21.08 Update 1 Release Notes

The following table outlines the release particulars:
To be announced
Code name
Iverson, 21.08 update 1
Release date
Maintenance release
SHA-256 digest

Improvements, fixes, and performance enhancements

  • Adds support for OpenShift 4.8.
  • Creates new permissions for the image analysis sandbox that lets users analyze images and read results. By default, these permissions are assigned to Admins and Operators. In this update, the permission is also now assigned to DevOps Users, so that you don’t have to grant privileged roles (Admin, Operator) for users that need to work with image sandbox analysis. Auditor and DevSecOps roles will get read-only access to review results only. For SaaS customers, use the Prisma Cloud permission group that maps to the DevOps role in Compute to grant access to use the image analysis sandbox.
  • Fixes an issue where Defender can’t be installed on K3S because it cannot find the containerd socket path.
  • Fixes false positives for Java vulnerabilities.
  • Handles errors gracefully when compiling Rego scripts for admission control (Open Policy Agent) feature.
  • Adds support for Podman 1.6.4 on RHEL7.
  • Emits the following info to syslog for each vulnerability found in CI scans when verbose scans are enabled:
    • Path to the vulnerable package.
    • Layer time and instruction for the layer that contains the vulnerability.
  • [WAAS] Updates WAAS certificate management to alert users about TLS certificate expiration 30 days in advance, rather than 7 days.
  • [WAAS] Fixes false positives in WAAS app firewall protections.
  • [WAAS] Lets you individually configure the SameSite and Secure attributes for Prisma Cloud session cookies.
  • [SaaS] Adds search to the integrations drop-down. Integrations are specified when setting up Compute alerts.
  • Fixes UI strings.

Recommended For You