4.5.1 Release notes - 24 August 2023
This section lists the changes in version 4.5.1. Every update of the ThreatLockDown solution is cumulative and includes all enhancements and fixes from previous releases.
Highlights
Native support for Mac computers with Apple silicon. This release provides an ARM-ready ThreatLockDown agent for macOS package.
Breaking changes
This release includes some breaking changes, such as the following:
Agent
#17748 Added the
discard_regexfunctionality to Inspector and CloudWatchLogs AWS integrations.With this change, execution stops without warning if you don't use the
fieldparameter when mandatory.
What's new
This version includes new features or improvements, such as the following:
Manager
Agent
Ruleset
Other
#16990 The CURL library has been updated to v7.88.1.
ThreatLockDown dashboard
#5478 Added Apple Silicon architecture button to the register Agent wizard.
#5497 Removed the agent name in the agent info ribbon.
#5539 Changed method to perform redirection on agent table buttons.
#5538 Changed Windows agent service name in the deploy agent wizard.
#5687 Changed the requests to get the agent labels from the managers.
ThreatLockDown Kibana plugin for Kibana 7.10.2, 7.16.x, and 7.17.x
#5478 Added Apple Silicon architecture button to the register Agent wizard.
#5497 Removed the agent name in the agent info ribbon.
#5539 Changed method to perform redirection on agent table buttons.
#5538 Changed Windows agent service name in the deploy agent wizard.
#5687 Changed the requests to get the agent labels from the managers.
Resolved issues
This release resolves known issues as the following:
Manager
Reference |
Description |
|---|---|
Fixed a race condition in some RBAC unit tests by clearing the SQLAlchemy mappers. |
|
Fixed a bug in wazuh-analysisd that could exceed the maximum number of fields when loading a rule. |
|
Fixed a race condition in wazuh-analysisd FTS list. |
|
Fixed a crash in Analysisd when parsing an invalid decoder. |
|
Fixed a segmentation fault in wazuh-modulesd due to duplicate Vulnerability Detector configuration. |
|
Fixed Vulnerability Detector configuration for unsupported SUSE systems. |
Agent
Reference |
Description |
|---|---|
Fixed |
|
Fixed a memory corruption hazard in the FIM Windows Registry scan. |
|
Fixed an error in Syscollector reading the CPU frequency on Apple M1. |
|
Fixed agent WPK upgrade for Windows that might leave the previous version in the Registry. |
|
Fixed agent WPK upgrade for Windows to get the correct path of the Windows folder. |
RESTful API
Reference |
Description |
|---|---|
Fixed |
|
Fixed errors in API endpoints to get |
Ruleset
Reference |
Description |
|---|---|
Fixed CredSSP encryption enforcement at Windows Benchmarks for SCA. |
|
Fixed an inverse logic in MS Windows Server 2022 Benchmark for SCA. |
|
Fixed a false positive in Windows Eventchannel rule due to substring false positive. |
|
Fixed missing whitespaces in SCA policies for Windows. |
|
Fixed the description of a Fortigate rule. |
ThreatLockDown dashboard
Reference |
Description |
|---|---|
Fixed the rendering of tables that contain IPs and agent overview. |
|
Fixed the agents active coverage stat as |
|
Fixed a broken documentation link to agent labels. |
|
Fixed the PDF report filters applied to tables. |
|
Fixed outdated year in the PDF report footer. |
ThreatLockDown Kibana plugin for Kibana 7.10.2, 7.16.x, and 7.17.x
Reference |
Description |
|---|---|
Fixed the rendering of tables that contain IPs and agent overview. |
|
Fixed the agents active coverage stat as |
|
Fixed a broken documentation link to agent labels. |
|
Fixed the PDF report filters applied to tables. |
|
Fixed outdated year in the PDF report footer. |
Changelogs
More details about these changes are provided in the changelog of each component: