Update changelog

cardigliano · cardigliano · commit 03cb8efad611 · 2022-01-31T18:38:02.000+01:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,101 @@
 # CHANGELOG
 
+#### nDPI 4.2 (Feb 2022)
+
+## New Features
+ - Add a "confidence" field indicating the reliability of the classification
+ - Add risk exceptions for services and domain names via ndpi_add_domain_risk_exceptions()
+ - Add ability to report whether a protocol is encrypted
+
+## New Supported Protocols and Services
+ - Add protocol detection for:
+   - Badoo
+   - Cassandra
+   - EthernetIP
+
+## Improvements
+ - Reduce memory footprint
+ - Improve protocol detection for:
+   - BitTorrent
+   - ICloud Private Relay
+   - IMAP, POP3, SMTP
+   - Log4J/Log4Shell
+   - Microsoft Azure
+   - Pandora TV
+   - RTP
+   - RTSP
+   - Salesforce
+   - STUN
+   - Whatsapp
+   - QUICv2
+   - Zoom
+ - Add flow risk:
+   - NDPI_CLEAR_TEXT_CREDENTIALS
+   - NDPI_POSSIBLE_EXPLOIT (Log4J)
+   - NDPI_TLS_FATAL_ALERT
+   - NDPI_TLS_CERTIFICATE_ABOUT_TO_EXPIRE
+ - Update WhatsAPP and Instagram addresses
+ - Update the list of default ports for QUIC
+ - Update WindowsUpdate URLs 
+ - Add support for the .goog Google TLD
+ - Add googletagmanager.com
+ - Add bitmaps and API for handling compressed bitmaps
+ - Add JA3 in risk exceptions
+ - Add entropy calculation to check for suspicious (encrypted) payload
+ - Add extraction of hostname in SMTP
+ - Add RDP over UDP dissection
+ - Add support for TLS over IPV6 in Subject Alt Names field
+ - Improve JSON and CSV serialization
+ - Improve IPv6 support for almost all dissectors
+ - Improve CI and unit tests, add arm64, armhf and s390x as part of CI
+ - Improve WHOIS detection, reduce false positives
+ - Improve DGA detection for skipping potential DGAs of known/popular domain names
+ - Improve user agent analysis
+ - Reworked HTTP protocol dissection including HTTP proxy and HTTP connect
+
+## Changes
+ - TLS obsolete protocol is set when TLS < 1.2 (used to be 1.1)
+ - Numeric IPs are not considered for DGA checks
+ - Differentiate between standard Amazon stuff (i.e market) and AWS
+ - Remove Playstation VUE protocol
+ - Remove pandora.tv from Pandora protocol
+ - Remove outdated SoulSeek dissector
+
+## Fixes
+ - Fix race conditions
+ - Fix dissectors to be big-endian friendly
+ - Fix heap overflow in realloc wrapper
+ - Fix errors in Kerberos, TLS, H323, Netbios, CSGO, Bittorrent
+ - Fix wrong tuple comparison
+ - Fix ndpi_serialize_string_int64
+ - Fix Grease values parsing
+ - Fix certificate mismatch check
+ - Fix null-dereference read for Zattoo with IPv6
+ - Fix dissectors initialization for XBox, Diameter
+ - Fix confidence for STUN classifications
+ - Fix FreeBSD support
+ - Fix old GQUIC versions on big-endian machines
+ - Fix aho-corasick on big-endian machines
+ - Fix DGA false positive
+ - Fix integer overflow for QUIC
+ - Fix HTTP false positives
+ - Fix SonarCloud-CI support
+ - Fix clashes setting the hostname on similar protocols (FTP, SMTP)
+ - Fix some invalid TLS guesses
+ - Fix crash on ARM (Raspberry)
+ - Fix DNS (including fragmented DNS) dissection
+ - Fix parsing of IPv6 packets with extension headers
+ - Fix extraction of Realm attribute in STUN
+ - Fix support for START-TLS sessions in FTP
+ - Fix TCP retransmissions for multiple dissectors
+ - Fix DES initialisation
+ - Fix Git protocol dissection
+ - Fix certificate mismatch for TLS flows with no client hello observed
+ - Fix old versions of GQUIC on big-endian machines
+
+## Misc
+ - Add tool for generating automatically the Azure IP list
+
 #### nDPI 4.0 (July 2021)
 
 ## New Features
