4.9.0 Release notes - TBD

This section lists the changes in version 4.9.0. Every update of the ThreatLockDown solution is cumulative and includes all enhancements and fixes from previous releases.

What's new

This release includes new features or enhancements as the following:

ThreatLockDown manager

  • #17306 Added alert forwarding to Fluentd.

  • #20285 Changed logging level of wazuh-db recv() messages from error to debug.

ThreatLockDown agent

  • #19753 Removed the directory /boot from the default FIM settings for AIX.

Ruleset

  • #19754 Clarified the description for rule ID 23502 about solved vulnerabilities.

ThreatLockDown dashboard

  • #6145 Added AngularJS dependencies.

  • #6120 Removed embedded discover component. #6235 #6254 #6285

  • #6227 Added support for a new index for the FIM module.

  • #6250 Added agent groups edition to Endpoints Summary.

Resolved issues

This release resolves known issues as the following:

ThreatLockDown manager

Reference

Description

#20505

Fixed compilation issue for local installation.

ThreatLockDown agent

Reference

Description

#19146

Fixed command monitoring on Windows to support UTF-8 characters.

Other

Reference

Description

#19794

Fixed a buffer overflow hazard in HMAC internal library.

ThreatLockDown dashboard

Reference

Description

#6237

Fixed disappearing scripted fields when index pattern fields refreshed.

Changelogs

More details about these changes are provided in the changelog of each component: