and
build environment and is now compliant to the Filesystem Hierarchy Standard
(FHS), version 2.3.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 2.0+rc2:
* Documentation has been updated.
* OpenVAS Manager now uses pkg-config to find required libraries.
* An issue which caused the creation of overrides to fail under some
  circumstances has been fixed.
* The installation is now compliant with Filesystem Hierarchy Standard (FHS
  2.3).


openvas-manager 2.0+rc3 (2011-01-21)

This is the third release candidate for the upcoming 2.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next
generation of the Open Vulnerability Assessment System.

It fixes a serious security bug and it is highly recommended to update any
installation of OpenVAS Manager 2.0 with this release. It also fixes a database
migration issue and introduces a better setting for the default logging.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner and Michael Wiegand.

Main changes since 2.0+rc2:
* A security-relevant bug has been fixed regarding email escalation methods.
  Configured OpenVAS users were able to damage installation and/or gain higher
  privileges.
* An issue which caused database migration to fail under certain circumstances
  has been fixed.
* The default log level has been reduced to warning to prevent the logging of
  potentially sensitive information in the default configuration.


openvas-manager 2.0+rc2 (2011-01-10)

This is the second release candidate for the upcoming 2.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next
generation of the Open Vulnerability Assessment System.

This release features updated protocol documentation, masks passwords when LSC
package creation commands are logged and makes the output of --version compliant
with the GNU Coding Standards.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.

Main changes since 2.0+rc1:
* The protocol documentation has been brought up to date.
* The output of --version now complies with the GNU Coding Standards.
* Passwords are now masked when loggings LSC package creation commands.


openvas-manager 2.0+rc1 (2010-12-21)

This is the first release candidate for the upcoming 2.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients. Release 2.0 is part of OpenVAS 4, the next
generation of the Open Vulnerability Assessment System.

This release adds support for separate SMB and SSH credentials, for setting
per-target port ranges and for retrieving the total number of results matching
an applied filter.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 2.0+beta3:
* The protocol documentation has been improved.
* Target credentials for SMB and SSH are now separated.
* Support for setting the port range for a target has been added.
* Hardening flags are now enabled during compile time to increase code quality.
* Support for retrieving the total number of results matching an applied filter
  has been added.


openvas-manager 2.0+beta3 (2010-12-10)

This is the third beta version of the upcoming 2.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.  Release 2.0 is part of OpenVAS 4, the next
generation of the Open Vulnerability Assessment System.

This release includes further improvements to the protocol self-documentation
and fixes two issues regarding internal links in PDF reports and downloads of
LSC credential packages. It also enables NTLMSSP support for NVTs by default to
improve LSC behaviour for Microsoft Windows, makes escalator messages more
informational and LaTeX and PDF reports more consistent with other report
formats.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 2.0+beta2:
* The protocol self-documentation has been improved.
* NTLMSSP is now enabled by default.
* Escalator message now include more information.
* The LaTeX and PDF reports have been made more consistent with the other
  report formats.
* An issue which caused internal links in the PDF report to link to wrong
  results under certain circumstances has been fixed.
* An issue which caused some existing LSC credential packages to be empty on
  subsequent downloads under certain circumstances has been fixed.


openvas-manager 2.0+beta2 (2010-12-01)

This is the second beta version of the upcoming 2.0 release of the OpenVAS
Manager. It is the central management service between the actual security
scanner and various user clients.  Release 2.0 is part of OpenVAS 4, the next
generation of the Open Vulnerability Assessment System.

This release includes a fix for incorrect counting in the ports overview and
features an improved protocol self-documentation, an improved logging
infrastructure and a speed up for LaTeX and PDF report generation.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Michael Wiegand.

Main changes since 2.0+beta2:
* The protocol self-documentation has been improved.
* A number of superfluous log messages has been downgraded or removed.
* A bug which caused issues to be counted incorrectly in the ports overview has
  been fixed.
* The generation of PDF and LaTeX reports is now faster.


openvas-manager 2.0+beta1 (2010-11-19)

This is the first beta version of the upcoming 2.0 release of the
OpenVAS Manager. It is the central management service between
the actual security scanner and various user clients.
Release 2.0 is part of OpenVAS 4, the next generation
of the Open Vulnerability Assessment System.

