http://open-source-security-software.net/project/binskim/releases.atom 2025-12-15T02:38:56.119269+00:00 python-feedgen binskim v1.7.0 2020-11-12T23:05:17+00:00 ## v1.7.0 NuGet Package - AUTOMATION BREAKING: Update to .NET Core 3.1. Changes tool paths in NuGet package. - FEATURE: Add --trace argument to enable specialized trace of execution behavior, such as PdbLoad. - Update SARIF version to 2.2.3 - BREAKING Default output is sarif v2 2020-11-12T23:05:17+00:00 binskim v1.7.1 2020-12-10T10:22:57+00:00 ## **v1.7.1** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.7.1) * **BREAKING** Change from self-contained to dotnettool. [#306](https://github.com/microsoft/binskim/pull/306) * BUG FIX: Fix issue when analyze `SingleFilePublish` files. [#311](https://github.com/microsoft/binskim/pull/311) 2020-12-10T10:22:57+00:00 binskim v1.7.2 2020-12-16T21:53:06+00:00 ## **v1.7.2** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.7.2) * **BREAKING**: Revert dotnet-tool. [#316](https://github.com/microsoft/binskim/pull/316) 2020-12-16T21:53:06+00:00 binskim v1.7.3 2021-03-06T12:16:14+00:00 2021-03-06T12:16:14+00:00 binskim v1.7.4 2021-03-06T12:16:35+00:00 2021-03-06T12:16:35+00:00 binskim v.1.7.4 2021-03-06T12:16:35+00:00 2021-03-06T12:16:35+00:00 binskim v1.7.5-prerelease1 2021-03-31T13:59:53+00:00 ## **v1.7.5-prerelease1** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.7.5-prerelease1) * BUGFIX: Fix import/export config using JSON file. [#349](https://github.com/microsoft/binskim/pull/349) * FEATURE: Add compiler report rule BA4001, which is disabled by default. [#350](https://github.com/microsoft/binskim/pull/350) * FEATURE: Add support to specific rule documentation in `HelpUri`. [#348](https://github.com/microsoft/binskim/pull/348) 2021-03-31T13:59:53+00:00 binskim v1.7.5 2021-04-15T21:18:37+00:00 ## **v1.7.5** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.7.5) * BUGFIX: Fix import/export config using JSON file. [#349](https://github.com/microsoft/binskim/pull/349) * FEATURE: Add compiler report rule BA4001, which is disabled by default. [#350](https://github.com/microsoft/binskim/pull/350) * FEATURE: Add support to specific rule documentation in `HelpUri`. [#348](https://github.com/microsoft/binskim/pull/348) 2021-04-15T21:18:37+00:00 binskim v1.9.0-prerelease1 2021-07-28T01:54:37+00:00 ## **v1.9.0-prerelease1** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.9.0-prerelease1) * FEATURE: Add BA3011.EnableBindNow. [#363](https://github.com/microsoft/binskim/pull/363) * FEATURE: Add BA2025.EnableShadowStack. [#376](https://github.com/microsoft/binskim/pull/376) * FEATURE: Add BA3005.EnableStackClashProtection. [#379](https://github.com/microsoft/binskim/pull/379) * BUGFIX: Force load PDB. [#380](https://github.com/microsoft/binskim/pull/380) * BUGFIX: Fix BA2004 for MASM compilers. [381](https://github.com/microsoft/binskim/pull/381) * FEATURE: Add BA3006.EnableNonExecutableStack. [#383](https://github.com/microsoft/binskim/pull/383) * FEATURE: Add BA2026.EnableAdditionalSecurityChecks. [#388](https://github.com/microsoft/binskim/pull/388) * FEATURE: Add BA4002.ReportDwarfCompilerData. [#394](https://github.com/microsoft/binskim/pull/394) * BUGFIX: Fix for E_PDB_MAX error. [#399](https://github.com/microsoft/binskim/pull/399) * BREAKING: Removing win-x86 support. [#401](https://github.com/microsoft/binskim/pull/401) * FEATURE: Add baseline support. [#409](https://github.com/microsoft/binskim/pull/409) * BUGFIX: Fix exception when the PDB is embedded. [#410](https://github.com/microsoft/binskim/pull/410) 2021-07-28T01:54:37+00:00 binskim v1.9.0-prerelease2 2021-09-10T18:44:39+00:00 ## **v1.9.0-prerelease2** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.9.0-prerelease2) * BUGFIX: Fix exception handling when PDB cannot be loaded by `IDiaDataSource`. [#461](https://github.com/microsoft/binskim/pull/461) * BREAKING: PDB exceptions will be reported once per target. [#465](https://github.com/microsoft/binskim/pull/465) * BUGFIX: Fix exception `System.AccessViolationException` caused by trying to read data out of boundary. [#470](https://github.com/microsoft/binskim/pull/470) * BUGFIX: Include C++ runtime in the package to prevent `DllNotFoundException` when loading `msdia140.dll`. [#474](https://github.com/microsoft/binskim/pull/474) * FEATURE: Add dialects to the reporting rules. [#475](https://github.com/microsoft/binskim/pull/475) * BUGFIX: Change compiler report rule to report all modules in file. [#476](https://github.com/microsoft/binskim/pull/476) * BUGFIX: Fix exception `System.ArgumentException` when checking file format. [#481](https://github.com/microsoft/binskim/pull/481) * BUGFIX: Fix opcode handling when reading DWARF line number programs. [#482](https://github.com/microsoft/binskim/pull/482) * BUGFIX: Fix BA3005 to use similar output as BA3003. [#483](https://github.com/microsoft/binskim/pull/483) * BUGFIX: Fix exception `System.AccessViolationException` when reading DWARF string by position. [#484](https://github.com/microsoft/binskim/pull/484) 2021-09-10T18:44:39+00:00 binskim v1.9.0-prerelease3 2021-10-18T19:41:03+00:00 ## **v1.9.0-prerelease3** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.9.0-prerelease3) * BUGFIX: Fix exception when collecting telemetry. [486](https://github.com/microsoft/binskim/pull/486), [#487](https://github.com/microsoft/binskim/pull/487) * FEATURE: Collect/Send assembly references when rule BA4001 is enabled. [#493](https://github.com/microsoft/binskim/pull/493) * FEATURE: Enable multithread analysis. [#495](https://github.com/microsoft/binskim/pull/495) * FEATURE: Package `BinaryParsers` project as a new nuget. [#502](https://github.com/microsoft/binskim/pull/502) * FEATURE: Do not return 1 when `ignorePdbLoadError` is enabled for PDB loading issues. [#506](https://github.com/microsoft/binskim/pull/506) 2021-10-18T19:41:03+00:00 binskim v1.9.0 2021-12-15T10:30:15+00:00 ## **v1.9.0** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.9.0) * BUGFIX: Fix telemetry session creation. [515](https://github.com/microsoft/binskim/pull/515) 2021-12-15T10:30:15+00:00 binskim v1.9.1 2022-01-11T13:24:30+00:00 ## **v1.9.1** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.9.1) * BUGFIX: Fix incorrect analysis for non-Microsoft compiler on BA2006.BuildWithSecureTools. [#545](https://github.com/microsoft/binskim/pull/545) * BUGFIX: Fix `JsonSerializationException` that occurs when saving SARIF v1 with telemetry enabled. [#535](https://github.com/microsoft/binskim/pull/535) * BUGFIX: Fix `NullReferenceException` when `--Hashes` and telemetry rules are enabled. [#531](https://github.com/microsoft/binskim/pull/531) * BUGFIX: Fix error `ERR998.ExceptionInAnalyze` - `PropertiesDictionary` isn't thread safe. [#539](https://github.com/microsoft/binskim/pull/539) 2022-01-11T13:24:30+00:00 binskim v1.9.2 2022-02-03T02:46:54+00:00 ## **v1.9.2** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.9.2) * BUGFIX: Fix `MultithreadedAnalyzeCommandBase` artifacts generation and enforcing JSON properties ordering. [#555](https://github.com/microsoft/binskim/pull/555) 2022-02-03T02:46:54+00:00 binskim v1.9.3 2022-02-16T04:06:33+00:00 ## **v1.9.3** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.9.3) * BUGFIX: Fix `KeyNotFoundException` exception raised by `BA2006.BuildWithSecureTools` when individual `MinimumToolVersions` properties are removed from XML configuration. [#565](https://github.com/microsoft/binskim/pull/565) * BUGFIX: Fix `BA2006.BuildWithSecureTools` is not emitting the compiler list. [Commit SHA 135946](https://github.com/microsoft/binskim/commit/13594680a6ee8beb0ca711d82a7ded2279d3ce4e) 2022-02-16T04:06:33+00:00 binskim v1.9.4 2022-03-14T17:56:19+00:00 ## **v1.9.4** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.9.4) * FEATURE: Add new PE `CV_CFL_LANG` language code for `ALIASOBJ` and `Rust`. [530](https://github.com/microsoft/binskim/pull/530) * BUGFIX: Fix `BA2014.DoNotDisableStackProtectionForFunctions` to eliminate false positive reports that `GsDriverEntry` has