Linux Agent LS64 Changelog (Elements, Business Suite, Standalone)
Comments
-
New Linux Security 64 update has been released
New BaseGuard (1.0.568) and FSBG (1.0.548) updates have been released. BaseGuard and FSBG are part of Linux Security 64. This update includes the following changes:
- CSLP-3953: Fixed an issue where scanning service could temporarily consume CPU resources excessively.
- CSLP-3952: Fixed an issue where scanning results were sometimes inconsistent due to a caching related issue.
- CSLP-3926: Fixed an issue where files were not properly cleaned up when offline updates were used.
- CSLP-3951: Fixed an issue where an error about "invalid component in version element" was printed to the journal.
- CSLP-3794: Fixed an issue where the same machine appeared with different names in different web services.
- CSLP-3948: Fixed an issue where information about latest engine update was not correctly shown in Policy Manager.
- CSLP-3950: Updated OpenSSL to 1.1.1k.
- Miscellaneous enhancements and bug fixes.
-
New pinnable Linux Security 64 version is available
New pinnable Linux Security 64 version "linuxsecurity-2021_2" has been released. Product version pinning enables Linux Security 64 installation to be locked to a specific version of the product. When the product version has been pinned the installation will still receive new engine and definition updates. Linux Security 64 supports product version pinning when managed by Policy Manager.
Each pinnable product version has an associated expiration date after which the version will no longer be supported. For "linuxsecurity-2021_2" the expiration date is 2022-06-16T09:00:00Z.
"linuxsecurity-2021_2" contains the following components:
- Linux Security 64 version 12.0.242
- FSBG version 1.0.548
- BaseGuard version 1.0.568
To learn more about product version pinning refer to the "Configuring automatic update options with Policy Manager" section of the Linux Security 64 manual
-
New Linux Security 64 update has been released
New Linux Security 64 (12.0.266), BaseGuard (1.0.574), and FSBG (1.0.568) updates have been released. BaseGuard and FSBG are part of Linux Security 64. This update includes the following changes:
- CSLP-3865: Triggering "send status update" action via Elements EPP Portal now causes Linux Security 64 to check for updates.
- CSLP-3932: Files can now be excluded from integrity checking based on file name patterns.
- CSLP-3762: Add support for SolarWinds RMM.
- CSLP-3967: Made activation and uninstallation more robust.
- CSLP-3924: Increased Security Cloud timeout to 30 minutes.
- CSLP-3940: Fixed an issue where rename and remove operations did not work correctly when the file being operated on was located directly inside / directory.
- Miscellaneous enhancements and bug fixes.
Known Issues
- Scanning files as a non-root user using fsanalyze command-line utility causes error message to be shown.
- If the product is being used with Policy Manager 15.20 or older, detection alerts from fsanalyze will result in an unknown alert type error being shown in Policy Manager Console. This issue will be resolved in the upcoming version of Policy Manager.
-
New Linux Security 64 update has been released
New BaseGuard (1.0.579) update has been released. BaseGuard is a part of Linux Security 64. This update includes the following changes:
- CSLP-3986: Fixed an issue where, under certain conditions, scanning could stop working following a large number of service restarts.
- Miscellaneous enhancements and bug fixes.
-
New Linux Security 64 update has been released
New BaseGuard (1.0.596) and FSBG (1.0.591) updates have been released. BaseGuard and FSBG are part of Linux Security 64. This update includes the following changes:
- CSLP-3971: Fixed a performance regression that increased CPU usage of fsma2 service.
- CSLP-4017: Fixed an issue where limited internet connectivity during boot could cause on-access scanning to slow down the system.
- CSLP-4018: Fixed an issue where updates could cause on-access scanning to freeze the system.
- Miscellaneous enhancements and bug fixes.
-
New Linux Security 64 update has been released
New Linux Security 64 update (12.0.286) has been released. This update includes the following changes:
- CSLP-3985: Fixed an issue where using fsanalyze tool as a non-root user would result in an error to be shown.
- CSLP-3989: Added rate limiting to decrease the number of duplicate alerts that can be sent in a short period of time.
- CSLP-3991: Added support for Debian 11.
- CSLP-3975: Fixed an issue where systemd services could be restarted too quickly.
- Miscellaneous enhancements and bug fixes.
-
New Linux Security 64 update has been released
New Linux Security 64 (12.0.291), BaseGuard (1.0.604), and FSBG (1.0.600) updates have been released. BaseGuard and FSBG are part of Linux Security 64. This update includes the following changes.
- CSLP-4029: Fixed an issue where an update might fail due to a slow migration processes.
- CSLP-4030: Fixed an issue where the product would not fully uninstall.
- CSLP-4031: Fixed an issue where the scanning service could sometimes cause core files to be generated during service shutdown.