OpenVAS Manager 2.0 represents a significantly advanced feature set.
Most notable is the new plugin-based report format framework which
allows to produce arbitrary scan reports (text, graphs, maps, connectors etc).
The new master-slave mode allow to network multiple Manager instances.
The whole functionality is available via the extended protocol: OMP 2.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.

Central new features of OpenVAS Manager 2.0:

* Report Format plugin framework. All previous reporting features
  were converted to plugins. The XML representation of a report
  is now the base for any plugin and thus consistency of reports
  is improved.

  Report Format Plugins can be set active so that they
  appear in the selection lists. Selections can consider
  content types so that for example only the plugins with
  content type "text" are offered as Email body.

  It is possible to use parameters for the plugins so the
  user can adjust the behaviour of the Report Format to
  the individual preferences or needs.

  A verification method allows to distribute signatures
  for valid plugins via the NVT Feed.

* New default Report Format: TXT for simple text.

* New default Report Format: LaTeX for LaTeX source.

* New sample Report Format: Simple Bar Chart.
  Demonstrates how to use Gnuplot for graphical reports.

* New sample Report Format: Simple Topo Plot.
  Demonstrates how to use Graphviz for graphical reports.

* New sample Report Format: Simple Pie Chart.
  Demonstrates how to use PyChart for graphical reports.

* New sample Report Format: Simple Map Plot.
  Demonstrates how to use MapServer and GDAL for graphical reports.

* New sample Report Format: Sourcefire Host Input.
  Demonstrates that Report Formats can be used to build connectors.

* Master-Slave feature. Any OpenVAS Manager can use one or many other
  OpenVAS Manager as slave to run scans. The whole scan task
  is transferred to the slave, results are continuously reported
  to the Master during scan process. After the scan is finished
  all data are removed from the slave.

  The master can also retrieve system reports from the slave and
  thus can collect the performance overview for all configured slaves.

* New Escalator: HTTP GET. This allows for example to access
  text message (SMS) gateways or ticket management systems.

* Extended Escalator: For EMail escalation it is now possible
  to select from configured Report Formats to be included in the
  Email body.

* Agents: A verification method was added. This allows to
  distribute signatures for valid agents via the NVT Feed.

* Credentials: Can now be edited. This allows to change the login
  name or password without the need to create a new scan configuration.

* Credentials: Auto-generated installer packages are now created on
  the fly. If the generators are improved, it is now easy to create
  an updated package for already existing credentials.

* OMP self-documentation: Part of the Managers' XML-based communication protocol
  OMP 2.0 is to deliver the full specification and documentation of the
  protocol itself (command "HELP"). It can be retrieved as XML-,
  RNC- or HTML representation.

* Targets: Various opportunities have been added to specify and combine IP ranges.

* Tasks: The task overview is delivered much faster now.

* Reports: The report filtering is much faster now.


openvas-manager 1.0.0 (2010-07-29)

This is the 1.0.0 release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS).

OpenVAS Manager 1.0 represents almost 2 years of intensive work.  The mission of
OpenVAS Manager is to offer powerful and comfortable vulnerability management on
top of the actual vulnerability scanner, OpenVAS Scanner 3.1.

The OpenVAS Manager is a layer between the OpenVAS Scanner and various client
applications. The upcoming clients cover web, desktop and command line
technology and will replace the classic OpenVAS Client.

Central features of OpenVAS Manager are:

* New XML-based protocol OMP (OpenVAS Management Protocol) which client tools
  use to control scans, results, etc.

* SQL database where configurations, scan results etc. are stored. Thus, clients
  do not need to keep local storage anymore.

* Full control of scan processes. This includes multiple concurrent scans as
  well as stopping, pausing, resuming and not at least the scheduling of scans.

* Management of scan notes, false positives and result escalators (notification
  on finished scans).