disabled the stack protector. [551](https://github.com/microsoft/binskim/pull/551) * BREAKING: Rename `BA2026.EnableAdditionalSdlSecurityChecks` to `BA2026.EnableMicrosoftCompilerSdlSwitch` to clarify rule purpose. [#586](https://github.com/microsoft/binskim/pull/586) * BUGFIX: Fix `Newtonsoft.Json.JsonSerializationException` when reading SARIF V1 with telemetry enabled. [613](https://github.com/microsoft/binskim/pull/613) 2022-03-14T17:56:19+00:00 binskim v1.9.5 2022-06-21T21:38:34+00:00 ## **v1.9.5** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/1.9.5) * Bump ELFSharp from 2.13.2 to 2.14.0. [#628](https://github.com/microsoft/binskim/pull/628) * Bump System.Reflection.Metadata from 5.0.0 to 6.0.1 and System.Collections.Immutable from 5.0.0 to 6.0.0. [#605](https://github.com/microsoft/binskim/pull/605) * Bump ELFSharp from 2.14.0 to 2.15.0. [#631](https://github.com/microsoft/binskim/pull/631) * FEATURE: Enable BinSkim for MacOS. [#576](https://github.com/microsoft/binskim/pull/576) * Bump Sarif.Sdk by updating submodule from [4e9f606 to fc9a9df](https://github.com/microsoft/sarif-sdk/compare/4e9f606bb0e88428866e253352cdc70dc68f98cb...fc9a9dfb865096b5aaa9fa3651854670940f7459). [#638](https://github.com/microsoft/binskim/pull/638) * FALSE POSITIVE FIX: Skip `BA2025.EnableShadowStack` rule for ARM Binaries which cannot use `/CETCOMPAT`. [#650](https://github.com/microsoft/binskim/pull/650) * BUGFIX: Fix missing `commandLineId` from `CommandLineInformation` event. [#652](https://github.com/microsoft/binskim/pull/652) 2022-06-21T21:38:34+00:00 binskim v2.0.0-rc1 2022-11-17T00:18:03+00:00 ## **v2.0.0-rc1** [NuGet Package](https://www.nuget.org/packages/Microsoft.CodeAnalysis.BinSkim/2.0.0-rc1) * BUGFIX: Eliminate `BA2004.EnableSecureSourceCodeHashing` false positives to Windows Runtime components (resulting from references to Win RT API metadata files). * BREAKING: Removed SARIF 1.0 support from BinSkim. Now option `-v | --sarif-output-version` does not accept value `OneZeroZero`. [719](https://github.com/microsoft/binskim/pull/719) * Update Sarif.Sdk submodule from [fc9a9df to e557b69](https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...e557b693000cfc2a19d50f2b6613f92222eabbff). Critically, this update resolves transient [`Collection modified`](https://github.com/microsoft/sarif-sdk/pull/2549) exception during analysis. [#722](https://github.com/microsoft/binskim/pull/722) * Eliminate `BA2015.EnableHighEntropyVirtualAddresses` false positives for some 32-bit exes. [#721](https://github.com/microsoft/binskim/pull/721) * FEATURE: Raw command line passed to the linker now exposed on `ObjectModuleDetail` instances. [#708](https://github.com/microsoft/binskim/pull/708) * BUGFIX: Fix `error ERR997.ExceptionLoadingPdb : '[filename]' was not evaluated because its PDB could not be loaded (E_PDB_NOT_FOUND).` when reading PE file built with `PDBPageSize:8192` or greater, by upgrading msdia140.dll from `14.27.28826.96` to `14.32.31326.0`. [685](https://github.com/microsoft/binskim/pull/685) * FEATURE: Add BA3031.EnableClangSafeStack, rename BA3030.UseCheckedFunctionsWithGcc to BA3030.UseGccCheckedFunctions [#663](https://github.com/microsoft/binskim/pull/663) * Upgrade Sarif.Sdk by updating submodule from [fc9a9df to 698adb6](https://github.com/microsoft/sarif-sdk/compare/fc9a9dfb865096b5aaa9fa3651854670940f7459...698adb6365a242c6bb75adde56e3bd4be39c21d7). [#674](https://github.com/microsoft/binskim/pull/674) * Introduce first performance rule `BA6001.DisableIncrementalLinkingInReleaseBuilds` [#667](https://github.com/microsoft/binskim/pull/667) * Introduce more performance rules `BA6002.EliminateDuplicateStrings`, `BA6004.EnableCOMDATFolding`, `BA6005.EnableOptimizeReferences`, `BA6006.EnableLinkTimeCodeGeneration` [#691](https://github.com/microsoft/binskim/pull/691) * BUGFIX: Fix command line parameter in documents: `-Wl,z,relro` with `-Wl,-z,relro`, and `-Wl,z,now` with `-Wl,-z,now`. [736](https://github.com/microsoft/binskim/pull/736) 2022-11-17T00:18:03+00:00