Deep Security Linux Agent - 20.0.0-3288 (20 LTS Update 2021-10-28)
Deep Security Agent - 20.0.0-3288 (20 LTS Update 2021-10-28)
Release date: October 28, 2021
Build number: 20.0.0-3288New features
Kernel support package updates: You can now choose when to perform kernel support package updates, using the new "Automatically update kernel package when agent restarts" option in the computer or policy editor.
- Evolution of the agent installer: The Deep Security Agent installer now installs most agent content. This results in the following changes:
- Agent size requirements have increased, including a slightly larger installer package on most platforms.
- All agent content is now installed on the computer being protected. Content remains unloaded on a computer until a plug-in is activated by a policy or by the manager console.
- The agent is now much less dependent on relays because all plug-in installations use the content already installed with the agent. This mitigates plug-in install issues due to relay communications because plug-ins can be installed without a connection to a relay.
Enhanced platform support
Enhancements
- Deep Security Agent sometimes showed package signature errors during an upgrade because of a mismatched Certification Revocation List (CRL). DS-65056
- Updated Deep Security Agent to prevent agents upgraded from version 10.0 to 20.0 from losing their "NIC bypass" configuration (used for bypassing a network interface). DS-64985
- You can now exclude container file events from the kernel module. DS-65547
Resolved issues
- Anti-Malware updates sometimes failed, resulting in "Security Update: Pattern Update on Agents/Appliances Failed" errors. 04763356/SEG-119138/DS-66569
- The Deep Security Agent Scanner library sometimes couldn't be loaded by SAP NetWeaver. DS-67530
- With Intrusion Protection enabled, Deep Security Agent caused the system to crash under some configurations. SF04931669/SEG-123338/DS-67441
- With SAP integrated and running, Deep Security Agent would block MP4 files. 04660120/SEG-117094/DSSEG-7254
- Deep Security Agent sometimes was unable to connect to the manager via proxies. DS-65929
What's new in Deep Security Agent? | Deep SecuritySecurity updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DS-46018/DSSEG-7210/DSSEG-7217
- CVSS score: 7.8
- Severity: High
Deep Security Windows Agent - 20.0.0-3288 (20 LTS Update 2021-10-28)
Deep Security Agent - 20.0.0-3288 (20 LTS Update 2021-10-28)
Release date: October 28, 2021
Build number: 20.0.0-3288New features
- Evolution of the agent installer: The Deep Security Agent installer now installs most agent content. This results in the following changes:
- Agent size requirements have increased, including a slightly larger installer package on most platforms.
- All agent content is now installed on the computer being protected. Content remains unloaded on a computer until a plug-in is activated by a policy or by the manager console.
- The agent is now much less dependent on relays because all plug-in installations use the content already installed with the agent. This mitigates plug-in install issues due to relay communications because plug-ins can be installed without a connection to a relay.
Enhancements
- Deep Security Agent sometimes showed package signature errors during an upgrade because of a mismatched Certification Revocation List (CRL). DS-65056
Resolved issues
- With Intrusion Protection enabled, Deep Security Agent sometimes caused high CPU usage and sometimes caused the system to crash. DS-65902
- With SAP integrated and running, Deep Security Agent would block MP4 files. 04660120/SEG-117094/DSSEG-7254
- Deep Security Agent sometimes was unable to connect to the manager via proxies. DS-65929
- CPU usage would spike when Deep Security Agent queried the runtime status of the Anti-Malware component. DSSEG-7222
- Deep Security Agent did not always check that metadata was ready before initializing connection with the manager. DS-51103
What's new in Deep Security Agent? | Deep SecuritySecurity updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DS-46018/DSSEG-7210/DSSEG-7217
- CVSS score: 7.8
- Severity: High
Deep Security UNIX Agent - 20.0.0-3288 (20 LTS Update 2021-10-28)
Deep Security Agent - 20.0.0-3288 (20 LTS Update 2021-10-28)
Release date: October 28, 2021
Build number: 20.0.0-3288New features
- Evolution of the agent installer: The Deep Security Agent installer now installs most agent content. This results in the following changes:
- Agent size requirements have increased, including a slightly larger installer package on most platforms.
- All agent content is now installed on the computer being protected. Content remains unloaded on a computer until a plug-in is activated by a policy or by the manager console.
- The agent is now much less dependent on relays because all plug-in installations use the content already installed with the agent. This mitigates plug-in install issues due to relay communications because plug-ins can be installed without a connection to a relay.
Enhancements
- Deep Security Agent sometimes showed package signature errors during an upgrade because of a mismatched Certification Revocation List (CRL). DS-65056
Resolved issues
- Deep Security Agent sometimes was unable to connect to the manager via proxies. DS-65929
- Some customers encountered an issue when the run-time CPU number was larger than expected, which led to crashes. DS-65757
What's new in Deep Security Agent? | Deep SecuritySecurity updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DS-46018/DSSEG-7210/DSSEG-7217
- CVSS score: 7.8
- Severity: High