This section lists the changes in version 4.14.5. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh agent$$$#34563 Changed the RHEL init script with the SUSE variant on SLES 11.$$$$$$#34543 Changed the service check from WMI to sc.$$$$$$#34727 Changed Windows Syscollector to include command arguments.$$$$$$Other$$$#34907 Updated the cryptography dependency to 46.0.5; the Werkzeug dependency to 3.1.6; the pip dependency to 26.0.1; and the wheel dependency to 0.46.3.$$$$$$#35135 Updated the embedded Python to 3.10.20 and the pyjwt and pyasn1 dependencies.$$$$$$#35331 Updated the cryptography and requests dependencies.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#34889 Fixed DAPI callable resolution to restrict invocations to exposed resources only.$$$$$$#35173 #35412 Fixed uncontrolled memory allocation in the cluster caused by a crafted packet length.$$$$$$#35077 Fixed rate limit bypass for the /events endpoint.$$$$$$#35106 Fixed a buffer overflow in Analysisd regex match processing.$$$$$$#35230 Fixed a path traversal in Authd via agent group name validation.$$$$$$#35193 Fixed a size_t underflow in Remoted ReadSecMSG causing a potential heap overflow.$$$$$$#35307 Fixed an RBAC bypass in DAPI allowing privilege escalation.$$$$$$#35176 Fixed Analysisd plugin decoder argument alignment.$$$$$$Wazuh agent$$$#34734 Fixed a Rootcheck false positive for /dev/.blkid.tab.$$$$$$#34735 Fixed ORDER_REVERSAL deadlocks in FIM.$$$$$$#34793 Fixed the Roundcube decoder regex to prevent srcip truncation in Failed login ... in session logs.$$$$$$#34693 Fixed macOS Ventura SCA policy incorrectly passing pmset checks.$$$$$$#34673 Fixed Office 365 integration pagination by trimming HTTP header values.$$$$$$#34880 Fixed FIM false positives caused by a double readdir check.$$$$$$#35285 Fixed the audit log cache overflow for events with many records in Logcollector.$$$$$$#35110 Fixed the daily marker for the GuardDuty log collector.$$$$$$#35297 Fixed Rootcheck not generating findings.$$$$$$#35287 Fixed a heap buffer overflow in Syscheck registry wildcard expansion.$$$$$$RESTful API$$$#34905 Fixed allow_higher_versions validation in the API upload_configuration.$$$$$$#35224 Fixed the nested JSON depth limit in API request processing.$$$$$$#35141 Fixed the upload size limit config mismatch.$$$$$$Ruleset$$$#35088 Fixed a bug in CIS SCA checks 35675 and 35689 for Ubuntu 24.04.$$$$$$#35089 Fixed Dovecot decoders to correctly extract the rip and lip fields.$$$$$$Wazuh dashboard$$$#8130 Fixed the wazuh-core plugin startup timeout when configured API hosts are unreachable by making manageHosts.start() non-blocking.$$$$$$#8133 Fixed security tables pagination to load all items beyond the 500-item limit (Users; Roles; Policies; Roles Mapping).$$$$$$Changelogs$$$The repository changelogs provide more details about the changes.$$$$$$Product repositories$$$wazuh/wazuh$$$$$$wazuh/wazuh-dashboard-plugins$$$$$$Auxiliary repositories$$$wazuh/wazuh-ansible$$$$$$wazuh/wazuh-kubernetes$$$$$$wazuh/wazuh-puppet$$$$$$wazuh/wazuh-docker$$$$$$wazuh/qa-integration-framework$$$$$$wazuh/wazuh-documentation

4.14.4 Release notes - 17 March 2026$$$This section lists the changes in version 4.14.4. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh agent$$$#34541 Changed the msi_output extension from .txt to .log.$$$$$$#34602 Changed the data type to unsigned char in print_hex_string.$$$$$$#34552 Changed sync primitive disposal to stop and soften teardown failures.$$$$$$Other$$$#34154 Updated the azure-core dependency to 1.38.0 and the Werkzeug dependency to 3.1.5.$$$$$$#34403 Updated the protobuf dependency to 5.29.6 and the python-multipart dependency to 0.0.22.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#34658 Fixed heap-based null write buffer underflows.

4.14.4 Release notes - 17 March 2026$$$This section lists the changes in version 4.14.4. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh agent$$$#34541 Changed the msi_output extension from .txt to .log.$$$$$$#34602 Changed the data type to unsigned char in print_hex_string.$$$$$$#34552 Changed sync primitive disposal to stop and soften teardown failures.$$$$$$Other$$$#34154 Updated the azure-core dependency to 1.38.0 and the Werkzeug dependency to 3.1.5.$$$$$$#34403 Updated the protobuf dependency to 5.29.6 and the python-multipart dependency to 0.0.22.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#34658 Fixed heap-based null write buffer underflows.

4.14.4 Release notes - 17 March 2026$$$This section lists the changes in version 4.14.4. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh agent$$$#34541 Changed the msi_output extension from .txt to .log.$$$$$$#34602 Changed the data type to unsigned char in print_hex_string.$$$$$$#34552 Changed sync primitive disposal to stop and soften teardown failures.$$$$$$Other$$$#34154 Updated the azure-core dependency to 1.38.0 and the Werkzeug dependency to 3.1.5.$$$$$$#34403 Updated the protobuf dependency to 5.29.6 and the python-multipart dependency to 0.0.22.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#34658 Fixed heap-based null write buffer underflows.

4.14.4 Release notes - 17 March 2026$$$This section lists the changes in version 4.14.4. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh agent$$$#34541 Changed the msi_output extension from .txt to .log.$$$$$$#34602 Changed the data type to unsigned char in print_hex_string.$$$$$$#34552 Changed sync primitive disposal to stop and soften teardown failures.$$$$$$Other$$$#34154 Updated the azure-core dependency to 1.38.0 and the Werkzeug dependency to 3.1.5.$$$$$$#34403 Updated the protobuf dependency to 5.29.6 and the python-multipart dependency to 0.0.22.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#34658 Fixed heap-based null write buffer underflows.

4.14.4 Release notes - 17 March 2026$$$This section lists the changes in version 4.14.4. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh agent$$$#34541 Changed the msi_output extension from .txt to .log.$$$$$$#34602 Changed the data type to unsigned char in print_hex_string.$$$$$$#34552 Changed sync primitive disposal to stop and soften teardown failures.$$$$$$Other$$$#34154 Updated the azure-core dependency to 1.38.0 and the Werkzeug dependency to 3.1.5.$$$$$$#34403 Updated the protobuf dependency to 5.29.6 and the python-multipart dependency to 0.0.22.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#34658 Fixed heap-based null write buffer underflows.

4.14.4 Release notes - 17 March 2026$$$This section lists the changes in version 4.14.4. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh agent$$$#34541 Changed the msi_output extension from .txt to .log.$$$$$$#34602 Changed the data type to unsigned char in print_hex_string.$$$$$$#34552 Changed sync primitive disposal to stop and soften teardown failures.$$$$$$Other$$$#34154 Updated the azure-core dependency to 1.38.0 and the Werkzeug dependency to 3.1.5.$$$$$$#34403 Updated the protobuf dependency to 5.29.6 and the python-multipart dependency to 0.0.22.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#34658 Fixed heap-based null write buffer underflows.

