========================================= = Changes between 11.0.2 and 11.0.3 = = Publication date : 2024/10/14 = ========================================= Security enhancements: Issue BFP-34015 - CVE-2024-30117 Issue BFP-34124 - CVE-2024-28929, CVE-2024-28930, CVE-2024-28931, CVE-2024-28932, CVE-2024-28933, CVE-2024-28934, CVE-2024-28935, CVE-2024-28936, CVE-2024-28937, CVE-2024-28938, CVE-2024-28941, CVE-2024-28943, CVE-2024-29043 Defect Articles (DAs) addressed: Issue BFP-36072 - KB0116188 - Entra ID is unable to retrieve all users or groups if they exceed 100 items Issue BFP-35910 - KB0116027 - Incorrect OS for VMware discovered computers Issue BFP-35742 - KB0115658 - Solaris clients crash after BigFix 10.0.8-->11.0.2 upgrade Issue BFP-35638 - KB0115128 - (doc) Email setup in WebReports with Office 365 requirement Issue BFP-35580 - KB0114989 - On Web Reports edit/add a datasource may fail to complete Issue BFP-35480 - KB0114909 - The BigFix Relay RPM for RHEL doesn't contain the SHA256 digest header Issue BFP-35451 - KB0114859 - Inspector symlink may cause AIX agents or the QNA to crash Issue BFP-35432 - KB0114776 - Client PeerNest does not honor MinimumDiskFreeMB setting Issue BFP-35425 - KB0114765 - (doc) Documentation is missing for AV on macOS Issue BFP-35408 - KB0114700 - MacOS 14+ WiFi Inspectors no longer function Issue BFP-35383 - KB0114692 - BES Platform Agent license tags could be changed to .hidden Issue BFP-35315 - KB0114719 - Clients fail to register if there are many aliases in /etc/hosts Issue BFP-35214 - KB0114475 - (doc) BigFix App Registration on Microsoft Entra ID Issue BFP-35200 - KB0114429 - Fixlet 5433 for 11.0.2 still uses init.d scripts Issue BFP-35161 - KB0114299 - (doc) Reference to 'Database requirement' missing from the upgrade documentation Issue BFP-35149 - KB0114268 - (doc) Requirement to add UDP Port 52311 on Rocky Linux 9 installs Issue BFP-34988 - KB0113951 - (doc) The Action script command "client restart" also works on Opering Systems other than Windows Issue BFP-34961 - KB0113829 - BigFix Explorer RPM for RHEL missing SHA256 digest header Issue BFP-34960 - KB0113858 - (doc) Unknown baseline component applicability Issue BFP-34959 - KB0113826 - Since v11.0.2 upgrade, BES services have been crashing Issue BFP-34955 - KB0113867 - (doc) Improve doc page about 'Edit Settings for Computer' view Issue BFP-34947 - KB0113795 - Task: 3172 - Run Intel SA-00086 Vulnerability Detection Tool - Relevance for virtual machine Issue BFP-34925 - KB0113780 - Unable to schedule Activity in WebReports when using Authentication Mode Office 365 Issue BFP-34865 - KB0113714 - The airgap tool fails to download large files Issue BFP-34838 - KB0113615 - AWS plugin multithreading fails with multiroles and credentials Issue BFP-34837 - KB0113543 - Modified custom Web Reports displayed incorrectly Issue BFP-34834 - KB0113606 - A relevance expression could be wrongly evaluated using Bigfix Explorer Issue BFP-34814 - KB0113596 - (doc) Start Services step missing from Procedure in "Migrating databases" page Issue BFP-34808 - KB0113564 - (doc) Document the fixlet to "Install BigFix Client version 11" on the discovered cloud resources (AWS and Azure) Issue BFP-34787 - KB0113491 - Ubuntu Agent could crash running the debianpackages inspector Issue BFP-34769 - KB0113472 - Error running the 11.0.2 admin tool /upgrade command Issue BFP-34734 - KB0113388 - Session relevance using 'IP Address' inspector may crash Issue BFP-34698 - KB0113299 - Upgrade on Linux could fail with error SQL0454N Issue BFP-34640 - KB0113221 - Cloud plugin credentials contain