Added
- API:
- Added missing secure headers for API responses. (#7138)
- Added new config option to disable uploading configurations containing remote commands. (#7134)
- Added new config option to choose the SSL ciphers. Default value
TLSv1.2. (#7164)
Changed
- API:
- Deprecated endpoints to restore and update API configuration file. (#7132)
- Default expiration time of the JWT token set to 15 minutes. (#7167)
Fixed
- API:
- Fixed a path traversal flaw (CVE-2021-26814) affecting 4.0.0 to 4.0.3 at
/manager/files and /cluster/{node_id}/files endpoints. (#7131)
- Framework:
- Fixed a bug with add_manual(agents) function when authd is disabled. (#7135)
- Core:
- Fixed the purge of the Redhat vulnerabilities database before updating it. (#7133)
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.
You signed out in another tab or window. Reload to refresh your session.