Author Archives: ilandrum

SWAMP UPDATE 1.34.6

New icon

The following updates are now available for mir-swamp.org and SWAMP-in-a-Box. The latest SWAMP-in-a-Box version 1.34.6 files can be obtained from the download server or from GitHub.

Noteworthy changes include:

  • We made significant updates to 3rd party sign-up and sign-in have been made. These allow Google sign-in to work after the Google+API was deprecated.
  • Python 3 is now the default language version for Python packages
  • Improvements for archiving downloaded packages from external URLs
  • A new version of Flow (version 0.112.0) is available for assessing web scripting packages that contain JavaScript. This version replaces all other versions.
  • A new version of Retire.js (version 2.0.3) is available for assessing web scripting packages that contain JavaScript. This version replaces all previous versions.
  • The SWAMP web API now returns more specific response codes for successful responses (response codes in the 200-299 range). Newer versions of the SWAMP plugins support the expanded response codes. New versions of the plugins can be found on our GitHub organization’s page.
  • We have updated assessment platform images and dependencies on those platforms.
  • We have discontinued support for Fedora 18, 19, and 20 assessment platforms
  • We have updated backend frameworks to include upgrading to Laravel 7.2
  • General enhancements and bug fixes

Changes specific to SWAMP-in-a-Box include:

  • A new version of Retire.js (version 2.0.3) is available for assessing web scripting packages that contain JavaScript. This version replaces all previous versions. Retire.js requires an internet connection to download the latest information about potential weaknesses. If you have configured a SWAMP-in-a-Box to run without an internet connection you will need to create a new, custom version of Retire.js v2.0.3 to run without internet access. Please refer to the SWAMP-in-a-Box Administrator Manual section 4.3
  • We have updated assessment platform images and dependencies on those platforms. For SWAMP-in-a-Box installations, the Ubuntu 16.04 new platform will be deployed with an upgrade to v1.34.6. For other new platforms you can download the new images and add them to your SWAMP-in-a-Box instance. Please refer to the SWAMP-in-a-Box Administrator Manual for instructions.
  • A new Android Ubuntu 12.04 platform is available for download. This image includes the Android SDK from late 2019. This image is requires significant storage due to the Android SDK. Please refer to the SWAMP-in-a-Box Administrator Manual prior to downloading. The compressed image is approximately 76 GB and the uncompressed image is approximately 150 GB. You can download the Android Ubuntu platform from our download server.
  • We have discontinued support for Fedora 18, 19, and 20 assessment platforms. If you have any of these platforms installed as add-ons, they will be removed when you upgrade to v1.34.6

SWAMP-in-a-Box Update: Developer’s Preview Release v1.35

New iconThe SWAMP-in-a-Box developer’s preview release v1.35 is now available! Note worthy updates in the version include:

  • Ability to run assessments on an Ubuntu 16.04 Docker container
  • Installing SWAMP-in-a-Box on AWS (Amazon Web Services) and run assessments in Docker

Let us know if you have any questions at suppport@continuousassurance.org.

Note: A v1.35 stable release will follow later this Spring.