incorrect values Issue BFP-34607 - KB0113112 - Wrong URL for GPG Key of BigFix Platform Issue BFP-34534 - KB0112965 - WAKEON LANMEDIC causes server audit log failures Issue BFP-34511 - KB0112855 - BigFix Root Server and WebReports database connectivity issue Issue BFP-34505 - KB0112906 - Column picker becames slow with an high number of properties Issue BFP-34445 - KB0112767 - Relay keeps stopping every few minutes Issue BFP-34398 - KB0112636 - Failure when targeting MDM action by group Issue BFP-34295 - KB0112428 - (doc) Outdated doc for configuring Root Server LDAP auth Issue BFP-34110 - KB0112302 - AWS plugin issue with multi-threads Issue BFP-34090 - KB0112277 - Error during BigFix Installation: "'NT AUTHORITY\SYSTEM' already exists" Issue BFP-34049 - KB0112222 - (doc) Migrating Databases Documentation is Missing Reindex Step Issue BFP-34047 - KB0112211 - "Install BigFix Plugin for Amazon Web Services Discovery - version 1.99.66" fails Issue BFP-34046 - KB0112188 - macOS new Reserved Property "OS Family" inconsistency Issue BFP-34043 - KB0112182 - ServerKeyTool does not manage ExplorerCAKey Issue BFP-33988 - KB0112146 - SubscribedSites property includes mailbox sites Issue BFP-33982 - KB0111971 - Web Reports may crash creating a pie chart Issue BFP-33976 - KB0111897 - (doc) Missing documentation for /hideUI option Issue BFP-33922 - KB0111815 - Unexpected deletion of all the AWS proxy instances Issue BFP-32809 - KB0109682 - Group members do not match WebUI Other Bugs fixed: Issue BFP-35940 - Go PluginPortal for VmWare Asset Discovery with Symbols in Prod Issue BFP-35599 - The BigFix Server packages for RHEL don't contain the SHA256 digest header Issue BFP-35221 - AWS cloud plugin infinite loop Issue BFP-34647 - AWS Cloud Plugin- incorrect number of discovered instances when is in use multithreading over credentials Issue BFP-34631 - Agent Solaris Sparc crash after enabling AppUsageSummary Issue BFP-34294 - A typo in _BESPluginPortal_ComputersGroupsGather_PreProcessFixlets log Issue BFP-34270 - Column picker slow with an high number of properties Issue BFP-34118 - BESAdmin -createexplorercredentials - /hideUI isn't working Issue BFP-33972 - BigFix Explorer installer won't work with the .\user format (Win) Issue BFP-33923 - In besexplorer.sh the line "return 1" should be replaced with "exit 1" Issue BFP-33861 - In upgraded Linux/SQL deployment there is DB2 env variable set in systemd config files of server components Issue BFP-33850 - CDT installation fails in IPV6 deploytool IPV6ONLY-->client IPV6ONLY Issue BFP-33847 - Obsolete operation step listed in the installation Information message Issue BFP-33527 - CDT wizard does not displayes IPV6 addresses Issue BFP-33295 - Relay select reports wrongly IPV4 Parent Relay selected Issue BFP-33188 - BigFix Explorer ODBC prerequisite to be dropped Issue BFP-33143 - BigFix Explorer | Root Server /api/query - error mishandling for Explorer related requests Issue BFP-33092 - BigFix Explorer doesn't manage empty user id in EvaluateRelevance Issue BFP-31993 - loginTimeoutSeconds doesn't work correctly with SAML login Issue BFP-31967 - Master Operator shows incorrect management rights in console Issue BFP-29990 - Dashboard "Deployement Health Checks" gets console unresponsive Issue BFP-26498 - Error "11FileIOError" issuing a QnA question on MacOS ========================================= = Changes between 11.0.1 and 11.0.2 = = Publication date : 2024/03/27 = ========================================= Security enhancements: Issue BFP-31301 - CVE-2023-45706 Issue BFP-31915 - CVE-2023-45705 Issue BFP-31917 - CVE-2023-45715 