mirror of
https://github.com/NationalSecurityAgency/ghidra.git
synced 2026-05-09 20:18:01 +08:00
GP-0 Updated WhatsNew and ChangeHistory
This commit is contained in:
ghidra1
@@ -1,3 +1,17 @@
|
||||
# Ghidra 12.0.5 Change History (May 2026)
|
||||
|
||||
### Improvements
|
||||
* _Multi-User_. Improved Ghidra Server serialization filters and added serialization filters to client-side Ghidra applications. We may have missed something in our testing so let us know if you encounter an `InvalidClassException`. The log will identify a class which fails to pass the filter rules. (GP-6719)
|
||||
* _Project_. Expanded on the set of allowed special characters for a local Ghidra project path name to include the following: `'.'`, `'-'`, `'='`, `'@'`, `' '`, `'_'`, `'('`, `')'`, `'['`, `']'`, and `'~'`. (GP-6681)
|
||||
* _Scripting_. Made some improvements to the RecoverClassesFromRTTIScript for GCC programs. (GP-6670)
|
||||
|
||||
### Bugs
|
||||
* _Data Types_. Corrected upgrade failure which can occur for Project Data Type Archives. (GP-6649)
|
||||
* _Decompiler_. Updated the Decompiler to not re-decompile when creating a snapshot of the current function. (GP-6629)
|
||||
* _Function_. Corrected possible exception within Function Editor when applying simple parameter renames made within table. (GP-6746)
|
||||
* _GUI_. Corrected behavior of Function Call Tree when traversing thunk functions. (GP-6653)
|
||||
* _Multi-User_. Corrected potential security concern with Ghidra Server PKI Authentication. If using PKI Authentication mode (`-a2`) for the server install, the user should upgrade the server. See reported Ghidra GitHub Pull Request #9109 for more details. (GP-6678, Issue #9109)
|
||||
|
||||
# Ghidra 12.0.4 Change History (March 2026)
|
||||
|
||||
### Improvements
|
||||
|
||||
@@ -15,17 +15,17 @@ applied Ghidra SRE capabilities to a variety of problems that involve analyzing
|
||||
generating deep insights for NSA analysts who seek a better understanding of potential
|
||||
vulnerabilities in networks and systems.
|
||||
|
||||
# What's New in Ghidra 12.0
|
||||
This release includes new features, enhancements, performance improvements, quite a few bug fixes,
|
||||
and many pull-request contributions. Thanks to all those who have contributed their time, thoughts,
|
||||
and code. The Ghidra user community thanks you too!
|
||||
# What's New in Ghidra 12.0.5
|
||||
This patch release addresses some significant bugs and security flaws within Ghidra and the Ghidra
|
||||
Server applications. It is highly recommended that all Ghidra and Ghidra Server installations be
|
||||
upgraded to this release if not already running 12.1 or later.
|
||||
|
||||
### The not-so-fine print: Please Read!
|
||||
Ghidra 12.0 is fully backward compatible with project data from previous releases. However, programs
|
||||
and data type archives which are created or modified in 12.0 will not be usable by an earlier Ghidra
|
||||
Ghidra 12.0.x is fully backward compatible with project data from previous releases. However, programs
|
||||
and data type archives which are created or modified in 12.0.x will not be usable by an earlier Ghidra
|
||||
version.
|
||||
|
||||
**IMPORTANT:** Ghidra 12.0 requires, at minimum, JDK 21 to run.
|
||||
**IMPORTANT:** Ghidra 12.0.x requires, at minimum, JDK 21 to run.
|
||||
|
||||
**IMPORTANT:** To use the Debugger or do a full source distribution build, you will need Python3
|
||||
(3.9 to 3.13 supported) installed on your system.
|
||||
@@ -43,15 +43,13 @@ libraries and operating systems (e.g., CentOS 7.x) may also run into compatibili
|
||||
launching native executables such as the Decompiler and GNU Demangler which may necessitate a
|
||||
rebuild of native components.
|
||||
|
||||
**NOTE:** Ghidra Server: The Ghidra 12.0 server is compatible with Ghidra 11.3.2 and later Ghidra
|
||||
**NOTE:** Ghidra Server: The Ghidra 12.0.5 server is compatible with older Ghidra 11.3.2 and later Ghidra
|
||||
clients, although the presence of any newer link-files within a repository may not be handled properly
|
||||
by client versions prior to 12.0 which lack support for the new storage format. Ghidra 12.0 clients
|
||||
that introduce new link-files into a project will not be able to add such files into version
|
||||
control if connected to older Ghidra Server versions.
|
||||
by client versions prior to 12.0, which lack support for the new storage format. Ghidra 12.0.5 clients
|
||||
require Ghidra Server version 12.0.5 or newer compatible version.
|
||||
|
||||
**NOTE:** Ghidra Server: Due to potential Java version differences, it is
|
||||
recommended that Ghidra Server installations older than 10.2 be upgraded. Those using 10.2 and newer
|
||||
should not need a server upgrade unless they need to work with link-files within a shared repository.
|
||||
**NOTE:** Ghidra Server: Due to security fixes made to Ghidra and the Ghidra Server it is highly
|
||||
recommended that older installation versions be updated to this latest release or 12.1.x.
|
||||
|
||||
**NOTE:** Programs imported with a Ghidra beta version or code built directly from source code
|
||||
outside of a release tag may not be compatible, and may have flaws that won't be corrected by using
|
||||
@@ -64,6 +62,32 @@ process that will provide better results than prior Ghidra versions. You might
|
||||
fresh import of any program you will continue to reverse engineer to see if the latest Ghidra
|
||||
provides better results.
|
||||
|
||||
## Security Related Fixes
|
||||
|
||||
### RMI Serialization Filter Improvements
|
||||
RMI Serialization filters for the Ghidra Server have been tightened and similar filters have been
|
||||
added to Ghidra client applications which may communicate with a Ghidra Server. Please report
|
||||
any unexpected *InvalidClassException* errors, which may occur, to the Ghidra team. If this does occur,
|
||||
please check your Ghidra or server application log files for entries which indicate any filter
|
||||
rejections which would indicate the name of the offending class.
|
||||
|
||||
### Ghidra Server - PKI Authentication Vulnerability
|
||||
For those Ghidra Server deployments which utilize PKI Authentication mode (-a2), a logic bug
|
||||
within the authentication callback to the server could allow an attacker to authenticate as a
|
||||
different user without having access to their private key. Prior to completing the forged
|
||||
authentication callback, the attacker would still need to successfully complete a fully authenticated
|
||||
TLS connection with the Ghidra Server based on the installed Certificate Authorities (CAs).
|
||||
|
||||
## Project Datatype Archive Upgrade Fix
|
||||
|
||||
A severe bug has been corrected which prevented older Project Datatype Archives from opening properly
|
||||
in 12.0.4, during an attempted updgrade.
|
||||
|
||||
|
||||
# What's New in Ghidra 12.0.x
|
||||
|
||||
The significant changes made in earlier 12.0.x releases are reiterated below.
|
||||
|
||||
## Project Data Link Files
|
||||
Support for link-files within a Ghidra Project has been significantly expanded with this release and
|
||||
with it a new file storage type has been introduced which can create some incompatibilities if
|
||||
|
||||
Reference in New Issue
Block a user