OpenVAS Manager is Free Software (Open Source), licensed under GNU General
Public License Version 2 or any later version.

The first compatible client application to be released will be the web client
GSA (Greenbone Security Assistant), approximately next week.
Beta- and alpha versions of various clients are already available for download.

The OpenVAS development team offers support for any efforts to create binary
packages for the various Linux distributions in order have this new server
readily available for users as soon as possible. Please use our openvas-distro
mailing list for this purpose.

Many thanks to everyone who has contributed to this release since 1.0.0.rc1:
Stephan Kleine, Matthew Mundell, Jan-Oliver Wagner, Michael Wiegand and Felix
Wolfsteller.

Main changes since 1.0.0.rc1:
* A number of build issues has been addressed.
* The code documentation has been updated.
* Code cleanup: Internal error handling has been made more consistent.
* A potential ressource leak identified by static analysis has been fixed.
* A bug which caused NVT preferences to be displayed incorrectly has been
  fixed.


openvas-manager 1.0.0.rc1 (2010-07-15)

This is the first release candidate of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming
openvas-manager 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Michael Wiegand and Felix Wolfsteller.

Main changes since 1.0.0-beta7:
* Code cleanup: Internal resource management has been improved to use UUIDs in
  more places.
* Support for agents has been improved.
* Support for external target sources has been added.
* A bug which caused PDF exports to fail if the NVT description contained
  certain characters has been fixed.
* A bug which caused hosts in the scan result to be sorted incorrectly under
  certain circumstances has been fixed.
* Support for defining threat overrides has been added.
* Some OMP commands have been renamed and adjusted to make the protocol more
  concise and useful.
* Support for event logging has been added.
* Support for syslog escalators has been added.
* The documentation has been updated.


openvas-manager 1.0.0-beta7 (2010-05-28)

This is the seventh beta release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming
openvas-manager 1.0.

IMPORTANT: Since version 1.0.0-beta6, the manager uses certificate based
authentication to authenticate against an openvas-scanner. Please do read the
INSTALL file provided with openvas-manager and make sure you have
openvas-scanner 3.0.2 or higher before installing this manager version!

Many thanks to everyone who has contributed to this release:
Stephan Kleine, Matthew Mundell, Michael Wiegand and Felix Wolfsteller.

Main changes since 1.0.0-beta6:

* A large amount of code which was present in both openvas-manager and
  openvas-administrator has been moved to openvas-libraries.
* An issue that caused started tasks to remain in the "Requested" stage
  indefinitely has been fixed.
* An issue that caused incorrect values of the scan progress under certain
  conditions has been fixed.
* A new escalator condition has been add: Threat Level Changed.
* Open ports are now included in scan reports even if no vulnerability was
  detected on that port.
* Support for CVSS scores and Risk Factors has been improved.
* Support for excluding host without any results from the report has been added.


openvas-manager 1.0.0-beta6 (2010-04-15)

This is the sixth beta release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming
openvas-manager 1.0.

IMPORTANT: The manager now uses certificate based authentication to authenticate
against an openvas-scanner. Please do read the INSTALL file provided with
openvas-manager and make sure you have openvas-scanner 3.0.2 or higher before
installing this manager version!

Many thanks to everyone who has contributed to this release:
Hartmut Goebel, Stephan Kleine, Matthew Mundell, Joseph Sokol-Margolis,
Jan-Oliver Wagner, Michael Wiegand and Felix Wolfsteller.

Main changes since 1.0.0-beta5:

* A bug which caused incorrect NVT counts in the scan config under certain
  circumstances has been fixed.
* The manager now uses certificate based authentication.
* Support for resuming stopped tasks has been added.
* Support for task scheduling has been added.
* The openvasmd binary will now install into /usr/sbin instead of /usr/bin.


openvas-manager 1.0.0-beta5 (2010-03-04)

This is the fifth beta release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming
openvas-manager 1.0.

Many thanks to everyone who has contributed to this release:
Stephan Kleine, Matthew Mundell and Felix Wolfsteller.

