All Versions
87
Latest Version
Avg Release Cycle
29 days
Latest Release
885 days ago

Changelog History
Page 6

  • v3.10.0 Changes

    September 16, 2019

    ➕ Added

    • ➕ Add framework function to obtain full summary of agents. (#3842)
    • SCA improvements. (#3286)
      • Refactor de SCA internal logic and policy syntax. (#3249)
      • Support to follow symbolic links. (#3228)
      • Add numerical comparator for SCA rules. (#3374)
      • Add SCA decoded events count to global stats. (#3623)
    • Extend duplicate file detection for LogCollector. (#3867)
    • ➕ Add HIPAA and NIST 800 53 compliance mapping as rule groups.(#3411 & #3420)
    • ➕ Add SCA compliance groups to rule groups in alerts. (#3427)
    • ➕ Add IPv6 loopback address to localhost list in DB output module (by @aquerubin). (#3140)
    • Accept ] and > as terminal prompt characters for Agentless. (#3209)

    🔄 Changed

    • 🔊 Modify logs for agent authentication issues by Remoted. (#3662)
    • 🌲 Make Syscollector logging messages more user-friendly. (#3397)
    • 0️⃣ Make SCA load by default all present policies at the default location. (#3607)
    • Increase IPSIZE definition for IPv6 compatibility (by @aquerubin). (#3259)
    • Replace local protocol definitions with Socket API definitions (by @aquerubin). (#3260)
    • 👌 Improved error message when some of required Wazuh daemons are down. Allow restarting cluster nodes except when ossec-execd is down. (#3496)
    • 👍 Allow existing aws_profile argument to work with vpcflowlogs in AWS wodle configuration. Thanks to Adam Williams (@awill1988). (#3729)

    🛠 Fixed

    • 🛠 Fix exception handling when using an invalid bucket in AWS wodle (#3652)
    • 🛠 Fix error message when an AWS bucket is empty (#3743)
    • 🛠 Fix error when getting profiles in custom AWS buckets (#3786)
    • 🛠 Fix SCA integrity check when switching between manager nodes. (#3884)
    • Fix alert email sending when no_full_log option is set in a rule. (#3174)
    • 🛠 Fix error in Windows who-data when handling the directories list. (#3883)
    • 🛠 Fix error in the hardware inventory collector for PowerPC architectures. (#3624)
    • 🛠 Fix the use of mutexes in the OS_Regex library. (#3533)
    • 🛠 Fix invalid read in the OS_Regex library. (#3815)
    • 🛠 Fix compilation error on FreeBSD 13 and macOS 10.14. (#3832)
    • 🛠 Fix typo in the license of the files. (#3779)
    • 🛠 Fix error in execd when upgrading agents remotely while auto-restarting. (#3437)
    • Prevent integrations from inheriting descriptors. (#3514)
    • ✅ Overwrite rules label fix and rules features tests. (#3414)
    • 🛠 Fix typo: replace readed with read. (#3328)
    • Introduce global mutex for Rootcheck decoder. (#3530)
    • 🛠 Fix errors reported by scan-build. (#3452 & #3785)
    • 🛠 Fix the handling of wm_exec() output.(#3486)
    • 🛠 Fix FIM duplicated entries in Windows. (#3504)
    • ✂ Remove socket deletion from epoll. (#3432)
    • 👍 Let the sources installer support NetBSD. (#3444)
    • 🛠 Fix error message from openssl v1.1.1. (#3413)
    • 🛠 Fix compilation issue for local installation. (#3339)
    • 🛠 Fix exception handling when /tmp have no permissions and tell the user the problem. (#3401)
    • 🛠 Fix who-data alerts when audit logs contain hex fields. (#3909)
    • ✂ Remove useless select() calls in Analysisd decoders. (#3964)

  • v3.9.5 Changes

    August 08, 2019

    🛠 Fixed

    • Fixed a bug in the Framework that prevented Cluster and API from handling the file client.keys if it's mounted as a volume on Docker.
    • 🛠 Fixed a bug in Analysisd that printed the millisecond part of the alerts' timestamp without zero-padding. That prevented Elasticsearch 7 from indexing those alerts. (#3814)

  • v3.9.4 Changes

    August 07, 2019

    🔄 Changed

    • 🏁 Prevent agent on Windows from including who-data on FIM events for child directories without who-data enabled, even if it's available. (#3601)
    • 🔧 Prevent Rootcheck configuration from including the <ignore> settings if they are empty. (#3634)
    • Wazuh DB will delete the agent DB-related files immediately when removing an agent. (#3691)

