20231116

What's Changed

• Fixed issue of blank evidence name in the Web API by @Igor8mr in #1334
• PostgreSQL SCRAM password cracking by @Fryyyyy in #1192
• Added statistics and workers commands to API by @Igor8mr in #1332
• Reformatted the TaskMarkdownReport and the RequestMarkdownReport by @Igor8mr in #1337
• Implemented TurbiniaEvidence object in Redis by @Igor8mr in #1330
• Added evidence upload and related endpoints to API server and client by @Igor8mr in #1335
• Generated OpenAPI code for evidence, workers and statistics by @Igor8mr in #1339
• Add VERSION_CHECK configuration setting. by @hacktobeer in #1347
• Modify password cracking by @Fryyyyy in #1346
• Add Fraken docker build file by @hacktobeer in #1353
• Fix download extension by @aarontp in #1355
• Update turbinia-api-client and turbinia-client by @jleaniz in #1357
• Fix API client typo by @aarontp in #1362
• Update googleclouddisk name by @jleaniz in #1372
• Update readme by @jleaniz in #1374
• Update README.md by @jleaniz in #1377
• Fix SSH Task and other required states by @aarontp in #1368
• Remove unused autogen tests and add cli tests by @jleaniz in #1371
• Bump @babel/traverse from 7.20.12 to 7.23.2 in /web by @dependabot in #1382
• Delete outdated k8s configuration and documentation by @hacktobeer in #1356
• Re-order Issue template items by @aarontp in #1364
• Add version command and decouple evidence requests by @jleaniz in #1369
• Manage dependencies using Poetry by @jleaniz in #1348
• Update report filtering by @aarontp in #1358
• Upgrade bulk extractor by @HolzmanoLagrene in #1381
• Add utilities for partition code to worker. by @hacktobeer in #1387
• Add check to e2e test to verify all containers come up. by @hacktobeer in #1389
• Dockerization of Job dependencies by @hacktobeer in #1349
• Speedup e2e docker image builds by @hacktobeer in #1391
• GCP debs fix and removal of some unused code by @wajihyassine in #1390
• Update turbinia-client version by @jleaniz in #1392
• Update CLI Poetry to allow Python3.9 by @wajihyassine in #1393
• Bump axios from 1.2.2 to 1.6.0 in /web by @dependabot in #1394
• Fix unique tasks and sort/filtering in report output by @aarontp in #1395
• Filter ContainerEnumeration output by @aarontp in #1351
• update version to 20231116 for release by @aarontp in #1396

Full Changelog: 2023080...2023111

20230808

What's Changed

• Add apt-get upgrade to worker Dockerfile by @hacktobeer in #1316
• Change metric type Gauge to Counter by @hacktobeer in #1321
• Remove curl gpg key command for GIFT PPA worker Docker build by @hacktobeer in #1322
• Update worker to be Celery >6.0 compatible by @hacktobeer in #1323
• Fixes / Typos by @jaegeral in #1329
• Fixed problem with evidence name on Web API by @Igor8mr in #1326
• Validate newly created evidence output files after processing by @jleaniz in #1325
• Optimize Turbinia worker and server docker image. by @hacktobeer in #1324

Full Changelog: 2023072...2023080

20230726

What's Changed

• Add logging to check-lockfile script by @jleaniz in #1269
• SSH brute force analyzer by @roshanmaskey in #1211
• Add volumes option to log2timeline command. by @hacktobeer in #1273
• Fix worker lock by @jleaniz in #1274
• Minor updates to auth_helper, turbinia-client and API server by @jleaniz in #1277
• Fix error when creating summary report by @jleaniz in #1278
• Refactor request status logic by @jleaniz in #1283
• Helm K8s by @wajihyassine in #1271
• Fix missing/typoed parameters in docstrings by @Onager in #1293
• Convert strings in turbinia/api/* to fstrings by @Onager in #1292
• Convert strings in turbinia/jobs/* to fstrings by @Onager in #1290
• Convert strings in turbinia/*.py to fstrings by @Onager in #1289
• Convert strings in turbinia/lib/* to fstrings by @Onager in #1288
• Convert strings in turbinia/processors/* to fstrings by @Onager in #1287
• Convert strings in turbinia/workers/* to fstrings by @Onager in #1286
• Change linux_acct analysis task to use Shadow artifact and some minor cleanup by @Onager in #1284
• Convert strings in turbinia/config/* to fstrings by @Onager in #1291
• Late import Turbinia API server by @jleaniz in #1296
• Update turbinia client version by @jleaniz in #1298
• Added evidence size and name to the API by @Igor8mr in #1295
• Add apt-get upgrade commands to Docker build files. by @hacktobeer in #1303
• Bump word-wrap from 1.2.3 to 1.2.4 in /web by @dependabot in #1310
• Updated the Pydantic functions used by the API by @Igor8mr in #1312
• Add bug, FR, and PR request templates by @wajihyassine in #1314
• Updates to turbinia-client formatter by @jleaniz in #1315
• Created the redis-tool script to query, delete, dump and restore keys in Redis. by @Igor8mr in #1299

New Contributors

• @Igor8mr made their first contribution in #1295

Full Changelog: 2023031...2023072

20230315

What's Changed

• Small fix for image_export.py by @dfjxs in #1265
• Bump webpack from 5.74.0 to 5.76.1 in /web by @dependabot in #1266

