All Versions
87
Latest Version
Avg Release Cycle
29 days
Latest Release
919 days ago
Changelog History
Page 4
Changelog History
Page 4
-
v3.13.4 Changes
May 30, 2022π Fixed
- π Fixed a crash in Vuln Detector when scanning agents running on Windows (backport from 4.3.2). (#13624)
-
v3.13.3 Changes
April 28, 2021π Fixed
- π Fixed a bug in Vulnerability Detector that made Modulesd crash while updating the NVD feed due to a missing CPE entry. (#8346)
-
v3.13.2 Changes
September 21, 2020π Fixed
- β‘οΈ Updated the default NVD feed URL from 1.0 to 1.1 in Vulnerability Detector. (#6056)
-
v3.13.1 Changes
July 14, 2020 -
v3.13.0 Changes
June 29, 2020β Added
- Vulnerability Detector improvements. (#5097)
- Include the NVD as feed for Linux agents in Vulnerability Detector.
- Improve the Vulnerability Detector engine to correlate alerts between different feeds.
- Add Vulnerability Detector module unit testing for Unix source code.
- A timeout has been added to the updates of the vulnerability detector feeds to prevent them from getting hung up. (#5153)
- π New option for the JSON decoder to choose the treatment of Array structures. (#4836)
- β Added mode value (real-time, Who-data, or scheduled) as a dynamic field in FIM alerts. (#5051)
- π§ Set a configurable maximum limit of files to be monitored by FIM. (#4717)
- π New integration for pull logs from Google Cloud Pub/Sub. (#4078)
- β Added support for MITRE ATT&CK knowledge base. (#3746)
- β‘οΈ Microsoft Software Update Catalog used by vulnerability detector added as a dependency. (#5101)
- β Added support for
aarch64andarmhfarchitectures. (#5030)
π Changed
- π§ Internal variable rt_delay configuration changes to 5 milliseconds. (#4760)
- Who-data includes new fields: process CWD, parent process id, and CWD of parent process. (#4782)
- FIM opens files with shared deletion permission. (#5018)
- Extended the statics fields comparison in the ruleset options. (#4416)
- π The state field was removed from vulnerability alerts. (#5211)
- π§ The NVD is now the primary feed for the vulnerability detector in Linux. (#5097)
- β Removed OpenSCAP policies installation and configuration block. (#5061)
- π Changed the internal configuration of Analysisd to be able to register by default a number of agents higher than 65536. (#4332)
- Changed
same/different_systemnameforsame/different_system_namein Analysisd static filters. (#5131) - β‘οΈ Updated the internal Python interpreter from v3.7.2 to v3.8.2. (#5030)
π Fixed
- π Fixed a bug that, in some cases, kept the memory reserved when deleting monitored directories in FIM. (#5115)
- Freed Inotify watches moving directories in the real-time mode of FIM. (#4794)
- π Fixed an error that caused deletion alerts with a wrong path in Who-data mode. (#4831)
- π Fixed generating alerts in Who-data mode when moving directories to the folder being monitored in Windows. (#4762)
- π² Avoid truncating the full log field of the alert when the path is too long. (#4792)
- π Fixed the change of monitoring from Who-data to real-time when there is a failure to set policies in Windows. (#4753)
- π Fixed an error that prevents restarting Windows agents from the manager. (#5212)
- π Fixed an error that impedes the use of the tag URL by configuring the NVD in a vulnerability detector module. (#5165)
- π Fixed TOCTOU condition in Clusterd when merging agent-info files. (#5159)
- π Fixed race condition in Analysisd when handling accumulated events. (#5091)
- Avoided to count links when generating alerts for ignored directories in Rootcheck. Thanks to Artur Molchanov (@Hexta). (#4603)
- π Fixed typo in the path used for logging when disabling an account. Thanks to Fontaine Pierre (@PierreFontaine). (#4839)
- π Fixed an error when receiving different Syslog events in the same TCP packet. (#5087)
- π Fixed a bug in Vulnerability Detector on Modulesd when comparing Windows software versions. (#5168)
- π Fixed a bug that caused an agent's disconnection time not to be displayed correctly. (#5142)
- β‘οΈ Optimized the function to obtain the default gateway. Thanks to @WojRep