    🛠 Fixed

    • 🛠 Fixed bug in Remoted when correlating agents and their sockets in TCP mode. (#3602)
    • 🛠 Fix bug in the agent that truncated its IP address if it occupies 15 characters. (#3615)
    • Logcollector failed to overwrite duplicate <localfile> stanzas. (#3616)
    • 🆓 Analysisd could produce a double free if an Eventchannel message contains an invalid XML member. (#3626)
    • 🛠 Fixed defects in the code reported by Coverity. (#3627)
    • 🛠 Fixed bug in Analysisd when handling invalid JSON input strings. (#3648)
    • 🛠 Fix handling of SCA policies with duplicate ID in Wazuh DB. (#3668)
    • 🐳 Cluster could fail synchronizing some files located in Docker volumes. (#3669)
    • 🛠 Fix a handler leak in the FIM whodata engine for Windows. (#3690)
    • 🐳 The Docker listener module was storing and ignoring the output of the integration. (#3768)
    • 🛠 Fixed memory leaks in Syscollector for macOS agents. (#3795)
    • 🛠 Fix dangerous mutex initialization in Windows hosts. (#3805)

  • v3.9.3 Changes

    July 08, 2019

    🔄 Changed

    • 🏁 Windows Eventchannel log collector will no longer report bookmarked events by default (those that happened while the agent was stopped). (#3485)
    • Remoted will discard agent-info data not in UTF-8 format. (#3581)

    🛠 Fixed

    • 🌲 Osquery integration did not follow the osquery results file (osqueryd.results.log) as of libc 2.28. (#3494)
    • ⚡️ Windows Eventchannnel log collector did not update the bookmarks so it reported old events repeatedly. (#3485)
    • The agent sent invalid info data in the heartbeat message if it failed to get the host IP address. (#3555)
    • 🔧 Modulesd produced a memory leak when being queried for its running configuration. (#3564)
    • Analysisd and Logtest crashed when trying rules having <different_geoip> and no <not_same_field> stanza. (#3587)
    • 📜 Vulnerability Detector failed to parse the Canonical's OVAL feed due to a syntax change. (#3563)
    • AWS Macie events produced erros in Elasticsearch. (#3608)
    • Rules with <list lookup="address_match_key" /> produced a false match if the CDB list file is missing. (#3609)
    • 🔧 Remote configuration was missing the <ignore> stanzas for Syscheck and Rootcheck when defined as sregex. (#3617)

  • v3.9.2 Changes

    June 10, 2019

    ➕ Added

    • ➕ Added support for Ubuntu 12.04 to the SCA configuration template. (#3361)

    🔄 Changed

    • Prevent the agent from stopping if it fails to resolve the manager's hostname on startup. (#3405)
    • 🌲 Prevent Remoted from logging agent connection timeout as an error, now it's a debugging log. (#3426)

    🛠 Fixed

    • 🔧 A configuration request to Analysisd made it crash if the option <white_list> is empty. (#3383)
    • 🛠 Fixed error when uploading some configuration files through API in wazuh-docker environments. (#3335)
    • 🛠 Fixed error deleting temporary files during cluster synchronization. (#3379)
    • 🛠 Fixed bad permissions on agent-groups files synchronized via wazuh-clusterd. (#3438)
    • 🛠 Fixed bug in the database module that ignored agents registered with a network mask. (#3351)
    • 🛠 Fixed a memory bug in the CIS-CAT module. (#3406)
    • 🛠 Fixed a bug in the agent upgrade tool when checking the version number. (#3391)
    • 🛠 Fixed error checking in the Windows Eventchannel log collector. (#3393)
    • Prevent Analysisd from crashing at SCA decoder due to a race condition calling a thread-unsafe function. (#3466)
    • 🛠 Fix a file descriptor leak in Modulesd on timeout when running a subprocess. (#3470)
      • OpenSCAP.
      • CIS-CAT.
      • Command.
      • Azure.
      • SCA.
      • AWS.
      • Docker.
    • ⚡️ Prevent Modulesd from crashing at Vulnerability Detector when updating a RedHat feed. (3458)

