Releases: CheckPointSW/charts
2.29.0: Runtime Protection daemon 1.16.2: enhancements
Runtime Protection daemon 1.16.2
- Improved File Reputation Blade for Reduced False Positives
- Improved memory management
Full Changelog: 2.28.0...2.29.0
2.28.0: GitHub Registry, reduce URLs for Image Assurance
Image Assurance 2.29.0:
- Release Github Container Registry Scanning support
- Reduced the number of URLs that need to be accessed by the agents (relevant for Scan Engine Version 2.0.0 only). CloudGuard agents must have connectivity to these region-specific URLs:
Region | URLs accessed by Image Assurance agents |
---|---|
United States (US) | https://api-cpx.dome9.com, https://api.dome9.com |
Europe (EU) | https://api-cpx.eu1.dome9.com, https://api.eu1.dome9.com |
Australia (AU) | https://api-cpx.ap2.dome9.com, https://api.ap2.dome9.com |
Canada (CA) | https://api-cpx.cace1.dome9.com, https://api.cace1.dome9.com |
India (IN) | https://api-cpx.ap3.dome9.com, https://api.ap3.dome9.com |
Singapore (SG) | https://api-cpx.ap1.dome9.com, https://api.ap1.dome9.com |
Security enhancements - all agents:
- Image Assurance 2.29.0
- Admission Control: Enforcer 2.11.0 & Policy 1.8.0
- Inventory 1.14.0
- Flow-logs 0.14.0
- Runtime Policy 1.8.0
Full Changelog: 2.27.1...2.28.0
2.27.1: helm adjustments for GKE Autopilot
When onboarding on GKE autopilot, please append the following to the helm command: --set platform=gke.autopilot
Full Changelog: 2.27.0...2.27.1
2.27.0: Runtime Protection: K8s events on terminating container
Runtime Protection daemon 1.14.0
- Added creating Kubernetes events when a container is terminated by CloudGuard Runtime Protection
- Changed ClusterRole permissions to enable Kubernetes events publishing
Full Changelog: 2.26.0...2.27.0
2.26.0: RP file reputation, Fedora Core OS
Runtime Protection: daemon 1.11.5, probe 0.30.2-cp-6
- Improved File Reputation Blade for Reduced False Positives
- Support Fedora Core OS
Full Changelog: 2.25.0...2.26.0
2.26.0 ea: RP file reputation, Fedora Core OS
Runtime Protection: daemon 1.11.5, probe 0.30.2-cp-6
- Improved File Reputation Blade for Reduced False Positives
- Support Fedora Core OS
Full Changelog: 2.25.0-ea...2.26.0-ea
2.25.0: IA 2.27.0 containerd fix; AC enforcer 2.10.0 GSL fix
Image Assurance 2.27.0
- Fix “Internal error” image scan errors: on nodes with containerd Container runtime configured to discard compressed image layers once they were unpacked. Affects GKE 1.27+ and all EKS with AMIs released after July 28 2023
Admission Control Enforcer 2.10.0
- Fix escaping in GSL if regular expression defined.
Full Changelog: 2.24.3...2.25.0
2.25.0 ea: IA 2.27.0 containerd fix; AC enforcer 2.10.0 GSL fix
Image Assurance 2.27.0
- Fix “Internal error” image scan errors: on nodes with containerd Container runtime configured to discard compressed image layers once they were unpacked. Affects GKE 1.27+ and all EKS with AMIs released after July 28 2023
Admission Control Enforcer 2.10.0
- Fix escaping in GSL if regular expression defined.
Full Changelog: 2.24.3-ea...2.25.0-ea
2.24.3: IA Sonatype Nexus registry; all: enhancements
Image Assurance 2.25.0
- support Sonatype Nexus Registry scan
All features: Inventory 1.13.0; Image Assurance 2.25.0; Admission Control: enforcer 2.9.0, policy 1.7.0; Runtime Protection: policy 1.7.0; Flow Logs 0.12.0
- improved telemetry
- security enhancements
Full Changelog: 2.23.0...2.24.3
2.24.3 ea: IA Sonatype Nexus registry; all: enhancements
Image Assurance 2.25.0
- support Sonatype Nexus Registry scan
All features: Inventory 1.13.0; Image Assurance 2.25.0; Admission Control: enforcer 2.9.0, policy 1.7.0; Runtime Protection: policy 1.7.0; Flow Logs 0.12.0
- improved telemetry
- security enhancements
Full Changelog: 2.24.0-ea...2.24.3-ea