4.12.0 Release notes - 7 May 2025$$$This section lists the changes in version 4.12.0. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Highlights$$$Wazuh 4.12.0 introduces functional improvements that expand the platform’s capabilities and compatibility. This release supports ARM architecture in central components; allowing Wazuh to run on a wider range of hardware. It also enhances threat intelligence by adding CTI references to the CVE data; providing better context for vulnerabilities. Additionally; it introduces eBPF support for the File Integrity Monitoring (FIM) module; enabling more efficient and modern monitoring on Linux endpoints.$$$$$$ARM architecture support in central components: The Wazuh manager; indexer; and dashboard now support ARM-based systems; offering greater deployment flexibility.$$$$$$CTI links to CVE information: Vulnerability Detection module now includes CTI references within the CVE details; offering enriched context and threat intelligence to aid in vulnerability assessment.$$$$$$Improved file integrity monitoring with eBPF support: The file integrity monitoring module now supports eBPF on Linux; improving who-data monitoring and system visibility.$$$$$$New SCA policy for Distribution Independent Linux endpoints: A new Security Configuration Assessment (SCA) policy is now available for Wazuh Linux agents.$$$$$$Breaking changes$$$OpenSearch 2.19.1 and Apache Lucene upgrade: Wazuh 4.12.0 upgrades to OpenSearch 2.19.1 and updates the Apache Lucene version. This change affects compatibility with previous versions. As a result; downgrades are not supported. Once you upgrade the Wazuh indexer to version 4.12.0; you cannot revert to an earlier version.$$$$$$$$$Refer for more details - https://documentation.wazuh.com/current/release-notes/release-4-12-0.html

4.12.0 Release notes - 7 May 2025$$$This section lists the changes in version 4.12.0. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Highlights$$$Wazuh 4.12.0 introduces functional improvements that expand the platform’s capabilities and compatibility. This release supports ARM architecture in central components; allowing Wazuh to run on a wider range of hardware. It also enhances threat intelligence by adding CTI references to the CVE data; providing better context for vulnerabilities. Additionally; it introduces eBPF support for the File Integrity Monitoring (FIM) module; enabling more efficient and modern monitoring on Linux endpoints.$$$$$$ARM architecture support in central components: The Wazuh manager; indexer; and dashboard now support ARM-based systems; offering greater deployment flexibility.$$$$$$CTI links to CVE information: Vulnerability Detection module now includes CTI references within the CVE details; offering enriched context and threat intelligence to aid in vulnerability assessment.$$$$$$Improved file integrity monitoring with eBPF support: The file integrity monitoring module now supports eBPF on Linux; improving who-data monitoring and system visibility.$$$$$$New SCA policy for Distribution Independent Linux endpoints: A new Security Configuration Assessment (SCA) policy is now available for Wazuh Linux agents.$$$$$$Breaking changes$$$OpenSearch 2.19.1 and Apache Lucene upgrade: Wazuh 4.12.0 upgrades to OpenSearch 2.19.1 and updates the Apache Lucene version. This change affects compatibility with previous versions. As a result; downgrades are not supported. Once you upgrade the Wazuh indexer to version 4.12.0; you cannot revert to an earlier version.$$$$$$$$$Refer for more details - https://documentation.wazuh.com/current/release-notes/release-4-12-0.html

4.12.0 Release notes - 7 May 2025$$$This section lists the changes in version 4.12.0. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Highlights$$$Wazuh 4.12.0 introduces functional improvements that expand the platform’s capabilities and compatibility. This release supports ARM architecture in central components; allowing Wazuh to run on a wider range of hardware. It also enhances threat intelligence by adding CTI references to the CVE data; providing better context for vulnerabilities. Additionally; it introduces eBPF support for the File Integrity Monitoring (FIM) module; enabling more efficient and modern monitoring on Linux endpoints.$$$$$$ARM architecture support in central components: The Wazuh manager; indexer; and dashboard now support ARM-based systems; offering greater deployment flexibility.$$$$$$CTI links to CVE information: Vulnerability Detection module now includes CTI references within the CVE details; offering enriched context and threat intelligence to aid in vulnerability assessment.$$$$$$Improved file integrity monitoring with eBPF support: The file integrity monitoring module now supports eBPF on Linux; improving who-data monitoring and system visibility.$$$$$$New SCA policy for Distribution Independent Linux endpoints: A new Security Configuration Assessment (SCA) policy is now available for Wazuh Linux agents.$$$$$$Breaking changes$$$OpenSearch 2.19.1 and Apache Lucene upgrade: Wazuh 4.12.0 upgrades to OpenSearch 2.19.1 and updates the Apache Lucene version. This change affects compatibility with previous versions. As a result; downgrades are not supported. Once you upgrade the Wazuh indexer to version 4.12.0; you cannot revert to an earlier version.$$$$$$$$$Refer for more details - https://documentation.wazuh.com/current/release-notes/release-4-12-0.html

