Manager
Fixed
- Added support for multiple Certificate Authorities files in the indexer connector. (#24620)
- Removed hardcoded cipher text size from the RSA decryption method. (#24529)
- Avoid infinite loop while updating the vulnerability detector content. (#25094)
- Fixed repeated OS vulnerability reports. (#26223)
- Fixed inconsistencies between reported context and vulnerability data. (#25479)
- Fixed concurrency issues in LRU caches (#26073)
- Removed all CVEs related to a deleted agent from the indexer. (#26232)
- Prevented an infinite loop when indexing events in the Vulnerability Detector. (#26922)
- Fixed segmentation fault in
DescriptionsHelper::vulnerabilityDescription
. (#26842) - Fixed vulnerability scanner re-scan triggers in cluster environment. (#24034)
- Fixed an issue where elements in the delayed list were not purged when changing nodes. (#27145)
Changed
- Added self-recovery mechanism for rocksDB databases. (#24333)
- Improve logging for indexer connector monitoring class. (#25189)
- Added generation of debug symbols. (#23760)
- Updated CURL version to 8.10.0. (#23266)
Agent
Fixed
- Fixed macOS agent upgrade timeout. (#25452)
- Fixed macOS agent startup error by properly redirecting cat command errors in wazuh-control. (#24531)
- Fixed inconsistent package inventory size information in Syscollector across operating systems (#24516)
- Fixed missing Python path locations for macOS in Data Provider. (#24125)
- Fixed permission error on Windows 11 agents after remote upgrade. (#25429)
- Fixed increase of the variable containing file size in FIM for Windows. (#24387)
- Fixed timeout issue when upgrading Windows agent via WPK. (#25699)
- Allowed unknown syslog identifiers in Logcollector's journald reader. (#26748)
- Prevented agent termination during package upgrades in containers by removing redundant kill commands. (#26828)
- Fixed handle leak in FIM's realtime mode on Windows. (#26861)
- Fixed errors on AIX 7.2 by adapting the blibpath variable. (#26900)
- Sanitized agent paths to prevent issues with parent folder references. (#26944)
- Fixed an issue in the DEB package that prevented the agent from restarting after an upgrade. (#26633)
- Improved file path handling in agent communications to avoid references to parent folders. (#26944)
- Set RPM package vendor to
UNKNOWN_VALUE
when the value is missing. (#27054) - Updated Solaris package generation to use the correct
wazuh-packages
reference. (#27059)
Changed
- Added generation of debug symbols. (#23760)
- Changed how the AWS module handles non-existent regions. (#23998)
- Changed macOS packages building tool. (#2006)
- Enhance Wazuh macOS agent installation instructions (#7498)
- Enhance Windows agent signing procedure. (#2826)
- Enhance security by implementing a mechanism to prevent unauthorized uninstallation of Wazuh agent on Linux endpoints. (#23466)
- Enhance integration with Microsoft Intune MDM to pull audit logs for security alert generation. (#24498)
- Updated rootcheck old signatures. (#26137)
RESTful API
Added
- Created new endpoint for agent uninstall process. (#24621)
Other
Changed
- Updated the embedded Python version up to 3.10.15. (#25374)
- Upgraded
certifi
and removed unused packages. (#25324) - Upgraded external
cryptography
library dependency version to 43.0.1. (#25893) - Upgraded external
starlette
anduvicorn
dependencies. (#26252)
Ruleset
Added
- Create SCA Policy for Windows Server 2012 (non R2). (#21794)
Changed
- Rework SCA Policy for Windows Server 2019. (#21434)
- Rework SCA Policy for Red Hat Enterprise Linux 9. (#24667)
- Rework SCA Policy for Microsoft Windows Server 2012 R2. (#24991)
- Rework SCA Policy for Ubuntu Linux 18.04 LTS. Fix incorrect checks in Ubuntu 22.04 LTS. (#24957)
- Rework SCA Policy for Amazon Linux 2 SCA. (#24969)
- Rework SCA for SUSE Linux Enterprise 15 SCA. (#24975)
- Rework SCA Policy for Apple macOS 13.0 Ventura. (#24992)
- Rework SCA Policy for Microsoft Windows 11 Enterprise. (#25710)