1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma Cloud Compute Edition Release Notes
    5. Prisma Cloud Compute Edition Release Information
    6. 22.12 Update 3 Release Notes

    22.12 Update 3 Release Notes

    The following table provides the release details:
    Build
    22.12.694
    Codename
    Lagrange, 22.12 Update 3
    Release date
    Mar 12, 2023
    Type
    Maintenance release
    SHA-256 digest
    65c67028803257b924c90e8bb41c7227f3cf1a04ffb4d77e774212ad3f4525ae
    Review the system requirements to learn more details about the supported operating systems, hypervisors, runtimes, tools, and orchestrators.

    Upgrade Path to 22.12.694

    If you are running a Prisma Cloud console version 22.06 or earlier, you must first upgrade the console to 22.12.585 and then to 22.12.694.

    CVE Coverage Update

    • Fixed CVE-2023-25173 and CVE-2023-25153 (Severity - Moderate): the containerd package is used in the Prisma Cloud Defender and for Agentless Scanning. To address the vulnerability, upgrade to containerd version v1.6.18 or v1.5.18 as needed.
    • Fixed CVE-2022-1996 (Severity - Critical) is included in the Intelligence Stream feed. The Go-Restful package is a transitive dependency that is pulled with k8s.io/client-go and k8s.io/kube-openapi and is not being used directly in the Compute Defender and Console, thus it is suppressed.

    Enhancements

    • Defender Upgrade All Improvements- When you select to Upgrade all Defenders (
      Manage > Defenders > Deployed Defenders
      ), you can only upgrade the Defenders that are eligible for the upgrade and for which you have the permission to upgrade, based on the collections that are assigned to your Prisma Cloud role. A confirmation dialog displays to confirm the upgrade. This change applies to upgrades for Host and Single Container Defenders on Linux and Windows.
    • Improved testing to support the automatic updates of GKE Autopilot clusters. The latest three Prisma Cloud releases are tested daily using the latest GKE Autopilot version for continued support.
    • Added support to scan images and containers running on cloud hosts in the supported Oracle Cloud environments.

    Addressed Issues

    • Fixed an issue where only the numeric part of the JAR version was detected in scans, making it impossible to distinguish between versions with non-numeric qualifiers. To avoid false positives for JAR files, upgrade your Defenders to Lagrange update 3 and rescan to see the accurate results.
    • The count of events for WAAS agentless did not correspond to the actual number of attack requests sent, this is now fixed.
    • Fixed an API Discovery issue where API endpoints discovered on app-embedded deployments were missing workload value and were showing zero vulnerabilities when the protected workload had vulnerabilities.
    • On upgrading from 22.06 to 22.12.415, the compliance policy rules configured to "Block" effect fail the creation and edition of policies. This issue is fixed in 22.12.694, the "Block" effect for these compliance policies is disabled and set to "Alert" effect under
      Defend > Compliance > Containers and images > Deployed > Add rule
      .

    Breaking Change

    On upgrading to 22.12.694, the Out-of-Band events are only supported if you first upgrade the Console to 22.12.585 and then upgrade to 22.12.694.

    End of Support Notifications

    There are no end of support notifications for this update.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo