Presented here is detail on the new features and enhancements introduced in the MSR 3.0.2 release.
[ENGDTR-2669] CVE database update failure information easier to discover
[ENGDTR-3008] Better vulnerability scan summary counts presentation
[ENGDTR-2669] CVE database update failure information easier to discover¶
Offline vulnerability job updates are now scheduled and run by the jobrunner, in much the same way as online vulnerability updates. This allows users to view the job logs associated with any type of vulnerability update job.
The latest job logs for both online and offline vulnerability database
updates can now be seen in the MSR web UI’s Image Scan Status
page or via the new
/api/v0/imagescan/latestjoblog API endpoint.
[ENGDTR-3034] Addition of different webhooks formats¶
Webhook payload formatting can be customized to work with Microsoft Teams or any custom system. This new functionality uses Golang templates to format the message prior to sending it to the webhook recipient.
[ENGDTR-3008] Better vulnerability scan summary counts presentation¶
Improvements have been made to clarify the presentation of vulnerability scan summary counts in the MSR web UI, for Critical, High, Medium, and Low in both the Vulnerabilities column and in the View Details view.
Although ENGDTR-3008 was reported as a known issue for MSR 3.0.1, the reported counts were at all times reliable and factually correct.