4.11.2 Release notes - 1 April 2025$$$This section lists the changes in version 4.11.2. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh manager$$$#28797 Improved Wazuh DB performance using built-in types.$$$$$$RESTful API$$$#28653 Added the authentication_pool_size option to customize the number of authentication processes in the Wazuh server API configuration.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh dashboard$$$#7370 #7371 Fixed several broken Wazuh documentation links.$$$$$$Refer for more details - https://documentation.wazuh.com/current/release-notes/release-4-11-2.html

4.11.1 Release notes - 12 March 2025$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh agent$$$#28075 Changed ms-graph page size to 50.$$$$$$#28045 Removed ca.com domain filter from the Rootcheck malware ruleset.$$$$$$Wazuh dashboard$$$#7318 Added missing fields to the default fields list of the alerts index pattern.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#28294 Fixed the OS CPE build for package scans with data from Wazuh-DB.$$$$$$#28292 Added delete by query logic when indexer is disabled.$$$$$$#28396 Fixed heap buffer overflow in Analysisd rule parser.$$$$$$#28429 Fixed unnecessary data copy during curl calls.$$$$$$Wazuh agent$$$#28339 Improved agent connectivity.$$$$$$#28516 Applied the agent.recv_timeout timeout to the agent enrollment process to prevent it from waiting indefinitely for a response.$$$$$$Wazuh dashboard$$$#7299 Fixed documentation links related to agent management.$$$$$$Refer for more details - https://documentation.wazuh.com/current/release-notes/release-4-11-1.html

Refer: https://github.com/wazuh/wazuh/blob/v4.11.0/CHANGELOG.md$$$$$$4.11.0 Release notes - 20 February 2025$$$This section lists the changes in version 4.11.0. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Highlights$$$The 4.11 release introduces significant improvements in vulnerability detection; system inventory accuracy; and virtual machine base OS updates. The focus is on enhancing security insights; ensuring up-to-date system compatibility; and improving detection mechanisms for installed software. Key updates include the enhancement of the vulnerability detection process for CNA (CVE Numbering Authority); updates to AMI and OVA base operating systems; and improvements to Syscollectors software detection capabilities.$$$$$$Key features include the following:$$$$$$Vulnerability detection CNA enhancement: The vulnerability scanner now prioritizes CISA-sourced vulnerability data over the NVD; ensuring more accurate and detailed vulnerability assessments. This enhancement reduces false positives and improves alignment with official security sources.$$$$$$AMI and OVA base OS update: The base OS for AMI and OVA has been updated to Amazon Linux 2023 (AL2023) due to security vulnerabilities in Amazon Linux 2 (AL2) and its approaching end of life.$$$$$$Syscollectors software detection improvement: Syscollector now provides enhanced detection of installed software. Improvements include better package identification in macOS; expanded detection of pip and npm installations; and integration with Windows WMI to capture system updates more accurately.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh manager$$$#27771 Improved delimiters on XML.$$$$$$#27893 Improved FIM decoder.$$$$$$#27835 Improved SCA and Syscheck decoders.$$$$$$#27914 Improved CISCAT decoder detection messages.$$$$$$#27692 Added CISA vulnerability content and prioritized it over NVD in the vulnerability scanner.$$$$$$#28195 Changed ms-graph page size.$$$$$$Wazuh agent$$$#26706 Improved Syscollector hotfix coverage on Windows by integrating WMI and WUA APIs.$$$$$$#26782 Extended Syscollector capabilities to detect installed .pkg packages.$$$$$$#26236 Updated standard Python and NPM package location in Syscollector to align with common installation paths.$$$$$$Wazuh dashboard$$$#7193 Refined the layout of the agent details view.$$$$$$#7195 Changed the width of the command column; relocate argvs column and change the width of the rest of the columns in the table processes.$$$$$$#7245 Removed unused node_build field in the package manifest of the wazuh plugin.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#26132 Enabled inventory synchronization in Vulnerability Detector when the Indexer module is disabled.$$$$$$Wazuh agent$$$#27739 Fixed error in event processing on AWS Custom Logs Buckets module.$$$$$$RESTful API$$$#26255 Added the security:revoke action to the PUT /security/user/revoke endpoint.$$$$$$Wazuh dashboard$$$#7251 Fixed documentation URL related to the usage of the authentication password in agent deployment.$$$$$$#7255 Fixed a problem with duplicated requests to get the list of valid index patterns in the menu.

