Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CHANGELOG 5.10.1 #8155

Merged
merged 3 commits into from
Oct 14, 2023
Merged

CHANGELOG 5.10.1 #8155

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
558e42d
CHANGELOG 5.10.1
directionless Oct 9, 2023
94211d4
Update CHANGELOG.md
directionless Oct 9, 2023
62c6d54
words
directionless Oct 10, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
76 changes: 76 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,81 @@
# osquery Changelog

<a name="5.10.1"></a>
## [5.10.1](https://github.com/osquery/osquery/releases/tag/5.10.1)

[Git Commits](https://github.com/osquery/osquery/compare/5.9.1...5.10.1)

Representing commits from 18 contributors! Thank you all.

directionless marked this conversation as resolved.
Show resolved Hide resolved
### New Features

- Add `--enable_watchdog_logging` flag and improve error messages ([#8070](https://github.com/osquery/osquery/pull/8070))
- Add an option to enforce AWS FIPS endpoints ([#8075](https://github.com/osquery/osquery/pull/8075))
directionless marked this conversation as resolved.
Show resolved Hide resolved
- Implement `decorations_top_level` flag for status logs ([#8102](https://github.com/osquery/osquery/pull/8102))

### Table Changes

- Add new macOS SIP config flags ([#8101](https://github.com/osquery/osquery/pull/8101))
- Added `cloud`_id to `ycloud_instance_metadata` - the vm metadata table for Yandex Cloud ([#8086](https://github.com/osquery/osquery/pull/8086))
- Allow querying of kernel and filesystem drivers ([#8119](https://github.com/osquery/osquery/pull/8119))
- Update `es_process_file_events` adding support for open events, and for only triggering on `file_paths` ([#8114](https://github.com/osquery/osquery/pull/8114))
- Update `firefox_addons` to use rapidjson to parse and don't block on read ([#8089](https://github.com/osquery/osquery/pull/8089))
- Add some indexing to `block_devices` ([#8037](https://github.com/osquery/osquery/pull/8037))
- Revert "Add some indexing to `block_devices`" ([#8151](https://github.com/osquery/osquery/pull/8151))
Smjert marked this conversation as resolved.
Show resolved Hide resolved

### Under the Hood improvements

- Add warnings when an enrollment secret cannot be found ([#8082](https://github.com/osquery/osquery/pull/8082))
- Avoid blocking when reading plist files ([#8099](https://github.com/osquery/osquery/pull/8099))
- Fix named virtual table create statement ([#8139](https://github.com/osquery/osquery/pull/8139))
- Remove forensicReadFile ([#8085](https://github.com/osquery/osquery/pull/8085))
- Substitute the TEXT macro with SQL_TEXT in table code ([#8091](https://github.com/osquery/osquery/pull/8091))
- Use JSON member iterator instead of rescanning ([#8122](https://github.com/osquery/osquery/pull/8122))
- core: Avoid checking if a file exists before opening ([#8087](https://github.com/osquery/osquery/pull/8087))
- improvement: Avoid unnecessary string conversions ([#8093](https://github.com/osquery/osquery/pull/8093))
- watchdog: Use virtual cores to calculate CPU utilization limit ([#8104](https://github.com/osquery/osquery/pull/8104))

### Bug Fixes

- Add new AWS valid regions ([#8110](https://github.com/osquery/osquery/pull/8110))
directionless marked this conversation as resolved.
Show resolved Hide resolved
- Always lock event_index_mutex when accessing event_index map ([#8077](https://github.com/osquery/osquery/pull/8077))
- Check audit return values with <= ([#8125](https://github.com/osquery/osquery/pull/8125))
- Fix `wifi_survey` table not to crash if the ssid cannot be retrieved ([#8153](https://github.com/osquery/osquery/pull/8153))
- Update `es_process_events` table: quote spaces in command line and environment variables ([#8054](https://github.com/osquery/osquery/pull/8054))
- Update linux `disk_encryption` to recursively query parent crypt status ([#8052](https://github.com/osquery/osquery/pull/8052))

### Documentation

- Add a list of Osquery fleet managers ([#7781](https://github.com/osquery/osquery/pull/7781))
- Add basic file carving documentation ([#8118](https://github.com/osquery/osquery/pull/8118))
- Changelog for 5.9.1 ([#8088](https://github.com/osquery/osquery/pull/8088))
- Fixed small doc error ([#8147](https://github.com/osquery/osquery/pull/8147))
- Update Automatic Table Construction example ([#8094](https://github.com/osquery/osquery/pull/8094))
- Update XCode version mentions to the proper one ([#8128](https://github.com/osquery/osquery/pull/8128))
- Update the description of `serial_number` in `connected_displays` ([#8113](https://github.com/osquery/osquery/pull/8113))

### Build

- Fix openssl build arch for Windows ARM64 ([#8134](https://github.com/osquery/osquery/pull/8134))
- Ignore CVE-2023-30571 ([#8065](https://github.com/osquery/osquery/pull/8065))
- Missing pragma/header guard for boottime.h ([#8117](https://github.com/osquery/osquery/pull/8117))
- Permit cross compiling for x86_64 on Apple Silicon ([#8136](https://github.com/osquery/osquery/pull/8136))
- build: update macos hosted github runner to macos-12 monterey ([#8100](https://github.com/osquery/osquery/pull/8100))
- ci: Fix DistributedTests.test_run_queries_with_denylisted_query test ([#8154](https://github.com/osquery/osquery/pull/8154))
- ci: Increase aarch64 available space by splitting the build ([#8131](https://github.com/osquery/osquery/pull/8131))
- ci: Increase disk space on the Linux x86_64 runner ([#8133](https://github.com/osquery/osquery/pull/8133))
- ci: Remove flakyness when removing unused packages on Linux ([#8144](https://github.com/osquery/osquery/pull/8144))
- cve: Ignore dbus CVE-2023-34969 ([#8126](https://github.com/osquery/osquery/pull/8126))
- cve: Ignore libcap CVE-2023-2603 ([#8127](https://github.com/osquery/osquery/pull/8127))
- cve: Update libmagic to 5.45 ([#8142](https://github.com/osquery/osquery/pull/8142))
- cve: Update lzma to 5.4.4 ([#8135](https://github.com/osquery/osquery/pull/8135))
- cve: Update openssl to 3.1.3 ([#8141](https://github.com/osquery/osquery/pull/8141))
- libs: Fix openssl build on aarch64 ([#8084](https://github.com/osquery/osquery/pull/8084))
- libs: Update openssl to 3.1.1 ([#8081](https://github.com/osquery/osquery/pull/8081))
- libs: Update openssl to 3.1.2 ([#8124](https://github.com/osquery/osquery/pull/8124))
- test: Fix leaks in inotify and rocksdb tests ([#8080](https://github.com/osquery/osquery/pull/8080))


<a name="5.9.1"></a>
## [5.9.1](https://github.com/osquery/osquery/releases/tag/5.9.1)

Expand Down