  • v3.9.1 Changes

    May 21, 2019

    ➕ Added

    • ➕ Added directory existence checking for SCA rules. (#3246)
    • ➕ Added line number to error messages when parsing YAML files. (#3325)
    • ✨ Enhanced wildcard support for Windows Logcollector. (#3236)

    🔄 Changed

    • 🔄 Changed the extraction point of the package name in the Vulnerability Detector OVALs. (#3245)

    🛠 Fixed

    • 🛠 Fixed SCA request interval option limit. (#3254)
    • 🛠 Fixed SCA directory checking. (#3235)
    • 🛠 Fixed potential out of bounds memory access. (#3285)
    • 🛠 Fixed CIS-CAT XML report parser. (#3261)
    • 🛠 Fixed .ssh folder permissions for Agentless. (#2660)
    • 🛠 Fixed repeated fields in SCA summary events. (#3278)
    • 🛠 Fixed command output treatment for the SCA module. (#3297)
    • Fixed agent_upgrade tool to set the manager version as the default one. (#2721)
    • 🛠 Fixed execd crash when timeout list is not initialized. (#3316)
    • 🛠 Fixed support for reading large files on Windows Logcollector. (#3248)
    • 🛠 Fixed the manager restarting process via API on Docker. (#3273)
    • Fixed the agent_info files synchronization between cluster nodes. (#3272)

    ✂ Removed

    • ✂ Removed 5-second reading timeout for File Integrity Monitoring scan. (#3366)

  • v3.9.0 Changes

    May 02, 2019

    ➕ Added

    • 🔒 New module to perform Security Configuration Assessment scans. (#2598)
    • New Logcollector features. (#2929)
      • Let Logcollector filter files by content. (#2796)
      • Added a pattern exclusion option to Logcollector. (#2797)
      • Let Logcollector filter files by date. (#2799)
      • Let logcollector support wildcards on Windows. (#2898)
    • Fluent forwarder for agents. (#2828)
    • 🏁 Collect network and port inventory for Windows XP/Server 2003. (#2464)
    • Included inventory fields as dynamic fields in events to use them in rules. (#2441)
    • Added an option startup_healthcheck in FIM so that the the who-data health-check is optional. (#2323)
    • The real agent IP is reported by the agent and shown in alerts and the App interface. (#2577)
    • ➕ Added support for organizations in AWS wodle. (#2627)
    • Added support for hot added symbolic links in Whodata. (#2466)
    • ➕ Added -t option to wazuh-clusterd binary (#2691).
    • Added options same_field and not_same_field in rules to correlate dynamic fields between events. (#2689)
    • ➕ Added optional daemons start by default. (#2769)
    • 🏁 Make the Windows installer to choose the appropriate ossec.conf file based on the System version. (#2773)
    • ➕ Added writer thread preference for Logcollector. (#2783)
    • ➕ Added database deletion from Wazuh-DB for removed agents. (#3123)

    🔄 Changed

    • 🐎 Introduced a network buffer in Remoted to cache incomplete messages from agents. This improves the performance by preventing Remoted from waiting for complete messages. (#2528)
    • 👌 Improved alerts about disconnected agents: they will contain the data about the disconnected agent, although the alert is actually produced by the manager. (#2379)
    • 👍 PagerDuty integration plain text alert support (by @spartantri). (#2403)
    • 👌 Improved Remoted start-up logging messages. (#2460)
    • Let agent_auth warn when it receives extra input arguments. (#2489)
    • ⚡️ Update the who-data related SELinux rules for Audit 3.0. This lets who-data work on Fedora 29. (#2419)
    • 🔄 Changed data source for network interface's MAC address in Syscollector so that it will be able to get bonded interfaces' MAC. (#2550)
    • ✅ Migrated unit tests from Check to TAP (Test Anything Protocol). (#2572)
    • Now labels starting with _ are reserved for internal use. (#2577)
    • Now AWS wodle fetches aws.requestParameters.disableApiTermination with an unified format (#2614)
    • 👌 Improved overall performance in cluster (#2575)
    • Some improvements has been made in the vulnerability-detector module. (#2603)
    • 🔨 Refactor of decoded fields from the Windows eventchannel decoder. (#2684)
    • 🗄 Deprecate global option <queue_size> for Analysisd. (#2729)
    • 🏁 Excluded noisy events from Windows Eventchannel. (#2763)
    • 🖨 Replaced printf functions in agent-authd. (#2830)
    • Replaced strtoul() using NULL arguments with atol() in wodles config files. (#2801)
    • ➕ Added a more descriptive message for SSL error when agent-auth fails. (#2941)
    • 🔄 Changed the starting Analysisd messages about loaded rules from info to debug level. (#2881)
    • Re-structured messages for FIM module. (#2926)
    • 🔄 Changed diff output in Syscheck for Windows. (#2969)
    • Replaced OSSEC e-mail subject with Wazuh in ossec-maild. (#2975)
    • ➕ Added keepalive in TCP to manage broken connections in ossec-remoted. (#3069)
    • 🔄 Change default restart interval for Docker listener module to one minute. (#2679)

