Skip to content

Commit 82a1ebf

Browse files
YamatoSecurityYamatoSecurity
committed
finalize 3.8.0
1 parent 4ebff4a commit 82a1ebf

File tree

6 files changed

+43
-35
lines changed

6 files changed

+43
-35
lines changed

CHANGELOG-Japanese.md

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
# 変更点
22

3-
## x.x.x [xxxx/xx/xx]
3+
## 3.8.0 [2026/01/31] - Winter Release
44

55
**バグ修正:**
66

77
- MaxMindのコンパイルエラーを直した。 (#1722) (@fukusuket)
88
- `-GeoIP`が指定された場合、GeoIPフィールドはJSONタイムラインの`Details``ExtraFieldInfo`の両方に出力されていた。 (#1724) (@fukusuket)
99
- 破損したログによるパニックの可能性を修正した。 (#1732) (@fukusuket)
1010

11+
**脆弱性修正:**
12+
13+
- HTMLレポートにおけるXSS脆弱性を修正した。ユーザが(標準の`.evtx`ファイルではなく)JSON形式でエクスポートされたログをスキャンし、攻撃者がそれらのログの`Computer`フィールドに悪意のあるJavaScriptを注入できる場合に発生する問題。 (@fukusuket)
14+
1115
## 3.7.0 [2025/11/15] - CODE BLUE Release
1216

1317
**新機能:**

CHANGELOG.md

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
# Changes
22

3-
## x.x.x [xxxx/xx/xx]
3+
## 3.8.0 [2026/01/31] - Winter Release
44

55
**Bug Fixes:**
66

77
- Fixed MaxMind compile error. (#1722) (@fukusuket)
88
- When `-GeoIP` is specified, the GeoIP fields were outputed in both the `Details` and `ExtraFieldInfo` in the JSON timelines. (#1724) (@fukusuket)
99
- Fixed a possible panic with corrupted logs. (#1732) (@fukusuket)
1010

11+
**Vulnerability Fixes:**
12+
13+
- Fixed an XSS vulnerability in the HTML report if a user scans JSON exported logs (not the standard `.evtx` files) and an attacker has the ability to inject malicious Javascript in the `Computer` field of those logs. (@fukusuket)
14+
1115
## 3.7.0 [2025/11/15] - CODE BLUE Release
1216

1317
**New Features:**

Cargo.lock

Lines changed: 11 additions & 11 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.toml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
[package]
22
name = "hayabusa"
3-
version = "3.8.0-dev"
3+
version = "3.8.0"
44
repository = "https://github.com/Yamato-Security/hayabusa"
55
authors = ["Yamato Security @SecurityYamato"]
66
edition = "2024"
@@ -38,9 +38,9 @@ maxminddb = "0.*"
3838
memchr = "2.*"
3939
mimalloc = { version = "*", default-features = false }
4040
nested="*"
41-
num = "0.4.0"
41+
num = "0.4.3"
4242
num-format = "*"
43-
pulldown-cmark = { version = "0.9.*", default-features = false, features = ["simd"] }
43+
pulldown-cmark = { version = "013.*", default-features = false, features = ["simd"] }
4444
rand = "0.9.*"
4545
regex = "1"
4646
serde = { version = "1.*", features = ["derive"] }
@@ -52,10 +52,10 @@ terminal_size = "*"
5252
tokio = { version = "1", features = ["full"] }
5353
ureq = "*"
5454
wildmatch = "2.*"
55-
yaml-rust2 = "0.10"
56-
rust-embed={version = "8.8.0", features = ["include-exclude", "debug-embed"]}
55+
yaml-rust2 = "0.11"
56+
rust-embed={version = "8.11.0", features = ["include-exclude", "debug-embed"]}
5757
encoding_rs = "0.8.35"
58-
uuid = { version = "1.18.1", features = ["v4"] }
58+
uuid = { version = "1.20.0", features = ["v4"] }
5959
winapi = { version = "0.3.9", features = ["wow64apiset"] }
6060

6161
[profile.dev]

rules

Submodule rules updated 31 files

src/detections/configs.rs

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -956,7 +956,7 @@ fn check_thread_number(config: &Config) -> Option<usize> {
956956
pub enum Action {
957957
#[clap(
958958
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
959-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe csv-timeline <INPUT> [OPTIONS]\n\n{all-args}",
959+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe csv-timeline <INPUT> [OPTIONS]\n\n{all-args}",
960960
term_width = 400,
961961
display_order = 292,
962962
disable_help_flag = true
@@ -966,7 +966,7 @@ pub enum Action {
966966

967967
#[clap(
968968
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
969-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe json-timeline <INPUT> [OPTIONS]\n\n{all-args}",
969+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe json-timeline <INPUT> [OPTIONS]\n\n{all-args}",
970970
term_width = 400,
971971
display_order = 360,
972972
disable_help_flag = true
@@ -976,7 +976,7 @@ pub enum Action {
976976

