Skip to content

fleet-v4.10.0

Compare
Choose a tag to compare
@github-actions github-actions released this 14 Feb 02:55
· 11316 commits to main since this release
6782747

Changes

  • Upgrade Go to 1.17.7 with security fixes for crypto/elliptic (CVE-2022-23806), math/big (CVE-2022-23772), and cmd/go (CVE-2022-23773). These are not likely to be high impact in Fleet deployments, but we are upgrading in an abundance of caution.

  • Add aggregate software and vulnerability information on the new Software page.

  • Add ability to see how many hosts have a specific vulnerable software installed on the Software page. This information is also available in the GET /api/v1/fleet/software API route.

  • Add ability to send a webhook request if a new vulnerability (CVE) is found on at least one host. Documentation on what data is included the webhook request and when the webhook request is sent can be found here on fleedm.com/docs.

  • Add aggregate Mobile Device Management and Munki data on the Home page.

  • Add email and URL validation across the entire Fleet UI.

  • Add ability to filter software by "Vulnerable" on the Host details page.

  • Update standard policy templates to use new naming convention. For example, "Is FileVault enabled on macOS devices?" is now "Full disk encryption enabled (macOS)."

  • Add db-innodb-status and db-process-list to fleetctl debug command.

  • Fleet Premium: Add the ability to generate a Fleet installer and manage enroll secrets on the Team details page.

  • A ability for users with the observer role to view which platforms (macOS, Windows, Linux) a query is compatible with.

  • Improve the experience for editing queries and policies in the Fleet UI.

  • Improve vulnerability processing for NPM packages.

  • Support triggering a webhook for newly detected vulnerabilities with a list of affected hosts.

  • Add filter software by CVE.

  • Add the ability to disable scheduled query performance statistics.

  • Add ability to filter the host summary information by platform (macOS, Windows, Linux) on the Home page.

  • Fix a bug in Fleet installers for Linux in which a computer restart would stop the host from reporting to Fleet.

  • Make sure ApplyTeamSpec only works with premium deployments.

  • Disable MDM, Munki, and Chrome profile queries on unsupported platforms to reduce log noise.

  • Properly handle paths in CVE URL prefix.

Upgrading

Please visit our update guide for upgrade instructions.

Documentation

Documentation for Fleet is available at fleetdm.com/docs.

Binary Checksum

SHA256

4271c4443c98a5a8d991e177733b9f23415ff18bb1a3e8af0db54743795ee9ec  fleetctl_v4.10.0_windows.zip
6c04039feab80d5dc1a449e23167d182236889d9712cae04370e7e2e99dfa179  fleetctl_v4.10.0_linux.tar.gz
74df98b823a9096db1c3b9b748a24ce2bbed7413a5d89a5c1751aba6d29e12eb  fleetctl_v4.10.0_windows.tar.gz
2d2ae88e855a127b2d9e97582a37930657c09604717fc98d239a56f43df02b36  fleetctl_v4.10.0_macos.tar.gz
f39d88bf24ca2d04c1c130a44a43a618f195fe4803a66d7686c7572cf519097e  fleetctl_v4.10.0_macos.zip
9fc801df0171d6170158303d225e2d76c99449102f0134f7b7c6365330fc345e  fleet_v4.10.0_linux.tar.gz
ca265f141cea5fe91410c9a5efd38cf12e6d68d8cc986aec2dd981e6b5afedc3  fleetctl_v4.10.0_linux.zip