    🛠 Fixed

    • 🛠 Fixed error in Syscollector for Windows older than Vista when gathering the hardware inventory. (#2326)
    • 🛠 Fixed an error in the OSQuery configuration validation. (#2446)
    • Prevent Integrator, Syslog Client and Mail forwarded from getting stuck while reading alerts.json. (#2498)
    • 🛠 Fixed a bug that could make an Agent running on Windows XP close unexpectedly while receiving a WPK file. (#2486)
    • Fixed ossec-control script in Solaris. (#2495)
    • 🛠 Fixed a compilation error when building Wazuh in static linking mode with the Audit library enabled. (#2523)
    • 🛠 Fixed a memory hazard in Analysisd on log pre-decoding for short logs (less than 5 bytes). (#2391)
    • 🛠 Fixed defects reported by Cppcheck. (#2521)
      • Double free in GeoIP data handling with IPv6.
      • Buffer overlay when getting OS information.
      • Check for successful memory allocation in Syscollector.
    • 🛠 Fix out-of-memory error in Remoted when upgrading an agent with a big data chunk. (#2594)
    • Re-registered agent are reassigned to correct groups when the multigroup is empty. (#2440)
    • Wazuh manager starts regardless of the contents of local_decoder.xml. (#2465)
    • Let Remoted wait for download module availability. (#2517)
    • 🛠 Fix duplicate field names at some events for Windows eventchannel. (#2500)
    • ✂ Delete empty fields from Windows Eventchannel alerts. (#2492)
    • 🛠 Fixed memory leak and crash in Vulnerability Detector. (#2620)
    • Prevent Analysisd from crashing when receiving an invalid Syscollector event. (#2621)
    • 🛠 Fix a bug in the database synchronization module that left broken references of removed agents to groups. (#2628)
    • 🛠 Fixed restart service in AIX. (#2674)
    • Prevent Execd from becoming defunct when Active Response disabled. (#2692)
    • 🛠 Fix error in Syscollector when unable to read the CPU frequency on agents. (#2740)
    • 🛠 Fix Windows escape format affecting non-format messages. (#2725)
    • Avoid a segfault in mail daemon due to the XML tags order in the ossec.conf. (#2711)
    • ⚡️ Prevent the key updating thread from starving in Remoted. (#2761)
    • 🛠 Fixed error logging on Windows agent. (#2791)
    • Let CIS-CAT decoder reuse the Wazuh DB connection socket. (#2800)
    • 🛠 Fixed issue with agent-auth options without argument. (#2808)
    • 🛠 Fixed control of the frequency counter in alerts. (#2854)
    • Ignore invalid files for agent groups. (#2895)
    • 🛠 Fixed invalid behaviour when moving files in Whodata mode. (#2888)
    • 🛠 Fixed deadlock in Remoted when updating the keyentries structure. (#2956)
    • 🛠 Fixed error in Whodata when one of the file permissions cannot be extracted. (#2940)
    • 🛠 Fixed System32 and SysWOW64 event processing in Whodata. (#2935)
    • 🛠 Fixed Syscheck hang when monitoring system directories. (#3059)
    • 🛠 Fixed the package inventory for MAC OS X. (#3035)
    • 🏁 Translated the Audit Policy fields from IDs for Windows events. (#2950)
    • 🛠 Fixed broken pipe error when Wazuh-manager closes TCP connection. (#2965)
    • 🛠 Fixed whodata mode on drives other than the main one. (#2989)
    • 🛠 Fixed bug occurred in the database while removing an agent. (#2997)
    • 🛠 Fixed duplicated alerts for Red Hat feed in vulnerability-detector. (#3000)
    • 🛠 Fixed bug when processing symbolic links in Whodata. (#3025)
    • 🛠 Fixed option for ignoring paths in rootcheck. (#3058)
    • 👍 Allow Wazuh service on MacOSX to be available without restart. (#3119)
    • ⬆️ Ensure internal_options.conf file is overwritten on Windows upgrades. (#3153)
    • 🛠 Fixed the reading of the setting attempts of the Docker module. (#3067)
    • 🛠 Fix a memory leak in Docker listener module. (#2679)