Issue BFP-32923 - CVE-2023-48795 Issue BFP-32535 - CVE-2023-46219 Issue BFP-32844 - CVE-2023-36417, CVE-2023-36420, CVE-2023-36730, CVE-2023-36785, CVE-2023-36728 Issue BFP-31914 - CVE-2024-23554 Issue BFP-32560 - CVE-2024-23583 Issue BFP-33260 - CVE-2024-0853 Defect Articles (DAs) addressed: Issue BFP-33811 - KB0108558 - (doc) Add details on how to manage BigFix Licenses Issue BFP-33810 - KB0108293 - (doc) Incorrect space requirements reported for linux on Server Requirements Issue BFP-33721 - KB0111344 - (doc) Documentation for v11 Upgrade incorrect and/or confusing Issue BFP-33602 - KB0111293 - (doc) Incorrect number of "Estimated targeted computers" Issue BFP-33576 - KB0111160 - (doc) Missing information about _BESClient_Comm_IPCommunicationsMode Issue BFP-33458 - KB0110905 - Client Download size limit wrongly calculated Issue BFP-33341 - KB0110552 - (doc) Mailbox behavior switching server in a DSA deployment Issue BFP-33315 - KB0110465 - (doc) Relay Health Dashboard documentation update Issue BFP-33071 - KB0110047 - (doc) Local Master Operator and 'Disabling local operators' feature Issue BFP-32996 - KB0109891 - Failure in Adding Parameter to Registry by Registry Wizard Issue BFP-32959 - KB0109878 - Crash on the console copying the action of another operator Issue BFP-32867 - KB0109779 - Query result could be corrupted for relevance with '%' characters Issue BFP-32864 - KB0109744 - Client stops registering successfully to its Parent Relay Issue BFP-32840 - KB0109747 - Unable to install Windows client versions lower than 11.0.1 from CDT Issue BFP-32832 - KB0109735 - Issue with Computer Remover, entries in COMPUTERS table Issue BFP-32803 - KB0109648 - Error using the property 'state' of 'bes license' inspector Issue BFP-32764 - KB0109496 - BigFix Agent is not able to wake up when receiving a query Issue BFP-32707 - KB0109452 - (doc) Missing steps when recovering a lost primary DSA server Issue BFP-32491 - KB0109307 - (doc) Missing reference to config options for REST API "clientquery" Issue BFP-32324 - KB0108971 - (doc) Restart is needed to apply UDP control settings Issue BFP-32147 - KB0108798 - Console login fails until BigFix Server service is restarted Issue BFP-31249 - KB0108071 - Unexpected actionsite version propagation Issue BFP-30330 - KB0106575 - Shown actions issued by Unknown Operator Issue BFP-29575 - KB0105286 - False positive from 'exist type "dmi"' inspector on Apple M1 ========================================= = Changes between 11.0.0 and 11.0.1 = = Publication date : 2023/12/18 = ========================================= Security enhancements: Issue BFP-29778 - CVE-2023-37519 Issue BFP-30657 - CVE-2023-37520 Issue BFP-30866 - CVE-2020-22218 Issue BFP-31308 - CVE-2023-38545 Issue BFP-31302 - CVE-2023-37531 Issue BFP-31303 - CVE-2023-37530 Issue BFP-31304 - CVE-2023-37529 Issue BFP-31306 - CVE-2023-37527 Issue BFP-31904 - CVE-2024-23552 Issue BFP-31916 - CVE-2024-23553 Defect Articles (DAs) addressed: Issee BFP-33345 KB0110557 - ClientDeployTool error does not support Windows OS version Issue BFP-32420 KB0109135 - Custom package with v11 agent installer may fail on MacOS Issue BFP-32219 KB0109003 - Pre-cache Wizard issue Issue BFP-32109 KB0108719 - Maintenance Windows Dashboard generates faulty relevance Issue BFP-32104 KB0108690 - (doc) Deprecated links in the Configuration Guide Issue BFP-32017 KB0108597 - (doc) Incorrect upper bound for _BESClient_Download_RetryMinutes Issue BFP-31567 KB0108465 - Missing two procedures required by BES Audit Trail Cleaner Issue BFP-31533 KB0108414 - Agent crashes when using "adapter of