What's new in Deep Security Agent?

For release notes from the long-term support LTS release, Deep Security Agent - Linux 10.0 readme.

Deep Security Agent - 10.0 update 31

Release date: July 12, 2021

Build number: 10.0.0-3983

Enhancements

• Updated Deep Security Agent (version 10.0.0-3983+) to add support for Entrust Root Certificate Authority (G2) certificates. Non-G2 security certificates will expire on 2022/07/09. After that time, only agents that have been upgraded to version 10.0.0-3983 or higher will have the latest Anti-Malware Smart Scan protection. DSSEG-6906

Resolved issues

• Deep Security Agent sometimes crashed when Intrusion Prevention was configured for SSL inspection. DSSEG-6913
• When Deep Security Agent had Intrusion Prevention enabled, systems with certain network interface card (NIC) drivers would sometimes crash. SEG-81702/03368009/DSSEG-6900

Deep Security Agent - 10.0 update 30

Release date: March 29, 2021

Build number: 10.0.0-3953

Resolved issues

• When running Intrusion Prevention, Deep Security Agent sometimes lost its connection with the database. DSSEG-6639
• When Web Reputation was enabled, the system sometimes crashed. SEG-102756/SF04258834/DSSEG-6741

Deep Security Agent - 10.0 update 29

Release date: January 25, 2021

Build number: 10.0.3921

Resolved issues

• When Anti-Malware real-time scans were enabled, Rancher Kubernetes pods sometimes couldn't be terminated gracefully. DSSEG-6456
• Anti-Malware real-time scans sometimes did not work for Docker containers. DSSEG-6478

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases.

Deep Security Agent - 10.0 update 28

Release date: September 17, 2020

Build number: 10.0.3879

Enhancements

• You can choose not to send packet data back to the Deep Security Manager by going to Administration > Agents > Data Privacy and selecting No. SF03237033/DSSEG-6019

Resolved issues

• Real-time Anti-Malware with file system hooking enabled did not work on older kernel versions. SEG-82411/SF03471236/DSSEG-5989
• A previous upgrade to SQLite impacted the performance of Integrity Monitoring. The original performance of this feature has now been restored. SEG-80876/DSSEG-5943

Deep Security Agent- 10.0 update 27

Release date: August 7, 2020

Build number: 10.0.0-3864

Resolved issues

• Real-time Anti-Malware with filesystem hooking enabled did not work on older kernel versions. SEG-82411/SF03471236/DSSEG-5946
• Kernel Panic occurred when Web Reputation, Firewall, or Intrusion Prevention were enabled. SEG-80201/SF03332691/DSSEG-5868
• When a re-transmission packet with new packets was sent, it sometimes produced an "Unsupported SSL Version" Intrusion Prevention event. SEG-73893/03100673/DSSEG-5866
• Ceph is now excluded from file system kernel hooking to prevent kernel panic. SEG-75664/SF03131718/DSSEG-5585

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. SEG-78524/SF03321021/DSSEG-5751

Highest CVSS score: 5.3

Highest severity: Medium

• Updated Nginx to 1.18.0.

Deep Security Agent - 10.0 update 26

Release date: May 13, 2020

Build number: 10.0.0-3833

Enhancements

• Increased the scan engine's URI path length limitation. SEG-61309/DSSEG-5247

Resolved issues

• Application Control didn't work correctly if CloudLinux 7 64-bit was used as the Deep Security Agent platform. (DSSEG-5235)
• Anti-Malware sometimes couldn't be applied successfully when an Anti-Malware engine update was performed. DSSEG-5472
• Anti-Malware directory exclusion with wildcards didn't match subdirectories correctly. SEG-74892/SF03131855/DSSEG-5577

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses.

• Updated SQLite to 3.30.1

Deep Security Agent - 10.0 update 25

Release date: February 21, 2020

Build number: 10.0.0-3761

Resolved issues

• Anti-Malware on-demand scans did not work properly when the root directory was set to "/" in the scan directory inclusion lists. (SEG-66679/02756807/DSSEG-5054)
• Memory leaks occurred in Anti-Malware if file attributes couldn't be retrieved.(SEG-67374/SF02753356/DSSEG-5064)

For release notes from the long-term support LTS release, Deep Security Agent - Windows 10.0 readme.

Deep Security Agent - 10.0 update 31

Release date: July 12, 2021

Build number: 10.0.0-3983

Resolved issues

• Deep Security Agent sometimes crashed when Intrusion Prevention was configured for SSL inspection. DSSEG-6913

Deep Security Agent - 10.0 update 30

Release date: March 29, 2021

Build number: 10.0.0-3953

This release contains general improvements.

Deep Security Agent - 10.0 update 29

Release date: January 25, 2021

Build number: 10.0.3921

New feature

Enhanced platform support

• Added support for Windows 2003.

Resolved Issue

When a re-transmission packet with new packets was sent, it sometimes produced an "Unsupported SSL Version" Intrusion Prevention event. SEG-73893/SEG-88641/03100673/03649246/DSSEG-5866

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases.

Deep Security Agent - 10.0 update 28

Release date: September 17, 2020

Build number: 10.0.3879

Enhancements

• You can choose not to send packet data back to the Deep Security Manager by going to Administration > Agents > Data Privacy and selecting No. SF03237033/DSSEG-6019

Resolved issues

• A previous upgrade to SQLite impacted the performance of Integrity Monitoring. The original performance of this feature has now been restored. SEG-80876/DSSEG-5943

Deep Security Agent - 10.0 update 27

Release date: August 10, 2020

Build number: 10.0.0-3864

Resolved issues

• When Integrity Monitoring was enabled, the owner of a file was incorrectly changed to a user that did not exist. SEG-77290/03251273/DSSEG-5720

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. SEG-78524/SF03321021/DSSEG-5751

Highest CVSS score: 5.3

Highest severity: Medium

• Updated Nginx to 1.18.0.

Deep Security Agent 10.0 update 26

Release date: May 13, 2020

Build number: 10.0.0-3833

Enhancements

• Increased the scan engine's URI path length limitation. SEG-61309/DSSEG-5247

Resolved issues

• Deep Security Agent restarted unexpectedly because of the way Log Inspection was accessing the SQLite database. SEG-70313/02588698/DSSEG-5456

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses.

• Updated SQLite to 3.30.1

Known issues

This release does not support the installation or upgrade of Deep Security Agent on Windows 2003 or Windows XP. Support for these platforms will be re-introduced in a subsequent update. For more information, see Deep Security Agent version 10 update 26 cannot be used for installation or upgrade on Windows XP/2003. DSSEG-5603

Deep Security Agent - 10.0 update 25

Release date: February 21, 2020

Build number: 10.0.0-3761

Resolved issues

• (A high-memory issue occurred when collecting the diagnostic package for Deep Security Agent. (SEG-59668/DSSEG-4966)

For release notes from the long-term support LTS release, Deep Security Agent - Unix 10.0 readme.

Deep Security Agent - 10.0 update 31

Release date: July 12, 2021

Build number: 10.0.0-3983

Enhancement

• Updated Deep Security Agent (version 10.0.0-3983+) to add support for Entrust Root Certificate Authority (G2) certificates. Non-G2 security certificates will expire on 2022/07/09. After that time, only agents that have been upgraded to version 10.0.0-3983 or higher will have the latest Anti-Malware Smart Scan protection. DSSEG-6906

Resolved issues

• Deep Security Agent sometimes crashed when Intrusion Prevention was configured for SSL inspection. DSSEG-6913

Deep Security Agent - 10.0 update 30

Release date: March 29, 2021

Build number: 10.0.0-3953

This release contains general improvements.

Deep Security Agent - 10.0 update 29

Release date: January 25, 2021

Build number: 10.0.3921

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases.

Deep Security Agent - 10.0 update 28

Release date: September 17, 2020

Build number: 10.0.3879

Enhancements

• You can choose not to send packet data back to the Deep Security Manager by going to Administration > Agents > Data Privacy and selecting No. SF03237033/DSSEG-6019

Resolved issues

• A previous upgrade to SQLite impacted the performance of Integrity Monitoring. The original performance of this feature has now been restored. SEG-80876/DSSEG-5943
• When using Deep Security Agent on Solaris, the port scanning feature of Integrity Monitoring did not work because the agent did not have access to information on the user ID under which a given port was opened. This prevented storage of any listening port information. The port scanning feature on Solaris agents has now been modified to store the string as "n/a" for the userid. This allows the remaining port information to be stored and used in the port scanning function. However, exclusions and inclusions based on User ID still do not function correctly because this information is not available. DSSEG-2775

Deep Security Agent - 10.0 update 27

Release date: August 7, 2020

Build number: 10.0.0-3864

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. SEG-78524/SF03321021/DSSEG-5751

Highest CVSS score: 5.3

Highest severity: Medium

• Updated Nginx to 1.18.0.

Deep Security Agent - 10.0 update 26

Release date: May 13, 2020

Build number: 10.0.0-3833

Enhancements

• Increased the scan engine's URI path length limitation. SEG-61309/DSSEG-5247

Resolved issues

• Anti-Malware directory exclusion with wildcards didn't match subdirectories correctly. SEG-74892/SF03131855/DSSEG-5577

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses.

• Updated SQLite to 3.30.1

Deep Security Agent - 10.0 update 25

Release date: February 21, 2020

Build number: 10.0.0-3761

Resolved issues

• Memory leaks occurred in Anti-Malware if file attributes couldn't be retrieved. (SEG-67374/SF02753356/DSSEG-5064)