977977
#[clap(
978978
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
979-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe log-metrics <INPUT> [OPTIONS]\n\n{all-args}",
979+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe log-metrics <INPUT> [OPTIONS]\n\n{all-args}",
980980
term_width = 400,
981981
display_order = 382,
982982
disable_help_flag = true
@@ -986,7 +986,7 @@ pub enum Action {
986986

987987
#[clap(
988988
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
989-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe logon-summary <INPUT> [OPTIONS]\n\n{all-args}",
989+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe logon-summary <INPUT> [OPTIONS]\n\n{all-args}",
990990
term_width = 400,
991991
display_order = 383,
992992
disable_help_flag = true
@@ -996,7 +996,7 @@ pub enum Action {
996996

997997
#[clap(
998998
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
999-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe eid-metrics <INPUT> [OPTIONS]\n\n{all-args}",
999+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe eid-metrics <INPUT> [OPTIONS]\n\n{all-args}",
10001000
term_width = 400,
10011001
display_order = 310,
10021002
disable_help_flag = true
@@ -1006,7 +1006,7 @@ pub enum Action {
10061006

10071007
#[clap(
10081008
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
1009-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe expand-list <INPUT> [OPTIONS]\n\n{all-args}",
1009+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe expand-list <INPUT> [OPTIONS]\n\n{all-args}",
10101010
term_width = 400,
10111011
display_order = 311,
10121012
disable_help_flag = true
@@ -1016,7 +1016,7 @@ pub enum Action {
10161016

10171017
#[clap(
10181018
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
1019-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe extract-base64 <INPUT> [OPTIONS]\n\n{all-args}",
1019+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe extract-base64 <INPUT> [OPTIONS]\n\n{all-args}",
10201020
term_width = 400,
10211021
display_order = 311,
10221022
disable_help_flag = true
@@ -1026,7 +1026,7 @@ pub enum Action {
10261026

10271027
#[clap(
10281028
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
1029-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe pivot-keywords-list <INPUT> [OPTIONS]\n\n{all-args}",
1029+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe pivot-keywords-list <INPUT> [OPTIONS]\n\n{all-args}",
10301030
term_width = 400,
10311031
display_order = 420,
10321032
disable_help_flag = true
@@ -1036,7 +1036,7 @@ pub enum Action {
10361036

10371037
#[clap(
10381038
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
1039-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe search <INPUT> <--keywords \"<KEYWORDS>\" OR --regex \"<REGEX>\"> [OPTIONS]\n\n{all-args}",
1039+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe search <INPUT> <--keywords \"<KEYWORDS>\" OR --regex \"<REGEX>\"> [OPTIONS]\n\n{all-args}",
10401040
term_width = 400,
10411041
display_order = 450,
10421042
disable_help_flag = true
@@ -1046,7 +1046,7 @@ pub enum Action {
10461046

10471047
#[clap(
10481048
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
1049-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n {usage}\n\n{all-args}",
1049+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n {usage}\n\n{all-args}",
10501050
term_width = 400,
10511051
display_order = 470,
10521052
disable_help_flag = true
@@ -1056,7 +1056,7 @@ pub enum Action {
10561056

10571057
#[clap(
10581058
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
1059-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n {usage}\n\n{all-args}",
1059+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n {usage}\n\n{all-args}",
10601060
term_width = 400,
10611061
display_order = 380,
10621062
disable_help_flag = true
@@ -1066,7 +1066,7 @@ pub enum Action {
10661066

10671067
#[clap(
10681068
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
1069-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n {usage}\n\n{all-args}",
1069+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n {usage}\n\n{all-args}",
10701070
term_width = 400,
10711071
display_order = 451,
10721072
disable_help_flag = true
@@ -1084,7 +1084,7 @@ pub enum Action {
10841084

10851085
#[clap(
10861086
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
1087-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe computer-metrics <INPUT> [OPTIONS]\n\n{all-args}",
1087+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe computer-metrics <INPUT> [OPTIONS]\n\n{all-args}",
10881088
term_width = 400,
10891089
display_order = 290,
10901090
disable_help_flag = true
@@ -1094,7 +1094,7 @@ pub enum Action {
10941094

10951095
#[clap(
10961096
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
1097-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe config-critical-systems <INPUT> [OPTIONS]\n\n{all-args}",
1097+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe config-critical-systems <INPUT> [OPTIONS]\n\n{all-args}",
10981098
term_width = 400,
10991099
display_order = 291,
11001100
disable_help_flag = true
@@ -2029,7 +2029,7 @@ pub struct ConfigCriticalSystemsOption {
20292029
#[derive(Parser, Clone, Debug, Default)]
20302030
#[clap(
20312031
author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
2032-
help_template = "\nHayabusa v3.8.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe <COMMAND> [OPTIONS]\n hayabusa.exe help <COMMAND> or hayabusa.exe <COMMAND> -h\n\n{all-args}{options}",
2032+
help_template = "\nHayabusa v3.8.0 - Winter Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe <COMMAND> [OPTIONS]\n hayabusa.exe help <COMMAND> or hayabusa.exe <COMMAND> -h\n\n{all-args}{options}",
20332033
term_width = 400,
20342034
disable_help_flag = true
20352035
)]

0 commit comments

Comments
 (0)