The AgileSec team is pleased to announce the AgileSec 3.5.4 maintenance patch release.
This patch release includes remediations for memory leaks and security vulnerabilities as well as improvements in GitHub, Bitbucket, and Tanium Sensor performance.
This patch applies to installations running 3.5.1.
Highlights
Frontend Nodes Patch: REQUIRED
Applying this patch to Frontend Nodes will update and resolve the following:
API:
-
Fixes memory leaks causing API service memory usage to increase over time.
WebUI:
-
Remediates Next.js security vulnerabilities.
Backend and Scan Nodes Patch: OPTIONAL
Applying this patch to Backend Nodes will resolve the following:
-
GitHub Sensor no longer fails when a branch name contains special characters.
-
GitHub Sensor no longer fails when encountering a repository with no commits during a multi-repository scan.
-
Bitbucket Sensor no longer fails when encountering a repository with no commits during a multi-repository scan.
Data Migration Tool: Tanium Connect jobs
This patch updates the data migration tool to support Tanium Connect jobs data migration.
Upgrade Information
Installation, validation, and rollback instructions for 3.5.4 are included in 3.5.4’s README.md.
Change Log
The following features and issues have been resolved in AgileSec 3.5.4.
ASE-18299: 3.5.4 patch for web next js vulnerabilities remediations.
ASE-18298: 3.5.3 patch for api memory leak.
ASE-17894: GitHub sensor no longer fails when branch name contains special characters.
ASE-18327: GitHub sensor no longer fails when a encountering a repository with no commit during multi-repository scan.
ASE-18329: Bitbucket sensor no longer fails when a encountering a repository with no commit during multi-repository scan.
Download Links
Release packages can be download from https://download.infosecglobal.com/index.php/s/5ciTRC2MKyJZTo4.
Access credentials are required for all download links. To get access credentials reach out to your Keyfactor Customer Success Manager or Solutions Engineer.