Skip to content

Release Notes

2.10.06

November 09, 2024 * Notifications: Users will no longer receive notifications for public projects in their team's workspace. * Web Console: Fixed an issue with run tags not displaying in Safari

2.10.05

November 07, 2024

  • Web Console: UI improvements, updated dark mode colors, button alignment and spacing issues
  • Web Console: Fixed an issue in the admin dashboard where aggregated test and run counts were not displayed correctly
  • Analysis Engine: Fixed an issue where network targets would exit analysis prematurely and return empty results
  • Analysis Engine: Fixed an issue where test cases from an active run could be linked to defects from a seperate active run on the same target/branch
  • Analysis Engine: Coverage analysis now only includes regression tests if the regression testing task was selected in a run

2.10.04

October 30, 2024

  • Notifications: Notification and account emails now render properly in Apple Mail and Superhuman
  • Web Console: Minor UI tweaks to spacing and alignment, and removal of unnecessary scrolling and pagination
  • Analysis Engine: Improved handling of UDP input/output
  • Analysis Engine: Fixed an issue where cleanup of API test cases was not working as expected
  • Analysis Engine: Improved error handling for variable conflicts in mayhemfile configurations
  • CLI: Rewrote error messages and warnings to be more clear and helpful
  • Installation: Added pre-install checks for existing object storage and queueing services, preventing recreation of existing resources

2.10.03

October 10, 2024

  • Fixed an issue with defect counts being incorrect in the web console

2.10.02

October 09, 2024

New Features

  • Revised Web Console UI and run result displays
  • Mayhem can now ingest third-party SBOMs and generate a Dynamic SBOM of container attack surface from within the UI. To use this, Mayhem must already have a profile of your container's runtime behavior. Currently supports SPDX and CycloneDX.
  • Native support for analyzing virtualized electronic control units (vECUs). Supports vECUs generated with Vector's vVirtualTarget or exposing the Vector OpenSUT API. Use mayhem init --template=opensut to configure Mayhem to trigger and record vECU pins.
  • Harness templates for C/C++ can be automatically generated using mayhem init --template and its subcommands. Currently supports uninstrumented binaries and common fuzz testing instrumentation
  • New defects in Mayhem projects now trigger email alerts to project members. Alerts are sent nightly and include all new defects found by Mayhem.
  • Mayhem's internal registry now inherits access control from the roles and access levels of Mayhem projects. Users can only view/retrievew/analyze artificats associated with projects they have access to. Admins must enable Internal Registry Auth Scoping in the web console for this to take effect.

Fixes & Improvements

  • Significant performance improvements for analysis and triage of all Windows binaries, along with improved performance for analyzing msvc compiled binaries
  • Fixed an issue that slowed and/or blocked analysis of multi-threaded targets with network I/O
  • Fixed an issue where counts of analysis runs and active analysis runs were transposed in the Mayhem Web Console
  • Changed how test case numbers are passed from analysis nodes to Mayhem for triage. This resolves several issues where test case numbers or specific test cases showed up inconsistenly between the CLI and UI
  • Line coverage now properly respects the cwd setting for current working directories