Deep Security Manager 12.0 update 12
Resolved issues
- When there was a Log Inspection database corruption issue, it did not affect the Log Inspection status on the Deep Security Manager. SEG-77081/02984526/DSSEG-5726
- There was a rights issue with Scheduled Tasks that caused incorrect behaviors to occur when creating them. SEG-78610/SF03320936/DSSEG-5752
- Imported VMs in vCloud were unable to activate. SEG-75542/03189161/DSSEG-5813
- Upgrading to Deep Security Manager 12 was blocked if you installed Deep Security Virtual Appliance into NSX-V 6.4.7 on ESXi 7.0. SEG-82636,/SEG-82637/DSSEG-5926
- The Computer Status widget on Deep Security Manager's dashboard did not display the correct number of managed computers. SEG-80171/03189161/DSSEG-5885
What's new in Deep Security Manager? | Deep SecuritySecurity updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-5814/VRTS-4652/03296737/DSSEG-5772
- CVSS Score: 9.8
- Severity: Critical
Deep Security Linux Agent - 12.0 update 12
Enhancements
- You can choose not to send packet data back to the Deep Security Manager by going to Administration > Agents > Data Privacy and selecting No. SF03237033/DSSEG-6017
Resolved issues
- When Anti-Malware real-time scans were enabled in Linux, sometimes the system crashed because buffers from procfs were not validated. SEG-80183/DSSEG-5884
- Application Control sometimes blocked applications that should have been allowed as they were created by a trusted updater. SEG-77446/03206632/DSSEG-5840
- Agent self-protection did not protect Deep Security Notifier. SEG-76015/SF03168155/DSSEG-5920
- When a Deep Security Agent was deactivated, the Anti-Malware module's language was switched to English. When the Deep Security agent was reactivated in Japanese, this sometimes caused the Anti-Malware component update to fail. SEG-79963/03184072/DSSEG-5811
- When a re-transmission packet with new packets was sent, it sometimes produced an "Unsupported SSL Version" Intrusion Prevention event./DSSEG-5879
- When there was a Log Inspection database corruption issue, it did not affect the Log Inspection status on the Deep Security Manager. SEG-77081/02984526/DSSEG-5726
- Deep Security Manager reported a security update timeout because Deep Security Agent received exceptions as security updates. SEG-82072/03273761/DSSEG-5953
- Deep Security Agent detected false file change events due to the setuid/setgid formatting. The agent also generated false file attribute changes in /usr/bin following an upgrade, which was caused by the file creation time change./DSSEG-5928
- When "Serve Application Control rulesets from relays" was enabled, unnecessary relay error events occurred./DSSEG-5988
- When the Kerberos cache file was deleted and re-added, a lot of "User Added" and "User Deleted" Integrity Monitoring events occurred. SEG-80629/03402557/DSSEG-5981
What's new in Deep Security Agent? | Deep SecuritySecurity updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-5255
- CVSS score: 7.8
- Severity: High
- Updated to curl 7.67.0.
- Updated to openssl-1.0.2t.
Deep Security UNIX Agent - 12.0 update 12
Enhancements
- You can choose not to send packet data back to the Deep Security Manager by going to Administration > Agents > Data Privacy and selecting No. SF03237033/DSSEG-6017
Resolved issues
- Application Control sometimes blocked applications that should have been allowed as they were created by a trusted updater. SEG-77446/03206632/DSSEG-5840
- Agent self-protection did not protect Deep Security Notifier. SEG-76015/SF03168155/DSSEG-5920
- When a Deep Security Agent was deactivated, the Anti-Malware module's language was switched to English. When the Deep Security Agent was reactivated in Japanese, this sometimes caused the Anti-Malware component update to fail. SEG-79963/03184072/DSSEG-5811
- Deep Security Manager reported a security update timeout because Deep Security Agent received exceptions at security updates. SEG-82072/03273761/DSSEG-5953
- Deep Security Agent detected false file change events due to the setuid/setgid formatting. The agent also generated false file attribute changes in /usr/bin following an upgrade, which was caused by the file creation time change. /DSSEG-5928
- When "Serve Application Control rulesets from relays" was enabled, unnecessary relay error events occurred. /DSSEG-5988
- On Solaris 10 servers with Deep Security Agent and debug logs enabled for Anti-Malware, the Deep Security Agent process sometimes encountered an abnormal restart. SEG-80989/SF03420394/DSSEG-5880
- When the Kerberos cache file was deleted and re-added, a lot of "User Added" and "User Deleted" Integrity Monitoring events occurred. SEG-80629/03402557/DSSEG-5981
What's new in Deep Security Agent? | Deep SecuritySecurity updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases.
- CVSS score: 7.8
- Severity: High
- Updated to curl 7.67.0.
- Updated to openssl-1.0.2t.
Deep Security Windows Agent - 12.0 update 12
Enhancements
- You can choose not to send packet data back to the Deep Security Manager by going to Administration > Agents > Data Privacy and selecting No. SF03237033/DSSEG-6017
Resolved issues
- Application Control sometimes blocked applications that should have been allowed as they were created by a trusted updater. SEG-77446/03206632/DSSEG-5840
- Agent self-protection did not protect Deep Security Notifier SEG-76015/SF03168155/DSSEG-5920
- When a Deep Security Agent was deactivated, the Anti-Malware module's language was switched to English. When the Deep Security agent was reactivated in Japanese, this sometimes caused the Anti-Malware component update to fail. SEG-79963/03184072/DSSEG-5811
- When a re-transmission packet with new packets was sent, it sometimes produced an "Unsupported SSL Version" Intrusion Prevention event. /DSSEG-5879
- When there was a Log Inspection database corruption issue, it did not affect the Log Inspection status on the Deep Security Manager. SEG-77081/02984526/DSSEG-5726
- Deep Security Manager reported a security update timeout because Deep Security Agent received exceptions at security updates. SEG-82072/03273761/DSSEG-5953
- When "Serve Application Control rulesets from relays" was enabled, unnecessary relay error events occurred. /DSSEG-5988
- When the Kerberos cache file was deleted and re-added, a lot of "User Added" and "User Deleted" Integrity Monitoring events occurred. SEG-80629/03402557/DSSEG-5981
What's new in Deep Security Agent? | Deep SecuritySecurity updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases.
- CVSS score: 7.8
- Severity: High
- Updated to curl 7.67.0.
- Updated to openssl-1.0.2t.
