Updated images are now available for Red Hat Advanced Cluster Security. The
updated image includes new features and bug fixes.
This release includes the following features and updates:
- New Compliance capabilities (Technology Preview)
- Network graph enhancements for internal entities
- Build-time network policy tools is now generally available
- Init-bundle graphical user interface improvements
- eBPF CO-RE collection method enabled by default
- Bring your own database for RHACS Central is now generally available
- Support RHACS on ROSA hosted control plane
- Life cycle updates
- Integration with Red Hat OpenShift Cluster Manager and Paladin Cloud to discover unsecured clusters
- Migration to stock Red Hat OpenShift SCCs during manual upgrade by using roxctl CLI
- Cluster discovery by using cloud source integrations
- Short-lived API tokens for Central
- Enhanced roxctl deployment check command
- Authentication of AWS and GCP integrations by using short-lived tokens (Technology Preview)
- Scanner V4 that uses upstream ClairCore (Technology Preview)
- Filter workload CVEs by using component and component source
For more information, including bug fix descriptions, see https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html.
Security fixes:
- golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
- go-git: Maliciously crafted Git server replies can cause DoS on go-git clients (CVE-2023-49568)
- helm: Missing YAML content leads to panic (CVE-2024-26147)
- helm: Shows secrets with --dry-run option in clear text (CVE-2019-25210)