0.28.1

版本发布时间: 2021-05-07 22:06:25

falcosecurity/falco最新发布版本:0.39.1(2024-10-09 16:56:32)

Images
`docker pull docker.io/falcosecurity/falco:0.28.1`
`docker pull public.ecr.aws/falcosecurity/falco:0.28.1`
`docker pull docker.io/falcosecurity/falco-driver-loader:0.28.1`
`docker pull docker.io/falcosecurity/falco-no-driver:0.28.1`

new: --support output now includes info about the Falco engine version [#1581] - @mstemm
new: Falco outputs an alert in the unlikely situation it's receiving too many consecutive timeouts without an event [#1622] - @leodido
new: configuration field syscall_event_timeouts.max_consecutive to configure after how many consecutive timeouts without an event Falco must alert [#1622] - @leodido

fix: do not stop the webserver for k8s audit logs when invalid data is coming in the event to be processed [#1617] - @fntlnz

rule(macro: allowed_aws_ecr_registry_root_for_eks): new macro for AWS EKS images hosted on ECR to use in rule: Launch Privileged Container [#1640] - @ismailyenigul
rule(macro: aws_eks_core_images): new macro for AWS EKS images hosted on ECR to use in rule: Launch Privileged Container [#1640] - @ismailyenigul
rule(macro: aws_eks_image_sensitive_mount): new macro for AWS EKS images hosted on ECR to use in rule: Launch Privileged Container [#1640] - @ismailyenigul
rule(list falco_privileged_images): remove deprecated Falco's OCI image repositories [#1634] - @maxgio92
rule(list falco_sensitive_mount_images): remove deprecated Falco's OCI image repositories [#1634] - @maxgio92
rule(macro k8s_containers): remove deprecated Falco's OCI image repositories [#1634] - @maxgio92
rule(macro: python_running_sdchecks): macro removed [#1620] - @leogr
rule(Change thread namespace): remove python_running_sdchecks exception [#1620] - @leogr

Release Manager @cpanato