Full Changelog: 2023021...2023031

20230214

What's Changed

• K8s oauth2 deploy by @wajihyassine in #1168
• Update some Task timeouts by @aarontp in #1197
• GKE node autoscaling by @wajihyassine in #1193
• Make sure partition attributes are set by @aarontp in #1202
• Update index.rst by @hed-g in #1205
• Fix vscode Dockerfile by @aarontp in #1206
• Fix containerd worker by @roshanmaskey in #1207
• Openssl tests failure by @wajihyassine in #1219
• Bump json5 from 2.2.1 to 2.2.3 in /web by @dependabot in #1212
• Changes to EwfDisk required attributes by @jleaniz in #1218
• Update k8s request and limits by @wajihyassine in #1217
• Add APFS Support by @dfjxs in #1220
• Web UI V2 - TaskList TaskDetails and export task and request output by @wajihyassine in #1210
• Turbinia API client by @jleaniz in #1128
• Fix yara DL in dockerbuild by @wajihyassine in #1221
• Remove turbinia-api-client package by @jleaniz in #1235
• Fix for duplicate UUID issue in XFS image mounts by @wajihyassine in #1231
• Add node autoscaling to pubsub script by @wajihyassine in #1224
• Fix permission on loadtest scripts by @wajihyassine in #1222
• update web versions to latest and update default WEB_UI path by @wajihyassine in #1223
• Fix typos by @jleaniz in #1225
• Fix for run_time calculation and increase server side timeout buffer by @wajihyassine in #1215
• Rename client lib by @jleaniz in #1236
• API Server documentation by @jleaniz in #1232
• Make API client docs visible in ReadTheDocs by @jleaniz in #1238
• API CLI tool documentation by @jleaniz in #1227
• Fix requirements by @jleaniz in #1252
• Fix client docs by @jleaniz in #1251
• Add LUKS Encryption Support by @dfjxs in #1253
• Fix ReadTheDocs rendering by @jleaniz in #1256
• Minor fix by @Fryyyyy in #1259
• Bump @sideway/formula from 3.0.0 to 3.0.1 in /web by @dependabot in #1262
• Logging, filelock, sleep updates by @wajihyassine in #1258
• K8s resource updates by @wajihyassine in #1260

New Contributors

• @hed-g made their first contribution in #1205

Full Changelog: 2022120...2023021

20221201

What's Changed

• Update pylintrc by @jleaniz in #1179
• Bump loader-utils from 1.4.0 to 1.4.1 in /web by @dependabot in #1183
• Add optional /home/ to Jenkins path by @Fryyyyy in #1187
• Escape forward slashes in rule metadata by @Fryyyyy in #1188
• Bump loader-utils from 1.4.1 to 1.4.2 in /web by @dependabot in #1190
• Bump Docker container base images to Ubuntu22.04 by @jleaniz in #1133
• Cloud provider fix by @wajihyassine in #1194

Full Changelog: 2022110...2022120

20221103

What's Changed

• New containerd enumeration and evidence type and mounting
• Added new mechanism to generate command line flags directly from evidence attributes
• Yara Task and Fraken fixes, pre-validate Yara rules and set minimum score
• GKE load testing
• New controller pod, and pubsub deployment updates
• Cron task rule updates
• Expand Postgres compromise rule to cover Yugabyte
• Several fixes in GCP device paths, Docker config mapping, documentation links, dev container packages, typos in configs, and more.
• Updates in web and go-yara versions

New Contributors

• @roshanmaskey made their first contribution in #1141

Full Changelog: 2022091...2022110

20220919

What's Changed Summary

• Turbinia Web UI V1 and related containers and deployment scripts
• Turbinia API Server and docker container
• New Yara scanner with new rules/analysis and replacement of text matching analysis Tasks
• Support for ExpertWitnessFormat disk images
• Filter/Optimize Partitions Processed by default
• Optimize PlasoJob by splitting into parallel subtasks and other optimizations
• Extract domain controller creds and support for Yescrypt for password cracking
• Loopback device race condition + device check fixes
• Different extensions for psort output_formats
• Standardizing stdout and sterr for docker and system executions
• Several other bugfixes and clean-ups

New Contributors

• @Idaht made their first contribution in #1108
• @Simon-Berg made their first contribution in #1112
• @HolzmanoLagrene made their first contribution in #1129

Full Changelog: 2022070...2022091

20220701

• Update task_manager to set psq only when server is running
• Add scripts for deployment of dfDewey datastores
• New PGSQL account analyser
• Integration of custom Yara rules to be used by the Loki analyzer
• Update triage recipes to match new artifact names
• Change default logger to stdout from stderr
• Yara rule to detect Redis exploitation and enables Kinsing detection rules by increasing max file size
• Few fixes to k8s scripts around IAM permissions to cluster and enabling GCP resources
• Adding descriptive Evidence names
• Other minor bug fixes and enhancements

20220504

• Generate timelines for each enumerated docker container individually
• Tracking/storing bulk request group_name and reason (incident ID) for requests
• Fix server-side task timeout issue causing server crash
• Several changes to partition enumeration to make it more stable and transparent
• Updated build uses new dfVFS version which fixes partition enumeration path_spec errors
• Update FilesystemTimelineTask to use updated dfVFS interface
• Updates to GKE management script to make running version explicit
• Fixes for Job allow/deny lists and Yara rules to work with CLI flags
• Refactoring PubSub client to use discover API client
• Fixes so analysis Tasks can run inside enumerated containers
• Fix Evidence auto-upload from turbiniactl