Frequently Asked Questions (FAQ)

Greenbone, GVM and OpenVAS how are they connected

When the OpenVAS project was created it only consisted of an engine for scanning vulnerabilities. Shortly after Greenbone Networks was funded to archive professional support for vulnerability scanning. Greenbone started to lead the development, added several software components and turned OpenVAS into a vulnerability management solution still keeping the values of free software.

After several years it became obvious that using OpenVAS as the brand name for the open source project and funding nearly all development of the project wasn’t recognized from the outside. Therefore after the release of the OpenVAS 9 framework it got renamed to Greenbone Vulnerability Management (GVM) and released as Greenbone Source Edition (GSE). Since GVM 10 the term OpenVAS is only used for the scanner component as it was at the beginning of the project.

For a comprehensive background see History of OpenVAS at https://openvas.org/

GVM, GSE, GCE, GCF, GSF, ... what are these things about

See The Different Flavors of Greenbone Networks’ Technology paper

and the glossary of the gvm-tools documentation

https://gvm-tools.readthedocs.io/en/latest/glossary.html

My Report contains Report outdated / end-of-life Scan Engine

Besides only mentioning GVM Libraries (gvm-libs) in the scan result it means your whole GVM installation is outdated. All software components of our stack need to be updated not only gvm-libs. The software components you are using our not supported anymore. Issues you are currently facing with such a version are very likely already fixed in newer versions. See this table to get an overview of our software versions. This issue needs to be fixed by the provider of your installation of our software, which is most likely your distribution package maintainer.

External issue reports for Report outdated / end-of-life Scan Engine / Environment (local):

Can you help to update my GVM version on Kali, Cent OS, XYZ distribution

Greenbone doesn’t provide any packages for any Linux distribution besides our own commercial Greenbone OS. If you have installed our software from your distribution, an external package repository or even a docker image Greenbone wasn’t involved in providing this installation method to you. The software from these sources may be heavily adjusted, outdated or even completely broken. Therefore if you have issues with the software please contact the provider of the packages first. How to contact the provider really depends and varies.

We are not able to offer any help on updating packages from any external source like Kali, Cent OS, Docker Image, …!

Which release contains which component? GOS version vs. GSE version?

It is often confusing to find out which software component of the Greenbone Source Edition belongs to which GVM release. Additionally the Greenbone OS used in the Greenbone Community Edition (GCE) Virtual Machine has a different versioning scheme then GVM. We are aware of this and therefore with the next release we are changing our versioning scheme to Calendar Versioning. With this change all software components, GVM and GOS will use the same version.

GVM GOS gvmd GMP GSA gvm-libs scanner status release
GVM 20.08 20.08 gvmd 20.08 GMP 20.08 20.08 gvm-libs 20.08 openvas 20.08 development 2020-08
GVM 11 6 gvmd 9 GMP 9 9 gvm-libs 11 openvas 7 stable 2019-10-14
GVM 10 5 gvmd 8 GMP 8 8 gvm-libs 10 openvas-scanner 6 oldstable 2019-04-05
OpenVAS 9 4 openvas-manager 7 OMP 7 7 openvas-libraries 9 openvas-scaner 5.1 community eol 2017-03-07
6 Likes