| Tip |
|---|
Snare Windows Agent v5.8.0 was released on 5th December 2023. |
Security Updates
- Added configurable maximum failed logins limit. If this limit is exceeded, the user will be locked out for a period of time. The maximum number of failed login attempts and the lock timeout are configurable via Access Configuration.
- 3rd party libraries upgraded:
- OpenSSL upgraded to version 3.1.1
- Boost upgraded to version 1.81.0
- SQLite upgraded to version 3.40.1
- Improved failback certificate lookup logic to consider expiry and issuer, and reduce the need to re-create self-signed certificate
- Added support of big key size token for TLS_AUTH connection
- Switched to stronger encryption technique for sensitive data in INF file
- Replaced usage of MD5 with stronger hashing algorithm in License Manager
In order to reinforce Agent security, removed dependency on MD5 hashing during Snare Agent upgrade
Warning After this change, upgrading Snare Agent from versions earlier than 5.4.0 for Agents that had password enabled is not supported.
Customers who need to upgrade the Agent from pre-5.4.0 version, are advised to perform a two-step upgrade:- Step 1 - Upgrade from pre-5.4.0 version to v5.7.0 or 5.7.1
- Step 2 - Upgrade from v5.7.* to the latest version
...