v4.9.0-alpha2
版本发布时间: 2024-07-12 17:40:27
wazuh/wazuh最新发布版本:v4.9.0-rc1(2024-08-21 19:52:07)
Manager
Added
- The manager now supports alert forwarding to Fluentd. (#17306)
- Added missing functionality for vulnerability scanner translations. (#23518)
- Improved performance for vulnerability scanner translations. (#23722)
- Enhanced vulnerability scanner logging to be more expressive. (#24536)
- The manager now supports alert forwarding to Fluentd. (#17306)
- Added the HAProxy helper to manage load balancer configuration and automatically balance agents. (#23513)
Fixed
- Fixed compilation issue for local installation. (#20505)
- Fixed malformed JSON error in wazuh-analysisd. (#16666)
- Fixed a warning when uninstalling the Wazuh manager if the VD feed is missing. (#24375)
- Ensured vulnerability detection scanner log messages end with a period. (#24393)
Changed
- Changed error messages about
recv()
messages from wazuh-db to debug logs. (#20285)
Agent
Added
- Added debug logging in FIM to detect invalid report change registry values. Thanks to Zafer Balkan (@zbalkan). (#21690)
- Added Amazon Linux 1 and 2023 support for the installation script. (#21287)
- Added Journald support in Logcollector. (#23137)
- Added support for Amazon Security Hub via AWS SQS. (#23203)
Fixed
- Fixed loading of whodata through timeouts and retries. (#21455)
- Avoided backup failures during WPK update by adding dependency checking for the tar package. (#21729)
- Fixed using memmove instead of memcpy to avoid unwanted behavior. (#21595)
- Fixed a crash in the agent due to a library incompatibility. (#22210)
- Fixed an error in the osquery integration on Windows that avoided loading osquery.conf. (#21728)
- Fixed a crash in the agent's Rootcheck component when using
<ignore>
. (#22588) - Fixed command wodle to support UTF-8 characters on windows agent. (#19146)
- Fixed Windows agent to delete wazuh-agent.state file when stopped. (#20425)
- Fixed Windows Agent 4.8.0 permission errors on Windows 11 after upgrade. (#20727)
- Fixed Syscollector not checking if there's a scan in progress before starting a new one. (#22440)
- Fixed alerts are created when syscheck diff DB is full. (#16487)
- Fixed Wazuh deb uninstallation to remove non-config files. (#2195)
- Fixed improper Windows agent ACL on non-default installation directory. (#23273)
- Fixed socket configuration of an agent is displayed. (#17664)
- Fixed wazuh-modulesd printing child process not found error. (#18494)
- Fixed issue with an agent starting automatically without reason. (#23848)
- Fixed GET /syscheck to properly report size for files larger than 2GB. (#17415)
- Fixed error in packages generation centos 7. (#24412)
- Fixed Wazuh deb uninstallation to remove non-config files from the installation directory. (#2195)
- Fixed Azure auditLogs/signIns status parsing (thanks to @Jmnis for the contribution). (#22392)
Changed
- The directory /boot has been removed from the default FIM settings for AIX. (#19753)
RESTful API
Changed
- Replaced the used aiohttp server with uvicorn. (#23199)
- Changed the
PUT /groups/{group_id}/configuration
endpoint response error code when uploading an empty file. (#23199) - Changed the
GET, PUT and DELETE /lists/files/{filename}
endpoints response status code when an invalid file is used. (#23199) - Changed the
PUT /manager/configuration
endpoint response status code when uploading a file with invalid content-type. (#23199)
Ruleset
Changed
- The solved vulnerability rule has been clarified. (#19754)
Fixed
- Fixed audit decoders to parse the new heading field "node=". (#22178)
Other
Changed
- Upgraded external OpenSSL library dependency version to 3.0. (#20778)
- Migrated QA framework. (#17427)
- Improved WPKs. (#21152)
- Migrated and adapted Wazuh subsystem repositories as part of Wazuh packages redesign. ((#23508))
- Upgraded external connexion library dependency version to 3.0.5 and its related interdependencies. (#23199)
Fixed
- Fixed a buffer overflow hazard in HMAC internal library. (#19794)