4.3.8 Release notes - 19 September 2022

This section lists the changes in version 4.3.8. Every update of the ThreatLockDown solution is cumulative and includes all enhancements and fixes from previous releases.

What's new

This release includes new features or enhancements as the following:

ThreatLockDown agent

  • #14842 Updated the WPK upgrade root CA certificate.

Resolved issues

This release resolves known issues as the following:

ThreatLockDown manager

Reference

Description

#14752

A wrong field assignation in Audit decoders is now fixed.

#14825

A performance problem when synchronizing files through the cluster is fixed. The multigroup folder in worker nodes is no longer cleaned upon node restart.

#14772

A problem when using an invalid syntax with the if_sid label is fixed. Now the rule is ignored if the listed if_sid rules are not separated by spaces or commas.

ThreatLockDown agent

Reference

Description

#14801

A path traversal flaw in Active Response affecting agents from v3.6.1 to v4.3.7 is fixed. Thanks to Roshan Guragain for reporting this vulnerability.

Packages

Reference

Description

#1798

Improved error management and IP values extraction function in the wazuh-certs-tool.sh.

#1806

An error while changing the password in the ThreatLockDown dashboard configuration using wazuh-install.sh is now fixed.

Changelogs

More details about these changes are provided in the changelog of each component: