Skip to content

Pre-Release 1.1.1-rc0

Pre-release
Pre-release
Compare
Choose a tag to compare
@github-actions github-actions released this 08 Jul 19:24
· 1875 commits to master since this release
v1.1.1-rc0
c342b1f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Maintenance Release

Assets are available attached to the release here and via Docker and the Cribl CDN at the links below.

  • Docker: cribl/scope:1.1.1-rc0
  • x86: https://cdn.cribl.io/dl/scope/1.1.1-rc0/linux/x86_64/scope
  • ARM: https://cdn.cribl.io/dl/scope/1.1.1-rc0/linux/aarch64/scope

New Features and Improvements

  • #964 AppScope downloadable assets now include AWS Lambda Layers for x86 and for ARM, along with their respective MD5 checksums.

Fixes

  • #1017 AppScope now correctly handles the "peek" flag in interposed functions that receive network data. Before this change, when a server "peeked" at the first byte of data, AppScope counted that byte twice, which broke protocol detection. This fix enables AppScope to correctly produce HTTP events when scoping a server that uses "peek" flags.
  • #1006 AppScope now correctly instruments the child processes of an sshd process started by a server. To do this, AppScope interposes both the execve and execv system calls, and overrides some of the sandboxing that sshd normally imposes using setrlimit. Interposing execv is new, and gives AppScope visibility into sshd child processes. Changing setrlimit settings enables AppScope to perform actions required by AppScope's configured backend and transport, such as establishing connections, creating threads, and creating files.
Assets 14
Loading