Main changes since 1.0.0-beta4:

* More internal data structures are now identified by UUID and not by
  name.
* Several build issues have been fixed.
* Note management has been introduced.
* Support for handling ITG and CPE reports has been added.
* OTP forwarding is now disabled by default.


openvas-manager 1.0.0-beta4 (2010-02-08)

This is the fourth beta release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming
openvas-manager 1.0.

Many thanks to everyone who has contributed to this release:
Stephan Kleine and Matthew Mundell.

Main changes since 1.0.0-beta3:

* More internal data structures are now identified by UUID and not by
  name.
* A bug which prevented PDF reports to be generated from certain results due to
  unescaped LaTeX characters has been fixed.
* A number of formatting and casting issues found by Stephan Kleine have been
  fixed.
* The man page has been updated.


openvas-manager 1.0.0-beta3 (2010-02-05)

This is the third beta release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS) leading up to the upcoming
openvas-manager 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Felix Wolfsteller.

Main changes since 1.0.0-beta2:

* Nmap is now the default port scanner for predefined configurations.
* The man page has been updated.
* LSC credential management has been improved.
* A number of internal data structures are now identified by UUID and not by
  name.
* The manager now converts all input from the scanner to UTF-8.
* The encoding of the LaTeX report has been switch to UTF-8.
* A bug that caused some settings to be ignored during scan configuration import
  has been fixed.


openvas-manager 1.0.0-beta2 (2010-01-26)

This is the second beta release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS) leading up to the
upcoming openvas-manager 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Felix Wolfsteller.

Main changes since 1.0.0-beta1:

* Deleting of active reports is prevented.
* Introduced ownership for all objects.
  This makes objects (like a "target") not
  appear for other users anymore.
* Improved ISO-8859-1 to UTF-8 conversion hacks.
* Allowed "\" for login names (important for windows)
* Send users host restrictions ("rules") via OTP when
  starting a scan.
* Activated NSIS package generator for credentials management.
* Filter out potentials passwords from logging.
* Introduced UUIDs for users.
* Improved PDF report generator.


openvas-manager 1.0.0-beta1 (2010-01-12)

This is the first beta release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS) leading up to the
upcoming openvas-manager 1.0.

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Felix Wolfsteller and Michael Wiegand.

Main changes since 0.9.8:

* Agent support has been improved.
* Escalation support has been added.
* A bug in PDF generation which could cause the manager to stay in an infinite
  loop under certain conditions has been fixed.
* Support for exporting scan configurations has been added.
* Support for performance monitoring has been added.
* An issue which could cause some preferences not to be sent to the scanner has
  been fixed.
* Initial searching support has been added.


openvas-manager 0.9.8 (2009-12-21)

This is the fourteenth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Jan-Oliver Wagner, Felix Wolfsteller and Michael Wiegand.

Main changes since 0.9.7:

* Database performance has been improved.
* Credential management has been improved.
* Initial agent support has been added.
* Support for cross-referencing in tasks, configs and targets has been added.


openvas-manager 0.9.7 (2009-12-08)

This is the thirteenth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Michael Wiegand and Tim Brown.

Main changes since 0.9.6:

* A bug which caused the number of selected NVTs within a family to be wrongly
  calculated under certain circumstances has been fixed.


openvas-manager 0.9.6 (2009-12-01)

This is the twelfth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Felix Wolfsteller.

Main changes since 0.9.5:

* Support for empty scan config templates has been added.


openvas-manager 0.9.5 (2009-11-30)

This is the eleventh development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Felix Wolfsteller.

Main changes since 0.9.4:

* Server preference handling has been improved.
* The build environment has been made more robust.
* Support for per-NVT timeouts has been added.
* The database upgrade has been made more flexible.
* The library used for UUID generation has been changed to a more widely
  available library.
* Updating of the internal cache has been improved.
* The layout of the PDF reports has been improved.
* An issue with long task start times has been fixed.
* Cache management has been improved.


openvas-manager 0.9.4 (2009-11-23)

This is the tenth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Matthew Mundell and Felix Wolfsteller.