- CSLP-3997: New lsctl update subcommand can be used to manually trigger the product to check for updates.
- CSLP-4032: Fixed an issue where SELinux policies were not being installed on Alma Linux systems.
- CSLP-4021: Updated components to use OpenSSL 1.1.1l.
- CSLP-4034: Added support for Alma Linux.
- Miscellaneous enhancements and bug fixes.
-
New Linux Security 64 update has been released
New BaseGuard (1.0.606) update has been released. BaseGuard is part of Linux Security 64. This update includes the following changes.
- CSLP-4036: Old rotated access.log files were not removed but consumed disk space without a limit.
- Miscellaneous enhancements and bug fixes.
-
New pinnable Linux Security 64 version is available
New pinnable Linux Security 64 version "linuxsecurity-2021_5" has been released. Product version pinning enables Linux Security 64 installation to be locked to a specific version of the product. When the product version has been pinned the installation will still receive new engine and definition updates. Linux Security 64 supports product version pinning when managed by Policy Manager.
Each pinnable product version has an associated expiration date after which the version will no longer be supported. For "linuxsecurity-2021_5" the expiration date is 2022-12-22T09:00:00Z.
"linuxsecurity-2021_5" contains the following components:
- Linux Security 64 version 12.0.291
- FSBG version 1.0.600
- BaseGuard version 1.0.606
To learn more about product version pinning refer to the "Configuring automatic update options with Policy Manager" section of the Linux Security 64 manual.
-
-
New Linux Security 64 update has been released (2022-04-11)
Note: This release was made on 2022-04-11. We are moving old change log entries to the new WithSecure Community forum.
New BaseGuard (1.0.632) and FSBG (1.0.623) updates have been released. BaseGuard and FSBG are part of Linux Security 64. This update includes the following changes:
- CSLP-4051: Fixed an issue where real-time scanning service would crash.
- CSLP-4070: Fixed an issue where the product could crash on systems with a large number of mount points.
- CSLP-4071: Fixed an issue where the product could crash when shutting down.
- CSLP-4067: Upgrade to OpenSSL 1.1.1n
-
New Linux Security 64 update has been released (2022-04-26)
Note: This release was made on 2022-04-26. We are moving old change log entries to the new WithSecure Community forum.
New Linux Security 64 (12.0.314) update has been released. This update includes the following changes:
- CSLP-3781: Integrity checker will now produce alerts for file metadata changes. In addition, alerts will be sent when integrity checker protected files are deleted.
- CSLP-4053: Fixed a problem where disabling integrity checker did not disable tampering action alerts.
- CSLP-4009: Optimize resource usage by avoiding starting real-time scanning and integrity checking related services when they are not needed. This means that these services will no-longer be running after the update if they are not needed.
- CSLP-4014: Relax Python dependency's version constraints on CentOS, RHEL, and Alma Linux systems to allow installing the product when the system has Python 3.9 installed.
-
New pinnable Linux Security 64 version is available
New pinnable Linux Security 64 version "linuxsecurity-2022_1" has been released. Product version pinning enables Linux Security 64 installation to be locked to a specific version of the product. When the product version has been pinned the installation will still receive new engine and definition updates. Linux Security 64 supports product version pinning when managed by Policy Manager.
Each pinnable product version is supported for a year from the release of the subsequent pinnable version.
"linuxsecurity-2022_1" contains the following components:
- Linux Security 64 version 12.0.314
- FSBG version 1.0.623
- BaseGuard version 1.0.632
-
New Linux Security 64 update has been released (2022-08-31)
New Linux Security 64 (12.0.338), FSBG (1.0.646), and BaseGuard (1.0.655) updates have been released. FSBG and BaseGuard are part of Linux Security 64. Changes in these releases include:
- CSLP-4133: Added support for Ubuntu 22.04.
- CSLP-4132: Added support for Red Hat Enterprise Linux 9 and Alma Linux 9.
- CSLP-3830: Added support for retrieving updates over HTTPS.
- CSLP-4079: Fixed an issue where Linux Security 64 would not correctly report product build number to Policy Manager.
- CSLP-4012: Improved SELinux support.
- CSLP-4058: Upgraded OpenSSL.
- MALT-305: Fixed a crash in integrity checking service.
- MALT-108: Fixed an issue where under certain conditions update validity would be verified incorrectly.
- MALT-335: Fixed an issue where errors related to expired subscription would be displayed even when the subscription was valid.
- MALT-109: Fixed an on-access scanning compatibility issue with kernel versions >=5.13.
- MALT-103: Updated embedded curl dependency.
- Miscellaneous fixes and improvements.
-
New Linux Security 64 update has been released (2022-09-20)
New FSBG update (1.0.653) has been released. FSBG is part of Linux Security 64. This update includes the following changes:
- CSLP-4151: Fixed an issue where new Policy Manager managed installations making use of Policy Manager proxies or Policy Manager address overrides would have invalid update configuration.
