Deep Security Linux Agent - 20.0.1-21510 (20 LTS Update 2024-10-16) / Deep Security Manager - 20.0.979 (20 LTS Update 2024-10-16)リリース＠ Red Hat Enterprise Linux 9 (PowerPC little-endian)対応

New Features

• Red Hat Enterprise 9 (PowerPC little-endian) support: Deep Security Manager 20.0.979 or later now supports Red Hat Enterprise 9 (PowerPC little-endian).

Enhancements

• Deep Security Manager now supports SAML single sign-on (SSO) when FIPS mode is enabled. PCT-17482/DSM-428

Resolved issues

• If using a vCenter connector without NSX-v/T deployed, the Deep Security Manager logs would fail to record when Deep Security Manager checked for Deep Security Virtual Appliance versions. DSM-822

Security updates

Security updates are included in this release. For more information about Trend Micro protection against vulnerabilities, see Vulnerability Response. Note that in line with responsible disclosure practices, Common Vulnerabilities and Exposures (CVE) details are only available for select security updates once patches are available for all impacted releases. DSM-754

• Highest Common Vulnerability Scoring System (CVSS) score: 5.3
• Highest severity: Low

New features

• Red Hat Enterprise Linux 9 (PowerPC little-endian) support: Deep Security Agent 20.0.1-21510 or later supports Anti-Malware, Activity Monitoring, and SAP Scanner for Red Hat Enterprise Linux 9 (PowerPC little-endian). This requires Deep Security Manager 20.0.979 or later.

Enhancements

• Advanced Threat Scan Engine has been updated to version 24.5. DSA-7354

Resolved issues

• High CPU usage would occur when both Application Control and FIPS were enabled. DSA-6842
• When the SAP Scanner library re-established connections to Deep Security Agent, the scan requests sent from the SAP Scanner library would sometimes be rejected. SF08196066/PCT-34824/DSA-7608
• Deep Security SAP Scanner would sometimes crash when scanning for files in certain formats, like CSV. PCT-41353/DSA-7609

Enhancements

• Add a failsafe to help prevent the Firewall driver causing systems to be stuck in a Blue Screen (BSoD) loop. DSA-7448
• Add new Windows events to logs when the Firewall driver is initialized. Events include Windows Base Filtering Engine State changes and the results registered by the tbimwfp driver. DSA-7547

Resolved issues

• High CPU usage would occur when both Application Control and FIPS were enabled. DSA-6842
• Deep Security Agent would crash the system if the Windows Base Filtering Engine Service was not running. PCT-38921/DSA-7334
• When the SAP Scanner library re-established connections to Deep Security Agent, the scan requests sent from the SAP Scanner library would sometimes be rejected. SF08196066/PCT-34824/DSA-7608
• Deep Security SAP Scanner would sometimes crash when scanning for files in certain formats, like CSV. PCT-41353/DSA-7609

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Response. Please note, in line with responsible disclosure practices, Common Vulnerabilities and Exposures (CVE) details will only be made available for select security updates once patches have been made available for all impacted releases. VRTS-12953/DSA-7559

• Highest Common Vulnerability Scoring System (CVSS) score: 8.0
• Highest severity: High