Main changes since 0.9.3:

* The layout of the PDF reports has been improved.
* A bug which broke DB migration under certain circumstances has been fixed.
* Support for NVT family retrieval and configuration management has been
  introduced.
* Cache management has been improved.


openvas-manager 0.9.3 (2009-11-09)

This is the ninth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Matthew Mundell, Felix Wolfsteller and Michael Wiegand.

Main changes since 0.9.2:

* Database handling and migration has been improved.
* Code cleanup.
* NVT selection based on the family attributed has been introduced.
* Sorting parameters have been added to most data retrieval commands.
* Support for retrieving NVT preferences has been introduced.
* The NBE output has been harmonized with the NBE output of openvas-client.
* Support for filtering results has been added.
* The layout of the LaTeX reports has been improved.
* The layout of the PDF reports has been improved.


openvas-manager 0.9.2 (2009-10-26)

This is the eigth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Tim Brown, Matthew Mundell, Felix Wolfsteller, Jan-Oliver Wagner and Michael
Wiegand.

Main changes since 0.9.1:

* Improved preference caching.
* Support for migrating old openvas-manager databases has been added.
* Pidfile management has been refactored.
* LSC support has been improved.
* The layout of the LaTeX reports has been improved.
* Many more fixes and improvements.


openvas-manager 0.9.1 (2009-10-19)

This is the seventh development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Tim Brown, Matthew Mundell, Felix Wolfsteller, Jan-Oliver Wagner and Michael
Wiegand.

Main changes since 0.9.0:

* NVT preferences are now cached in the database.
* Support for storing and sending files has been added.
* Parsing of the NVT category has been fixed.
* Premature pidfile deletion has been fixed.
* The START_TASK response now contains the id of the report for this scan.
* Many more fixes and improvements.


openvas-manager 0.9.0 (2009-09-30)

This is the sixth development release of the openvas-manager module
for the Open Vulnerability Assessment System (OpenVAS).

Many thanks to everyone who has contributed to this release:
Mattew Mundell, Felix Wolfsteller and Jan-Oliver Wagner.

Main changes since 0.8.1:

* Moved OMP library to openvas-libraries
* openvas-libraries >= 3.0 now required
* Add support of OMP commands CREATE_LSC_CREDENTIAL,
  DELETE_LSC_CREDENTIAL and GET_LSC_CREDENTIALS.
* Many fixes and improvements

openvas-manager 0.8.1 (2009-09-14)

This is a maintenance release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS).

It contains a number of small improvements and bugfixes.


openvas-manager 0.7.0 (2009-08-21)

This is a maintenance release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS).

It contains considerable changes and vastly improved functionality.


openvas-manager 0.6.1 (2009-06-22)

This is a maintenance release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS).

It contains a few minor changes to improve compatibility with the Debian
packaging system and other OpenVAS modules.


openvas-manager 0.6.0 (2009-06-18)

This is the second public release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS).

It offers improved support for the new OpenVAS Management Protocol (OMP) and
new and improved functionality.
The following areas have been added or significantly improved:
- User authentication
- Task ID assignment (UUIDs)
- Retrieving checksums of the NVT collection
- NVT information retrieval
- Certificate handling

In addition, the protocol implementation has been updated to match
the specification more closely.


openvas-manager 0.5.0 (2009-05-08)

This is the first public release of the openvas-manager module for the Open
Vulnerability Assessment System (OpenVAS).

The OpenVAS Manager aims to be a layer between OpenVAS-Client and
the actual OpenVAS Server. Basically it should be responsible for
any tasks where no high system privileges are required.

This module is in an early development stage and not yet intended for
production use.

It is not mandatory to have OpenVAS Manager for using OpenVAS 1.0 or 2.0.

Usage example:
If openvasd is running on port 7772, the following command starts the manager
on port 1241.  The client can then connect to port 1241 as though it was
connecting to openvasd.

# openvasmd --port 1241 --sport 7772

More information about the command line arguments can be obtained using:

# openvasmd --help