- Miscellaneous enhancements and bug fixes.
-
New Linux Security 64 update has been released (2022-10-05)
New FSBG update (1.0.654) has been released. FSBG is part of Linux Security 64. This update includes the following changes:
- CSLP-4158: Fixed an issue where FSBG updates could fail on systems with certain SELinux configuration.
- Miscellaneous enhancements and bug fixes.
-
New pinnable Linux Security 64 version is available (2022-10-20)
New pinnable Linux Security 64 version "linuxsecurity-2022_4" has been released. Product version pinning enables Linux Security 64 installation to be locked to a specific version of the product. When the product version has been pinned the installation will still receive new engine and definition updates. Linux Security 64 supports product version pinning when managed by Policy Manager.
Each pinnable product version is supported for a year from the release of the subsequent pinnable version.
"linuxsecurity-2022_4" contains the following components:
- Linux Security 64 version 12.0.338
- FSBG version 1.0.654
- BaseGuard version 1.0.655
-
New Linux Security 64 update has been released (2022-11-28)
New Linux Security 64 (version 12.0.409), FSBG (version 1.0.703), and BaseGuard (version 1.0.723) updates have been released. FSBG and BaseGuard are components of Linux Security 64. These updates include the following changes:
- CSLP-4169: Make it possible to bypass distribution compatibility checks and run the product on systems that are not officially supported. The main use case for this feature is to enable running the product on various "clone" distributions that resemble one of the supported distributions.
- CSLP-3740: Improved integrity checker integration with updates installed via system package manager. Integrity checker baseline can now be automatically updated after a system update has been installed. Currently APT and DNF package managers are supported.
- MALT-529, MALT-536, MALT-563: Fixed crashes in scanning service.
- MALT-441: Fixed an issue where in certain situations subscription was incorrectly deemed to be invalid.
- CSLP-4160: Fixed a possible race condition when taking a new SELinux policy into use.
- CSLP-4150: Fixed an issue where SELinux prevented accessing SSSD NSS module on Red Hat Enterprise Linux 7 and CentOS 7.
- MALT-527: Fixed a memory access related issue in real-time scanning service.
- MALT-388: Added support for wildcards in on-access scanning.
- Miscellaneous enhancements and bug fixes.
-
New pinnable Linux Security 64 version is available (2022-12-07)
New pinnable Linux Security 64 version "linuxsecurity-2022_5" has been released. Product version pinning enables Linux Security 64 installation to be locked to a specific version of the product. When the product version has been pinned the installation will still receive new engine and definition updates. Linux Security 64 supports product version pinning when managed by Policy Manager.
This pinnable version will be supported until the end of 2023.
"linuxsecurity-2022_5" contains the following components:
- Linux Security 64 version 12.0.409
- FSBG version 1.0.703
- BaseGuard version 1.0.723
-
New Linux Security 64 update has been released (2023-04-25)
New Linux Security 64 (version 12.0.441) and FSBG (version 1.0.738) updates have been released. FSBG is a component of Linux Security 64. These updates include the following changes:
- LNX-278: Fixed an issue where an unreachable proxy could prevent certain product services from starting up.
- CSLP-4211: Fixed an issue where certain product updates would ignore update installation schedule.
- Added support for Rocky Linux 8 and 9.
- Updated OpenSSL.
- LNX-174: Fixed an issue where /etc/apt/apt.conf.d/10fsicd-apt-hook configuration file was not uninstalled properly.
- CSLP-4043: Fixed an issue with offline updates where updater could attempt to install channels in an incorrect order.
- LNX-245: Fixed an issue where offline-update command did not include any help text.
- LNX-23: Merged BaseGuard contents into FSBG. Previously some parts product's functionality was distributed as a separate BaseGuard component.
- CSLP-3646: Improved error messages in offline-update to indicate that channels cannot be downgraded.
- CSLP-4205: Added a new setting to configure (or disable) maximum file size limit for scanned files.
- LNX-238: Fixed an issue where fsanalyze command would print archive member names incorrectly.
- CSLP-4174: Fixed a possible crash configuration management service.
- CSLP-3958: Allowed offline updates to be installed even when automatic updates are enabled.
- LNX-211: Fixed an issue where invalid utf-8 could be included to the access log.
- LNX-304: Fixed an issue where scanning service could fail under a heavy load.
-
-
New Linux Security 64 update has been released (2023-07-04)
New Linux Security 64 update (version 12.0.445) has been released. This update includes the following changes:
- LNX-358: Fixed an issue where uninstallation would not always work if the installation had not finished completely.
- LNX-396: Fixed an issue where on certain systems the product could fail to start properly when a certain on-access scanning configuration was used.