22.01 Update 2 Release Notes
The following table outlines the release particulars:
Joule, 22.01 Update 2
March 27, 2022
Improvements, fixes, and performance enhancements
- Adds for support for AKS 1.22.6 for Linux and Windows with containerd.
- Fixes an issue with code repo scanning when the policy specifies that Prisma Cloud should create pull requests with fixes. Previously, a new branch with the fixes was created, but no pull request was created, and a comment meant for the Prisma Cloud PR was added to a different, pre-existing, unrelated (wrong) PR. Now PRs are properly created.
- Fixes a regression where the scan results returned from running twistcli with the --containerized option crashed the Console UI.
- Fixes an issue with the autocomplete mechanism for input fields in the Console UI when there is a large amount of data.
- Signs the Prisma Cloud Compute Host Defender binary for Windows so that it isn’t quarantined by Microsoft Defender.
- [SaaS] Fixes a navigation issue in the SaaS Console, where system admins, who have access to all Compute Console pages, are initially redirected to theRadars > Containerspage with an "Invalid path" error when navigating to a page in Compute Console from a page outside Compute Console.
- Fixes an issue in Cloud Discovery where the results returned in the Console UI were just HTTP 429 rate limit error messages.
- Fixes an issue where a reverse shell attack wasn’t properly identified on Alpine Linux.
- Fixes an issue where Red Hat Enterprise Linux (RHEL) packages were incorrectly reported as vulnerable (for example, libxml2-python 2.9.1-6.el7_9.6).
- Updates how the Prisma Cloud Compute scanning process impacts artifact metadata in JFrog Artifactory. The scanning process no longer updates theLast Downloadeddate for all manifest files of all the images in the registry.TheLast Downloadeddate of the manifest files of the images that are eventually pulled for scanning, based on your registry scan policy, will be updated. The scan process first evaluates which images to scan by retrieving all manifest files for all images. In this phase of the scan, theLast Downloadeddate will no longer be impacted. In the next phase, where Prisma Cloud actually pulls an image to be scanned, the manifest file’sLast Downloadeddate will be updated. Often, the number of images scanned will be a subset of all images in the registry, but that’s based on your scan policy.Just because an image has been selected for scanning, doesn’t mean that it will actually be pulled. If an image’s hash hasn’t changed, it won’t be pulled for scanning, so theLast Downloadeddate will be unchanged.As part of the process for evaluating which images should be scanned, in addition to reviewing the manifest files, Prisma Cloud also examines the actual images. As part of examining the image files, theLast Downloadeddate for these images files is updated. In the next release of Prisma Cloud, this will be fixed so that theLast Downloadeddate won’t change unless the image is actually pulled and scanned.This new capability is supported on JFrog Artifactory 7.21.3 and later. When configuring Prisma Cloud registry settings, version must be set toJFrog Artifactory. This capability isn’t supported when version is set toDocker v2.
- Fixes an issue with runtime protection where audits and incidents were raised even when the events occurred in whitelisted file system paths.
- Updates open source packages used in Prisma Cloud Compute.
- When Defender is installed on Windows hosts in AWS, and Prisma Cloud Compute Cloud Discovery is configured to scan your environment for protected hosts, the Windows hosts running Defender are reported as unprotected.
- For JFrog registries configured with the Sub Domain Docker Access Method, image scans fail for Defenders upgraded to Joule update 2.If you are using the Sub Domain Docker Access Method for JFrog registry scanning, do not to upgrade Defenders that perform registry scanning using this method to Joule update 2, which is version 22.01.880. This issue is being worked on and will be addressed in an upcoming release.
Recommended For You
Recommended videos not found.