clair

• Switched to a static TLS Cipher Suite that does not use 3DES, protecting clients from suffering from Sweet32
• Fixed debugging log lines that were being printed always
• Added exponential backoff for updater failures (thanks @reasonerjt)

This release includes a fix for mapping Ubuntu Cosmic to the proper namespace.

This release includes two fixes:

• NVD has moved onto AWS. We've updated to use that more scalable
  database.
• HTTP requests now have a useragent to allow internal and external
  networks to segment traffic. Thanks to Jean Michel MacKay (@MackJM)

This release points Clair to Alpine Security DB to a GitHub repository because their servers were unable to handle the traffic from Clair users.

Thanks to Daniel Jiang (@reasonerjt)

• Huge thanks to Jean Michel MacKay (@MackJM) who updated Clair to pull from Ubuntu's new git repository -- this removes the dependency on bzr, which has previously caused networking and performance problems.
• Thanks to Nick Johns (@ninjaMog) who updated Clair to use HTTPS for NVD metadata source and patched Clair to temporarily point to the new location for the archived Ubuntu bzr repository.

This release contains two bug fixes:

• Upgrade to Go 1.10 to fix binding to "0.0.0.0" on IPv4-only systems
  • Thanks to @usr42 and @hhomar
• Add Ubuntu Bionic namespace detection
  • Thanks @qeqar

This release contains two bug fixes:

• Updater: Sleep before continuing the lock loop.
• Correctly identify RHEL images.
  • Thanks @joerayme!

This release contains two bug fixes:

• Upgrade Debian release mapping to newly released Debian versions
  • Thanks Renzo Toma
• Fix Ubuntu release mapping to properly strip extraneous data extracted from a layer
  • Thanks Alina Radu

This major release of Clair contains:

1 Breaking Change:

• Config Files must be updated to a new format for specifying database connections

Major Features:

• Alpine Linux support (apk format, Alpine-SecDB source)
• Oracle Linux support (Oracle Linux Security Database source)
• Introduced Version Formats for more accurate comparisons (e.g. rpm, dpkg)
• Migrated to structured logging via JSON

Minor Features:

• Various readability improvements to errors and documentation

Changelog:

• Fixed duplicate key value violates unique constraint when fetching Red Hat data sources

Changelog:

• Added support for Ubuntu 16.10 (Yakkety Yak)

Changelog:

• Fixed reporting for RHEL (#229)

Changelog:

• Fix reporting for CentOS 5 (#217)

Changelog:

• Force HTTPS for Ubuntu's repository fetching (#188)

Changelog:

• Performance fixes for notifications
  • pgsql: use subquery to plan GetNotification query (#182)
  • pgsql: remove unnecessary join used in GetNotification (#179)

Changelog:

• Allow arbitrary headers to be specified in analyze layer requests, e.g. Authorization
• Clean up temporary folders created by analyze-local-images

Changelog:

• Added instructions for running on Kubernetes
• Fixed multiple panics when using an invalid configs
• Added default config location: /etc/clair/config.yml
• Added HTTP Proxy support to webhook notifier
• Added URL validation to webhook notifier
• Fixed the health check endpoint's response status code

The first stable release of Clair!

This release includes:

• a revamped database interface with a performant PostgreSQL implementation
• a stable, general-purpose RESTful JSON API
• ACI support
• standardized extension points throughout the codebase