Features Introduced in November 2022

The host, container, and serverless capabilities on the
Compute
tab are being upgraded on Prisma Cloud Enterprise Edition on November 07, 2022 for 22.06.224, and November 20, 2022 for 22.06.228.
This release includes fixes, and there are no new features in this release.

Addressed Issues

ISSUE
DESCRIPTION
-
Addressed the following issues:
  • CVE-2022-1304 out-of-bounds read/write vulnerability found in e2fsprogs package in Red Hat Enterprise Linux.
  • CVE-2016-3709 a Cross-site scripting (XSS) vulnerability found in libxml2 package in Red Hat Enterprise Linux.
PCSUP-12237 fixed in 22.06.228
Fixed an error in the credit usage utilization for WAAS. With this fix, when container/host Defenders are disconnected for 24 hours, the usage of the credit is automatically stopped until the Defenders reconnect.
PCSUP-11455 fixed in 22.06.228
Setting the collection scope for greater than 6000 collections under runtime policy rules would freeze, this is now fixed.
PCSUP-11825
Fixed an issue with incorrect health state for a Defender deployed on a container.
Addressed the following issues:
  • CVE-2022-41716 vulnerability detected in Google Go Windows environment variable - exec.cmd syscall
  • CVE-2020-7711 vulnerability detected in a vendor package - 'goxmldsig.'
  • CVE-2022-40674 vulnerability detected in a vendor package - 'expat'
  • Go update to version 1.18.7. The version includes security fixes.
PCSUP-10977
Fixed a DNS resolution error when running a twistcli image scan with the --tarball option.
PCSUP-10621
Fixed an issue with incorrect cluster information in image scan results on
Monitor
Vulnerabilities
Deployed
.
PCSUP-10618
Fixed an issue where errors were reported in scan results when the cloud service provider APIs are disabled.
Now when the APIs for the service are disabled on the CSP, cloud discovery or registry scanning do not display these as errors in scan results. The messages are added to the console logs.
Fixed the rule scope selection for Out-of-Band WAAS rule.
When adding a new Out-of-Band WAAS rule, you were unable to choose a container name in the rule scope, or save an Out-of-Band WAAS rule with a scope that included a namespace selection, or did not include an image selection. These issues are now fixed.

Recommended For You