Skip to main content

Electronic Update Release Notes

The following issues have been addressed in the Electronic Update.

Issues/Bugs Addressed

The following issues and bugs have been addressed.

Release DateIssue IDIssue Summary
2026-02-27SCA-59817Backfilled missing license short names.
2026-02-27SCA-59631Collected and populated release_date values for Maven data in our data library, covering 3,000,000 versions.
2026-02-27SCA-58905Restored the GitLab collector to a running state by updating it to use the latest GitLab REST APIs.
2026-02-27SCA-59445Corrected false-positive vulnerabilities and incorrect versions for the tcpdump-libpcap component.
2026-02-27SCA-59630Updated the Debian mapper to remove false-positive vulnerabilities for the madler-zlib component.
2026-02-27SCA-59652Enhanced the CPAN collector to support recent CPAN API changes.
2026-01-27SCA-43040Data collection from https://packages.confluent.io and JBoss https://repository.jboss.org/nexus/content/groups/public/ are an addition to our list of data collectors.
2026-01-27SCA-59446Fixed the issue of false negative vulnerability CVE which was missing in inventory but shown in Alerts in FNCI.
2026-01-27SCA-59444Fixed the False negative vulnerabilities of the component pnggroup-libpng 1.6.44.
2026-01-27SCA-58793Manually added the font util component along with the required versions.
2026-01-27SCA-58276Enhancement to Npmjs collectors to handle package URLs returning 404(not found) errors.
2025-12-22SCA-59138Enhanced the licenses collection to support viewing Commercial License details in FNCI/Code Insight.
2025-12-22SCA-59053Fixed the ambiguity in Apache and BSD style license and remapped the components to licenses BSD-3 and Apache-2.0.
2025-12-22SCA-59152Fixed the vulnerability detection inconsistency for HDF5 1.14.6 between FNCI and Dependency Track/NIST.
2025-12-15SCA-58958Data collection to support the License Obligation details view.
2025-12-15SCA-59074Added the new vulnerability CVE 2025 55182 to the data library.
2025-12-15SCA-59067Fixed CopyrightsExtractorTool to remove special characters from copyright statements to ensure clean and consistent formatting.
2025-12-15SCA-58891Fixed the false negative vulnerability mappings (CVE 2018 12533 for the component RichFaces.
2025-11-06SCA-58679Previously, the PDL failed to optimize. This issue has been resolved, and the PDL now optimizes successfully.
2025-10-23SCA-57532The SPDX license mapping file has been updated to include all current SPDX license IDs, which are mapped to their common license names.
2025-10-23SCA-58608The vulnerability counts, which is reflected by the Vulnerabilities bar graph, now successfully include the vulnerabilities with MODERATE severity.
2025-10-07SCA-58418Add CVSS 3 score Calculation and Column for GHSA Collector
2025-10-07SCA-57695AI Suggestions for Versions in Data side work
2025-05-07SCA-56904The CVE-2025-0725 vulnerability was failed to map to any component version. It has now has been correctly mapped to the curl component.
2025-05-07SCA-57216A failure is observed when adding inventory items to projects that include certain versions of specific components.
2025-04-14SCA-53652Verification of KEV data.
2025-03-31SCA-53597Collection of KEV data.
2025-03-17SCA-56614Resolved the exceptions for few collectors, including Maven-central, Googles-Maven and Clojars.

Collector Status

The following table lists the collector status information.

NameDate of Last Successful Run
Alpine2026-02-25
Clojars2025-11-06
Cocoapods2026-02-24
Conan2026-02-26
Cpan2026-02-26
Cran2026-02-21
Crates2023-04-20
Debian2026-02-23
fedora-koji2025-10-27
Github2026-02-25
Gitlab2026-02-12
Go2026-02-23
Hackage2026-02-22
maven2-ibiblio2026-02-04
maven-google2025-11-21
Npm2026-02-12
nuget gallery2026-02-12
packagist2025-11-03
Pypi2025-11-03
rubygems2026-02-19

Enhanced License Detection Capability for Licenses

The following table lists updated or added license detection capability and license evidence mechanism.

Release DateLicense
2025-03-31Apache-1.1

New/Update License Requests

The following table lists new or updated license requests.

Release DateLicense request
2025-09-10TGPPL-1.0 License (license-id 2306)
bpmn.io License (license-id 2307)

New/Update Component Requests

The following table lists the new or updated component requests.

Release DateComponent
2026-01-27font-util (component_id: 39490220) url: https://gitlab.freedesktop.org/xorg/font/util/
2025-10-07wireless-regdb (component_id: 38732478)
zlib (component_id: 38732980)
compuphase-uniform-palette (component_id: 38733781)
power-profiles-daemon (component_id: 38740783)
deconcept-swfobject (component_id: 38741284)
ethtool (component_ deconcept-swfobject id: 38741585)
2025-08-22libxtrans (Component_Id: 37765164)
xserver-xorg (Component_Id: 37765165)
xsettings-daemon (Component_Id: 37765166)
The-Ultimate-Toolbox-Home-Page (Component_Id: 37776061)
2025-05-26npth component (Component_Id: 27220059)

New/Update Component Versions Requests

The following table lists the new or updated component version requests.

Release DateComponent version
2025-10-07wireless-regdb, zlib, compuphase-uniform-palette, power-profiles-daemon, deconcept-swfobject, ethtool, Documentation Utilities, lttng/lttng-modules, batista/libxml2, PostgreSQL, rollup-rollupjs.org, apache-cxf, deconcept-swfobject
2025-08-22libxtrans, xserver-xorg, xsettings-daemon, gnu-gnutls, dhcp, xhost, libdmx, sysvinit, Wrapper, gettext, relaxing, snmp_pp, The-Ultimate-Toolbox-Home-Page, SNMP4j
2025-06-30sudo, busybox, eclipse-tcf, mktemp, php, efibootmgr, opkg-utils, and xmodmap
2025-06-10accountsservice, cairo, sdparm, python-devel, krb5-devel, rsyslog, pycairo, gdb, RPCBind, man-pages, mdadm, libtirpc, pcre, mpg123, hdparm, alsa-utils, swig, smartmontools, e2fsprogs.
2025-05-26java-service-wrapper, apache-commons-net, cpu-z, 7-zip, expat, apache-xalan-j, dbus-python, apache-httpd, mako, openssh, samba, gnupg, libtevent, ibtasn1, libgfortran.
2025-05-07webkitgtk, PostgreSQL, D-Bus, openldap, Apache-CXF, Apache-PDFBox, and Apache-Log4j.