  • v3.8.2 Changes

    January 30, 2019

    🛠 Fixed

    • 📜 Analysisd crashed when parsing a log from OpenLDAP due to a bug in the option <accumulate>. (#2456)
    • Modulesd closed unexpectedly if a command was defined without a <tag> option. (#2470)
    • The Eventchannel decoder was not being escaping backslashes correctly. (#2483)
    • The Eventchannel decoder was leaving spurious trailing spaces in some fields. (#2484)

  • v3.8.1 Changes

    January 25, 2019

    🛠 Fixed

    • 🛠 Fixed memory leak in Logcollector when reading Windows eventchannel. (#2450)
    • 🛠 Fixed script parsing error in Solaris 10. (#2449)
    • 🛠 Fixed version comparisons on Red Hat systems. (By @orlando-jamie) (#2445)

  • v3.8.0 Changes

    January 19, 2019

    ➕ Added

    • 🏁 Logcollector extension for Windows eventchannel logs in JSON format. (#2142)
    • Add options to detect attribute and file permission changes for Windows. (#1918)
    • Added Audit health-check in the Whodata initialization. (#2180)
    • Added Audit rules auto-reload in Whodata. (#2180)
    • 🆕 Support for new AWS services in the AWS wodle (#2242):
      • AWS Config
      • AWS Trusted Advisor
      • AWS KMS
      • AWS Inspector
      • Add support for IAM roles authentication in EC2 instances.
    • 🆕 New module "Agent Key Polling" to integrate agent key request to external data sources. (#2127)
      • Look for missing or old agent keys when Remoted detects an authorization failure.
      • Request agent keys by calling a defined executable or connecting to a local socket.
    • 🏁 Get process inventory for Windows natively. (#1760)
    • 👌 Improved vulnerability detection in Red Hat systems. (#2137)
    • ➕ Add retries to download the OVAL files in vulnerability-detector. (#1832)
    • ⬆️ Auto-upgrade FIM databases in Wazuh-DB. (#2147)
    • 🆕 New dedicated thread for AR command running on Windows agent. (#1725)
      • This will prevent the agent from delaying due to an AR execution.
    • 🆕 New internal option to clean residual files of agent groups. (#1985)
    • ➕ Add a manifest to run agent-auth.exe with elevated privileges. (#1998)
    • Compress last-entry files to check differences by FIM. (#2034)
    • ➕ Add error messages to integration scripts. (#2143)
    • ➕ Add CDB lists building on install. (#2167)
    • ⚡️ Update Wazuh copyright for internal files. (#2343)
    • ➕ Added option to allow maild select the log file to read from. (#977)
    • ➕ Add table to control the metadata of the vuln-detector DB. (#2402)

    🔄 Changed

    • 🔧 Now Wazuh manager can be started with an empty configuration in ossec.conf. (#2086)
    • 0️⃣ The Authentication daemon is now enabled by default. (#2129)
    • 0️⃣ Make FIM show alerts for new files by default. (#2213)
    • ⬇️ Reduce the length of the query results from Vulnerability Detector to Wazuh DB. (#1798)
    • 👌 Improved the build system to automatically detect a big-endian platform. (#2031)
      • Building option USE_BIG_ENDIAN is not already needed on Solaris (SPARC) or HP-UX.
    • Expanded the regex pattern maximum size from 2048 to 20480 bytes. (#2036)
    • 👌 Improved IP address validation in the option <white_list> (by @pillarsdotnet). (#1497)
    • 👌 Improved rule option <info> validation (by @pillarsdotnet). (#1541)
    • Deprecated the Syscheck option <remove_old_diff> by making it mandatory. (#1915)
    • Fix invalid error "Unable to verity server certificate" in ossec-authd (server). (#2045)
    • ✂ Remove deprecated flag REUSE_ID from the Makefile options. (#2107)
    • ⚠ Syscheck first queue error message changed into a warning. (#2146)
    • 🐧 Do the DEB and RPM package scan regardless of Linux distribution. (#2168)
    • 🔧 AWS VPC configuration in the AWS wodle (#2242).
    • 🚚 Hide warning log by FIM when cannot open a file that has just been removed. (#2201)
    • 🔧 The default FIM configuration will ignore some temporary files. (#2202)