network" inspector Issue BFP-31522 KB0108416 - BESClient files owned by non-existing user and group Issue BFP-31506 KB0108473 - BES Support component installers show Critical severity Issue BFP-31492 KB0108400 - Enable Enhanced Security failure Issue BFP-31483 KB0108351 - BigFix 11.0 Client Deploy Tool failure on Linux Issue BFP-31469 KB0108347 - "ldap directory" inspector returning an unexpected value Issue BFP-31434 KB0108315 - (doc) Description for AIX inspector is misleading Issue BFP-31253 KB0108070 - Web Reports timeouts sending notification emails Issue BFP-31129 KB0107930 - GCP Plugin issue with deleted projects Issue BFP-31066 KB0107901 - (doc) Missing support information for SMBIOS inspector Issue BFP-31023 KB0107888 - (doc) Support of MS SQL Always On Availability Group Issue BFP-30770 KB0107629 - Error in opening an imported report from Web Reports Issue BFP-30755 KB0107573 - "(local)" DSN cannot be edited Issue BFP-30754 KB0107572 - (doc) Recovery procedure for the Master BigFix Server is incomplete Issue BFP-30750 KB0107567 - BigFix Agent installation using cloud provider services may fail Issue BFP-30728 KB0106751 - BigFix Workspace license quantity not shown in License Overview page Issue BFP-30660 KB0107407 - (doc) RHEL Install Instructions need SELinux clarification Issue BFP-30655 KB0107395 - (doc) Broken link in "Relay Health" wiki page Issue BFP-30649 KB0107382 - (doc) Wrong link in the "_BESClient_Comm_ListenEnable" documentation Issue BFP-30637 KB0107385 - AIX Client v11 may stop working Issue BFP-30436 KB0107234 - (doc) Ambiguous documentation on throttle groups Issue BFP-30433 KB0107218 - Client and the Relay issues with v11 upgrade fixlets on AIX Issue BFP-30397 KB0107039 - (doc) Missing prerequisite for Bigfix Client version 11 encryption Issue BFP-30381 KB0107006 - Correlated computers not showing on WebReports Issue BFP-30378 KB0106942 - (doc) Improve the BigFix V11 Overview topic Issue BFP-30375 KB0106960 - An error in EULA in License Overview dashboard in Japanese Issue BFP-30343 KB0106671 - PDF export fails after upgrade of Ghostscript 9 to 10 Issue BFP-30323 KB0106552 - Command "restart [delay-seconds]" not working on RHEL 8 Issue BFP-30299 KB0106454 - Fixlet Debugger Query crash Issue BFP-30298 KB0106426 - Optimize loading time of BigFix Console Issue BFP-30272 KB0106354 - Error when enabling an External Site Issue BFP-30230 KB0106291 - Some relay diagnostic pages are not working Issue BFP-30168 KB0106257 - FillDB intermittent crash on Linux Issue BFP-30146 KB0106196 - Error "too many SQL variables" in AWS plugin Issue BFP-30120 KB0106107 - Request to change the doc and fixlet ID 168 about CPU usage Issue BFP-29992 KB0105955 - Validation is missing when importing with multiple fixlets Issue BFP-29933 KB0105901 - Unable to delete Computer Assignments using the console Issue BFP-29713 KB0105661 - Server signing key tool should be protected by password Issue BFP-29708 KB0105609 - Undefined behaviour on RHEL Client installation Issue BFP-29075 KB0104631 - Missing Computer Name from WebReports Issue BFP-28945 KB0104280 - Plugin Portal RPM RHEL missing SHA256 digest header Other Bugs fixed: Issue BFP-30976 - The fixlet to Update the Platform Components must check WebUI pre-requisites Issue BFP-30769 - V11 Web Reports Alters CSP Policy which impacts all web reports with remote dependencies Issue BFP-30612 - Syntax error in BESAdmin error dialog Issue BFP-30326 - Tiny Core - Proxy configuration usability improvement Issue BFP-30267 - C.UTF-8 locale is not fully handled Issue BFP-30224 - Computer Remover runs on proxy devices, BESTools