まっちゃだいふくの日記

セキュリティのこと、ITの気になった記事をリンクしています。

Deep Security Agent (Linux/Windows/UNIX) - 20.0.0-3288 (20 LTS Update 2021-10-28) リリース@ ARM版のUbuntu対象になったのと、2021年10月からインストーラーからインストーラーが変更されて全てのプラグインがインストールされマネージャーで有効にたらロードされる様になった

Deep Security Linux Agent - 20.0.0-3288 (20 LTS Update 2021-10-28)

Deep Security Agent - 20.0.0-3288 (20 LTS Update 2021-10-28)
Release date: October 28, 2021
Build number: 20.0.0-3288

New features

Kernel support package updates: You can now choose when to perform kernel support package updates, using the new "Automatically update kernel package when agent restarts" option in the computer or policy editor.

  • Evolution of the agent installer: The Deep Security Agent installer now installs most agent content. This results in the following changes:
    • Agent size requirements have increased, including a slightly larger installer package on most platforms.
    • All agent content is now installed on the computer being protected. Content remains unloaded on a computer until a plug-in is activated by a policy or by the manager console.
    • The agent is now much less dependent on relays because all plug-in installations use the content already installed with the agent. This mitigates plug-in install issues due to relay communications because plug-ins can be installed without a connection to a relay.

Enhanced platform support

  • Deep Security Agent (version 20.0.0-3288+) is now supported on these platforms:
  • Secure boot support: Deep Security Agent now supports Oracle Linux 7 (in both uek-R5 and uek-R6) and Oracle Linux 8 with Secure boot enabled.

Enhancements

  • Deep Security Agent sometimes showed package signature errors during an upgrade because of a mismatched Certification Revocation List (CRL). DS-65056
  • Updated Deep Security Agent to prevent agents upgraded from version 10.0 to 20.0 from losing their "NIC bypass" configuration (used for bypassing a network interface). DS-64985
  • You can now exclude container file events from the kernel module. DS-65547

Resolved issues

  • Anti-Malware updates sometimes failed, resulting in "Security Update: Pattern Update on Agents/Appliances Failed" errors. 04763356/SEG-119138/DS-66569
  • The Deep Security Agent Scanner library sometimes couldn't be loaded by SAP NetWeaver. DS-67530
  • With Intrusion Protection enabled, Deep Security Agent caused the system to crash under some configurations. SF04931669/SEG-123338/DS-67441
  • With SAP integrated and running, Deep Security Agent would block MP4 files. 04660120/SEG-117094/DSSEG-7254
  • Deep Security Agent sometimes was unable to connect to the manager via proxies. DS-65929

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DS-46018/DSSEG-7210/DSSEG-7217

  • CVSS score: 7.8
  • Severity: High
What's new in Deep Security Agent? | Deep Security

Deep Security Windows Agent - 20.0.0-3288 (20 LTS Update 2021-10-28)

Deep Security Agent - 20.0.0-3288 (20 LTS Update 2021-10-28)
Release date: October 28, 2021
Build number: 20.0.0-3288

New features

  • Evolution of the agent installer: The Deep Security Agent installer now installs most agent content. This results in the following changes:
    • Agent size requirements have increased, including a slightly larger installer package on most platforms.
    • All agent content is now installed on the computer being protected. Content remains unloaded on a computer until a plug-in is activated by a policy or by the manager console.
    • The agent is now much less dependent on relays because all plug-in installations use the content already installed with the agent. This mitigates plug-in install issues due to relay communications because plug-ins can be installed without a connection to a relay.

Enhancements

  • Deep Security Agent sometimes showed package signature errors during an upgrade because of a mismatched Certification Revocation List (CRL). DS-65056

Resolved issues

  • With Intrusion Protection enabled, Deep Security Agent sometimes caused high CPU usage and sometimes caused the system to crash. DS-65902
  • With SAP integrated and running, Deep Security Agent would block MP4 files. 04660120/SEG-117094/DSSEG-7254
  • Deep Security Agent sometimes was unable to connect to the manager via proxies. DS-65929
  • CPU usage would spike when Deep Security Agent queried the runtime status of the Anti-Malware component. DSSEG-7222
  • Deep Security Agent did not always check that metadata was ready before initializing connection with the manager. DS-51103

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DS-46018/DSSEG-7210/DSSEG-7217

  • CVSS score: 7.8
  • Severity: High
What's new in Deep Security Agent? | Deep Security

Deep Security UNIX Agent - 20.0.0-3288 (20 LTS Update 2021-10-28)

Deep Security Agent - 20.0.0-3288 (20 LTS Update 2021-10-28)
Release date: October 28, 2021
Build number: 20.0.0-3288

New features

  • Evolution of the agent installer: The Deep Security Agent installer now installs most agent content. This results in the following changes:
    • Agent size requirements have increased, including a slightly larger installer package on most platforms.
    • All agent content is now installed on the computer being protected. Content remains unloaded on a computer until a plug-in is activated by a policy or by the manager console.
    • The agent is now much less dependent on relays because all plug-in installations use the content already installed with the agent. This mitigates plug-in install issues due to relay communications because plug-ins can be installed without a connection to a relay.

Enhancements

  • Deep Security Agent sometimes showed package signature errors during an upgrade because of a mismatched Certification Revocation List (CRL). DS-65056

Resolved issues

  • Deep Security Agent sometimes was unable to connect to the manager via proxies. DS-65929
  • Some customers encountered an issue when the run-time CPU number was larger than expected, which led to crashes. DS-65757

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DS-46018/DSSEG-7210/DSSEG-7217

  • CVSS score: 7.8
  • Severity: High
What's new in Deep Security Agent? | Deep Security