22.06 Update 1 Release Notes
The following table provides the release details:
Kepler, 22.06 Update 1
Jul 27, 2022
Improvements, Fixes, and Performance Enhancements
- Added support for more orchestrators:
- Google Kubernetes Engine (GKE) version 1.23.7 with containerd version 1.5.11
- VMware Tanzu Kubernetes Grid Integrated (TKGI) version 1.14
- VMware Tanzu Kubernetes Grid Multicloud (TKGM) version 1.5.1 on Photon 3 and Ubuntu 20.04.03 LTS
- Fixed the broken pipe error that occured while downloading a large image CSV for secondary consoles when using Projects. The error was fixed by extending the HTTP client timeout value.
- Fixed the welcome tour screen for new users who don’t have an administrator role.
- Fixed the validity period error of self-signed certificates. The limit of 365 has been waved off and the value can now be a whole number greater than or equal to 1.
- Fixed an issue where a Defender scanning a non-docker (CRI-O) registry incorrectly reported all custom compliance checks as passed.
- Fixed error that overwrote the communication port after upgrading a Defender with a custom port from the Prisma Cloud Console UI.
- Fixed an issue that showed different fixes for the same CVE on a single image. Each CVE vulnerability is consolidated and grouped according to OS version for each image and package.
- Fixed issue with missing runc path in TKGI with containerd. Specify a custom container runtime socket path when deploying Defenders on TKGI with containerd.
- Fixed issue with the scanned images filter. With this fix, the filter lists all the tags when multiple images have the same digest.
- Fixed an issue of duplicate or missing system rules for WAAS.
- Fixed an issue of unprotected web apps and APIs missing from the report (Monitor > WAAS > Unprotected Web Apps and APIs).
- Fixed an issue where XSS is not detected due to query key/value parsing.
- Defenders are not accepting the self-signed proxy certificate configured for TLS intercept proxies.Workaround: Ensure the following conditions are met to workaround the issue.
- Your proxy trusts the Prisma Cloud Console Certificate Authority (CA).
- Your proxy uses the client certificate of the Defender when the proxy sends requests from the Defender to the console.
- You obtained the certificates of the Defender and the Prisma Cloud Console CA. Use the /api/v1/certs/server-certs.sh API to obtain the needed files:
- You obtained the password for the client key of the Defender using the api/v1/certs/service-parameter API.
End of Support Notifications
- Debian 9 (Stretch) has reached End of Life (EOL), and users of Debian 9 will not receive any CVE security vulnerabilities from the Intelligence Stream feed associated with this OS version.
Recommended For You
Recommended videos not found.