    🛠 Fixed

    • 🛠 Fixed error description in the osquery configuration parser (by @pillarsdotnet). (#1499)
    • The FTS comment option <ftscomment> was not being read (by @pillarsdotnet). (#1536)
    • 🛠 Fixed error when multigroup files are not found. (#1792)
    • 🛠 Fix error when assigning multiple groups whose names add up to more than 4096 characters. (#1792)
    • Replaced "getline" function with "fgets" in vulnerability-detector to avoid compilation errors with older versions of libC. (#1822)
    • 🛠 Fix bug in Wazuh DB when trying to store multiple network interfaces with the same IP from Syscollector. (#1928)
    • 👌 Improved consistency of multigroups. (#1985)
    • 🛠 Fixed the reading of the OS name and version in HP-UX systems. (#1990)
    • ⏱ Prevent the agent from producing an error on platforms that don't support network timeout. (#2001)
    • Logcollector could not set the maximum file limit on HP-UX platform. (2030)
    • 👍 Allow strings up to 64KB long for log difference analysis. (#2032)
    • ⬆️ Now agents keep their registration date when upgrading the manager. (#2033)
    • 🏁 Create an empty client.keys file on a fresh installation of a Windows agent. (2040)
    • 👍 Allow CDB list keys and values to have double quotes surrounding. (#2046)
    • ✂ Remove file queue/db/.template.db on upgrade / restart. (2073)
    • 🛠 Fix error on Analysisd when check_value doesn't exist. (2080)
    • Prevent Rootcheck from looking for invalid link count in agents running on Solaris (by @ecsc-georgew). (2087)
    • 🛠 Fixed the warning messages when compiling the agent on AIX. (2099)
    • 🛠 Fix missing library when building Wazuh with MySQL support. (#2108)
    • 🛠 Fix compile warnings for the Solaris platform. (#2121)
    • 🛠 Fixed regular expression for audit.key in audit decoder. (#2134)
    • Agent's ossec-control stop should wait a bit after killing a process. (#2149)
    • 🛠 Fixed error ocurred while monitoring symbolic links in Linux. (#2152)
    • 🛠 Fixed some bugs in Logcollector: (#2154)
      • If Logcollector picks up a log exceeding 65279 bytes, that log may lose the null-termination.
      • Logcollector crashes if multiple wildcard stanzas resolve the same file.
      • An error getting the internal file position may lead to an undefined condition.
    • Execd daemon now runs even if active response is disabled (#2177)
    • 🛠 Fix high precision timestamp truncation in rsyslog messages. (#2128)
    • 🛠 Fix missing Whodata section to the remote configuration query. (#2173)
    • 🛠 Bugfixes in AWS wodle (#2242):
      • Fixed bug in AWS Guard Duty alerts when there were multiple remote IPs.
      • Fixed bug when using flag remove_from_bucket.
      • Fixed bug when reading buckets generating more than 1000 logs in the same day.
      • Increase qty of aws.eventNames and remove usage of aws.eventSources.
    • 🛠 Fix bug in cluster configuration when using Kubernetes (#2227).
    • 🛠 Fix network timeout setup in agent running on Windows. (#2185)
    • 🛠 Fix default values for the <auto_ignore> option. (#2210)
    • 🛠 Fix bug that made Modulesd and Remoted crash on ARM architecture. (#2214)
    • 📜 The regex parser included the next character after a group:
      • If the input string just ends after that character. (#2216)
      • The regex parser did not accept a group terminated with an escaped byte or a class. (#2224)
    • 🛠 Fixed buffer overflow hazard in FIM when performing change report on long paths on macOS platform. (#2285)
    • 🛠 Fix sending of the owner attribute when a file is created in Windows. (#2292)
    • 🛠 Fix audit reconnection to the Whodata socket (#2305)
    • 🛠 Fixed agent connection in TCP mode on Windows XP. (#2329)
    • 🛠 Fix log shown when a command reaches its timeout and ignore_output is enabled. (#2316)
    • Analysisd and Syscollector did not detect the number of cores on Raspberry Pi. (#2304)
    • Analysisd and Syscollector did not detect the number of cores on CentOS 5. (#2340)