Wazuh v4.2.2 Release Notes
Release Date: 2021-09-28 // over 2 years ago-
Manager
๐ Changed
- Clean up the agent's inventory data on the manager if Syscollector is disabled. (#9133)
- Authd now refuses enrollment attempts if the agent already holds a valid key. (#9779)
๐ Fixed
- ๐ Fixed a false positive in Vulnerability Detector when packages have multiple conditions in the OVAL feed. (#9647)
- Prevented pending agents from keeping their state indefinitely in the manager. (#9042)
- ๐ Fixed Remoted to avoid agents in connected state with no group assignation. (#9088)
- ๐ Fixed a bug in Analysisd that ignored the value of the rule option
noalert
. (#9278) - ๐ Fixed Authd's startup to set up the PID file before loading keys. (#9378)
- ๐ Fixed a bug in Authd that delayed the agent timestamp update when removing agents. (#9295)
- ๐ Fixed a bug in Wazuh DB that held wrong agent timestamp data. (#9705)
- ๐ Fixed a bug in Remoted that kept deleted shared files in the multi-groups' merged.mg file. (#9942)
- ๐ Fixed a bug in Analysisd that overwrote its queue socket when launched in test mode. (#9987)
- ๐ Fixed a condition in the Windows Vulnerability Detector to prevent false positives when evaluating DU patches. (#10016)
- ๐ Fixed a memory leak when generating the Windows report in Vulnerability Detector. (#10214)
- ๐ Fixed a file descriptor leak in Analysisd when delivering an AR request to an agent. (#10194)
Agent
๐ Changed
- ๐ Optimized Syscollector scan performance. (#9907)
- ๐ง Reworked the Google Cloud Pub/Sub integration module to increase the number of processed events per second allowing multithreading. Added new
num_threads
option to module configuration. (#9927) - โฌ๏ธ Upgraded google-cloud-pubsub dependency to the latest stable version (2.7.1). (#9964)
- ๐ง Reimplemented the WPK installer rollback on Linux. (#9443)
- โก๏ธ Updated AWS WAF implementation to change
httpRequest.headers
field format. (#10217)
๐ Fixed
- ๐ง Prevented the manager from hashing the shared configuration too often. (#9710)
- ๐ Fixed a memory leak in Logcollector when re-subscribing to Windows Eventchannel. (#9310)
- ๐ Fixed a memory leak in the agent when enrolling for the first time if it had no previous key. (#9967)
- โ Removed CloudWatchLogs log stream limit when there are more than 50 log streams. (#9934)
- ๐ Fixed a problem in the Windows installer that causes the agent to be unable to get uninstalled or upgraded. (#9897)
- ๐ Fixed AWS WAF log parsing when there are multiple dicts in one line. (#9775)
- ๐ Fixed a bug in AWS CloudWatch Logs module that caused already processed logs to be collected and reprocessed. (#10024)
- ๐ Avoid duplicate alerts from case-insensitive 32-bit registry values in FIM configuration for Windows agents. (#8256)
- ๐ Fixed error with Wazuh path in Azure module. (#10250)
- ๐ Fixed a bug in the sources and WPK installer that made upgrade unable to detect the previous installation on CentOS 7. (#10210)
RESTful API
๐ Changed
- ๐ง Made SSL ciphers configurable and renamed SSL protocol option. (#10219)
๐ Fixed
- ๐ Fixed a bug with distributed API calls when the cluster is disabled. (#9984)