log reports days instead of hours Issue BFP-30131 - Traces repeated in the audit_server.log Issue BFP-30079 - AdminTool improvements concerning SHA-384 prerequisites Issue BFP-29919 - SHA384/TLS1.3 buttons on BESAdmin GUI: adapt side text to status Issue BFP-29849 - All Amazon devices deleted after AWS plugin gets error while scanning Issue BFP-28278 - No error in standard BESRelay.log if BESServer fails HTTPS license gather and HTTP fallback is disabled Issue BFP-27920 - Rocky 8 Azure VM reported as CentOS Issue BFP-27777 - BESComputerRemover: Preview might provide wrong data on CORRELATIONS Issue BFP-27675 - Amazon Linux 2022: CDT cannot authenticate error ========================================= = Changes between 10.0.9 and 11.0.0 = = Publication date : 2023/07/17 = ========================================= Defect Articles (DAs) addressed: Issue BFP-29963 - KB0105931 - (doc) Support of BigFix Agent on "Windows 11 Enterprise multi-session" Issue BFP-29693 - KB0105603 - (doc) Obsolete "DisableReplicationOfNextTables" setting Issue BFP-29490 - KB0105156 - Web Reports may fail to start if the service runs as non-root Issue BFP-29312 - KB0104918 - (doc) DMI Inspector Support on Mac Issue BFP-29215 - KB0104895 - Console and WebReports may not show content for some sites Issue BFP-29186 - KB0104860 - Web Reports wrongly showing correlated device names Issue BFP-29184 - KB0104856 - Unable to start the WebUI if the Root Server is down Issue BFP-29157 - KB0104796 - (doc) Missing folders in AV exclusion documentation Issue BFP-29156 - KB0104789 - Unwanted BigFix swidtags generated for shared sites Issue BFP-29071 - KB0104618 - Cloud computers are not merged with Native instances Issue BFP-29063 - KB0104563 - Wrong command for fixlet 250 Issue BFP-28912 - KB0104196 - NMOs may fail deploying content from the WebUI Issue BFP-28860 - KB0104100 - (doc) Linux upgrade fails if a connection is opened to database Issue BFP-28793 - KB0103987 - _BESClient_Download_Direct_Domainlist fails Issue BFP-28695 - KB0103817 - (doc) Wrong registry path for 64bit machines in the documentation Issue BFP-28666 - KB0103775 - (doc) Missing information about not using % char in the DB2 password Issue BFP-28643 - KB0103749 - (doc) Override command: targetuser and temporary user Issue BFP-28627 - KB0103709 - Systemd "disable" or "enable" command failing for BESClient Issue BFP-28590 - KB0103672 - Error using WebUI Query with Cloud license Issue BFP-28169 - KB0102967 - BigFix Console "Starts/Ends On" refreshes while editing Issue BFP-28047 - KB0102941 - Reports are unprocessed due to some corrupted reports Issue BFP-27954 - KB0102585 - Incorrect translation in French for Automatic Computer Groups menu Issue BFP-27791 - KB0102152 - Web reports raising invalid results Issue BFP-27775 - KB0102072 - Linux BESClient does not close softly at the system reboot Issue BFP-27643 - KB0101856 - IDs for Admin and non-Admin users are not same in WebReports Issue BFP-26213 - KB0099940 - The "current network of wifis" inspector returns on some MAC machines Other Bugs fixed: Issue BFP-25196 - Ubuntu 10.0.6 client crash when inspecting releases of packages of debianpackage Issue BFP-27342 - Prefetch download with size limit Issue BFP-28138 - Old libjpeg used in some Windows installers Issue BFP-28272 - Improve the message related to the _BESRelay_Download_CaCertPath setting in relay/server and download logs Issue BFP-28284 - Portal upgrade to 10.0.9 - log missing a space Issue BFP-29030 - During the BESAdmin db upgrade, retry the force stop running applications to prevent temporary delay and errors