Manager
Added
- Added cluster command to obtain custom ruleset files and their hash. (#14540)
Fixed
- Fixed a bug in Analysisd that may make it crash when decoding regexes with more than 14 or-ed subpatterns. (#13956)
- Fixed a crash hazard in Vulnerability Detector when parsing OVAL feeds. (#14366)
- Fixed busy-looping in wazuh-maild when monitoring alerts.json. (#14436)
- Fixed a segmentation fault in wazuh-maild when parsing alerts exceeding the nesting limit. (#14417)
Agent
Changed
- Improved Office365 integration module logs. (#13958)
Fixed
- Fixed a code defect in the GitHub integration module reported by Coverity. (#14368)
- Fixed an undefined behavior in the agent unit tests. (#14518)
RESTful API
Added
- Added endpoint GET /cluster/ruleset/synchronization to check ruleset synchronization status in a cluster. (#14551)
Changed
- Improved performance for MITRE API endpoints. (#14208
Ruleset
Added
- Added SCA Policy for CIS Microsoft Windows 11 Enterprise Benchmark v1.0.0. (#13806)
- Added SCA Policy for CIS Microsoft Windows 10 Enterprise Release 21H2 Benchmark v1.12.0. (#13879)
- Added SCA policy for Red Hat Enterprise Linux 9 (RHEL9). (#13843)
- Added SCA policy for CIS Microsoft Windows Server 2022 Benchmark 1.0.0. (#13899)
Fixed
- Fixed rule regular expression bug on Ubuntu 20.04 Linux SCA policy control ID 19137. (#14513)
- Fixed AWS Amazon Linux SCA policy. Fixed bug when wazuh-agent tries to run the policy. (#14483)
- Fixed AWS Amazon Linux 2 SCA policy. Limit journalctl to kernel events and only since boot. (#13950)
- Added missing SCA files during Wazuh-manager installation. (#14482)
- Fixed OS detection in Ubuntu 20.04 LTS SCA policy. (#14678)