github aquasecurity/tracee v0.9.2

latest releases: v0.22.4, v0.22.3, v0.22.2...
2 years ago

v0.9.2

This is release contains fixes to regressions that were introduced in the last two releases. In particular we've disabled TRC-108, TRC-1022, default capabilities drop, move libbpf back to v1.0.1.

As this comes very soon after the prior two releases, take a look at v0.9.0's release notes to see recent highlights of tracee's improvements and added features!

Docker images

  • docker pull docker.io/aquasec/tracee:0.9.2 (embedded eBPF CO-RE obj with BTFHUB support)
  • docker pull docker.io/aquasec/tracee:full-0.9.2 (compiles non CO-RE eBPF object on startup)

Full changelog

f7a0b78 - rules: disable TRC-1022 (#2304) (Jose Donizetti)
84fd91e - capabilities: do not drop caps by default (Rafael David Tinoco)
29b89f8 - golang: go mod tidy (Rafael David Tinoco)
70ea836 - libbpfgo: bump to v0.4.4-libbpf-1.0.1 (Rafael David Tinoco)
6a079a9 - libbpf: back to v1.0.1 (Rafael David Tinoco)
537fe6c - hooked_proc_fops: remove redundant struct check and handle null pointer (#2303) (AsafEitani)
b8ac9db - k8s: disable signature TRC-108 (#2297) (Jose Donizetti)
bbcc6a5 - k8s: update version to 0.9.2 (#2299) (Jose Donizetti)
ae722d7 - event fix: bpf_attach map key (#2295) (roikol)

Don't miss a new tracee release

NewReleases is sending notifications on new releases.