Welcome to Lucent Sky AVM version 2003 MR, the second Minor Release of 2020. This release includes major updates to binary and source code analysis engines. It also brings support for the newly released CWE v4.0. To learn more about this release, visit Lucent Sky AVM version 2003 release notes.

New features in 2003 MR

Build

• Custom Java runtimes can now be set to replace the built-in Java runtimes and be used for the build process
• The Java build engine has been updated to improve performance

Binary analysis

• The secondary binary analysis engine for Java has been updated

Source code analysis

• The source code analysis engines for .NET, C/C++, Java, and Python has been updated

Weakness policies

• Weakness policies and the built-in rule package have been updated to support CWE v4.0
• CWE-3 has been removed as part of the update to CWE v4.0

Interface

• The Web UI has been updated
• The CLI has been updated
• The Visual Studio extension and Eclipse plug-in have been updated

Issues fixed in 2003 MR

• We fixed an issue where the timestamps for custom rule packages and runtimes have incorrect time zone.
• We fixed an issue where certain JSP files with JSTL tags failed to compile.
• We fixed an issue where a .ear or .war file can be specified as the target of direct binary analysis.
• We fixed an issue where files skipped during Python source code analysis is not logged.
• We fixed an issue where Maven logs is not being properly written.

Updating to 2003 MR

If you are using Lucent Sky AVM Enterprise or Standard Edition (either on-premise or cloud) and have an active subscription, you can update to 2003 MR immediately. Our support team will reach out to you shortly to schedule an update. If you are using Lucent Sky AVM On-Demand, your server will be updated to 2003 MR in the next few days.