- π Fixed host verification when signing a certificate for the manager. (#4963)
- π Fixed possible duplicated ID on 'client.keys' adding new agent through the API with a specific ID. (#4982)
- π§ Avoid duplicate descriptors using wildcards in 'localfile' configuration. (#4977)
- β Added guarantee that all processes are killed when service stops. (#4975)
- π Fixed mismatch in integration scripts when the debug flag is set to active. (#4800)
- Vulnerability Detector improvements. (#5097)
-
v3.12.3 Changes
April 27, 2020π Changed
- Disable WAL in databases handled by Wazuh DB to save disk space. (#4949)
π Fixed
- π Fixed a bug in Remoted that could prevent agents from connecting in UDP mode. (#4897)
- π Fixed a bug in the shared library that caused daemons to not find the ossec group. (#4873)
- π Prevent Syscollector from falling into an infinite loop when failed to collect the Windows hotfixes. (#4878)
- π Fixed a memory leak in the system scan by Rootcheck on Windows. (#4948)
- π Fixed a bug in Logcollector that caused the out_format option not to apply for the agent target. (#4942)
- π Fixed a bug that caused FIM to not handle large inode numbers correctly. (#4914)
- π Fixed a bug that made ossec-dbd crash due to a bad mutex initialization. (#4552)
-
v3.12.2 Changes
April 09, 2020π Fixed
- π Fixed a bug in Vulnerability Detector that made wazuh-modulesd crash when parsing the version of a package from a RHEL feed. (#4885)
-
v3.12.1 Changes
April 06, 2020π Changed
- β‘οΈ Updated MSU catalog on 31/03/2020. (#4819)
π Fixed
- π Fixed compatibility with the Vulnerability Detector feeds for Ubuntu from Canonical, that are available in a compressed format. (#4834)
- β Added missing field βdatabaseβ to the FIM on-demand configuration report. (#4785)
- π Fixed a bug in Logcollector that made it forward a log to an external socket infinite times. (#4802)
- π Fixed a buffer overflow when receiving large messages from Syslog over TCP connections. (#4778)
- π Fixed a malfunction in the Integrator module when analyzing events without a certain field. (#4851)
- π Fix XML validation with paths ending in
\. (#4783)
β Removed
- β Removed support for Ubuntu 12.04 (Precise) in Vulneratiliby Detector as its feed is no longer available.
-
v3.12.0 Changes
March 24, 2020β Added
- β Add synchronization capabilities for FIM. (#3319)
- β Add SQL database for the FIM module. Its storage can be switched between disk and memory. (#3319)
- β Add support for monitoring AWS S3 buckets in GovCloud regions. (#3953)
- β Add support for monitoring Cisco Umbrella S3 buckets. (#3890)
- β Add automatic reconnection with the Eventchannel service when it is restarted. (#3836)
- β Add a status validation when starting Wazuh. (#4237)
- β Add FIM module unit testing for Unix source code. (#4688)
- β Add multi-target support for unit testing. (#4564)
- β Add FIM module unit testing for Windows source code. (#4633)
π Changed
- π Move the FIM logic engine to the agent. (#3319)
- π Make Logcollector continuously attempt to reconnect with the agent daemon. (#4435)
- π Make Windows agents to send the keep-alive independently. (#4077)
- 0οΈβ£ Do not enforce source IP checking by default in the registration process. (#4083)
- β‘οΈ Updated API manager/configuration endpoint to also return the new synchronization and whodata syscheck fields (#4241)
- Disabled the chroot jail in Agentd on UNIX.
π Fixed
- Avoid reopening the current socket when Logcollector fails to send a event. (#4696)
- Prevent Logcollector from starving when has to reload files. (#4730)
- π Fix a small memory leak in clusterd. (#4465)
- π Fix a crash in the fluent forwarder when SSL is not enabled. (#4675)
- Replace non-reentrant functions to avoid race condition hazards. (#4081)
- π Fixed the registration of more than one agent as
anywhen forcing to use the source IP. (#2533) - π Fix Windows upgrades in custom directories. (#2534)
- π Fix the format of the alert payload passed to the Slack integration. (#3978)
-
v3.12-fim Changes
February 21, 20202019-10-18