Refer: https://github.com/wazuh/wazuh/blob/v4.11.0/CHANGELOG.md$$$$$$4.11.0 Release notes - 20 February 2025$$$This section lists the changes in version 4.11.0. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Highlights$$$The 4.11 release introduces significant improvements in vulnerability detection; system inventory accuracy; and virtual machine base OS updates. The focus is on enhancing security insights; ensuring up-to-date system compatibility; and improving detection mechanisms for installed software. Key updates include the enhancement of the vulnerability detection process for CNA (CVE Numbering Authority); updates to AMI and OVA base operating systems; and improvements to Syscollectors software detection capabilities.$$$$$$Key features include the following:$$$$$$Vulnerability detection CNA enhancement: The vulnerability scanner now prioritizes CISA-sourced vulnerability data over the NVD; ensuring more accurate and detailed vulnerability assessments. This enhancement reduces false positives and improves alignment with official security sources.$$$$$$AMI and OVA base OS update: The base OS for AMI and OVA has been updated to Amazon Linux 2023 (AL2023) due to security vulnerabilities in Amazon Linux 2 (AL2) and its approaching end of life.$$$$$$Syscollectors software detection improvement: Syscollector now provides enhanced detection of installed software. Improvements include better package identification in macOS; expanded detection of pip and npm installations; and integration with Windows WMI to capture system updates more accurately.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh manager$$$#27771 Improved delimiters on XML.$$$$$$#27893 Improved FIM decoder.$$$$$$#27835 Improved SCA and Syscheck decoders.$$$$$$#27914 Improved CISCAT decoder detection messages.$$$$$$#27692 Added CISA vulnerability content and prioritized it over NVD in the vulnerability scanner.$$$$$$#28195 Changed ms-graph page size.$$$$$$Wazuh agent$$$#26706 Improved Syscollector hotfix coverage on Windows by integrating WMI and WUA APIs.$$$$$$#26782 Extended Syscollector capabilities to detect installed .pkg packages.$$$$$$#26236 Updated standard Python and NPM package location in Syscollector to align with common installation paths.$$$$$$Wazuh dashboard$$$#7193 Refined the layout of the agent details view.$$$$$$#7195 Changed the width of the command column; relocate argvs column and change the width of the rest of the columns in the table processes.$$$$$$#7245 Removed unused node_build field in the package manifest of the wazuh plugin.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#26132 Enabled inventory synchronization in Vulnerability Detector when the Indexer module is disabled.$$$$$$Wazuh agent$$$#27739 Fixed error in event processing on AWS Custom Logs Buckets module.$$$$$$RESTful API$$$#26255 Added the security:revoke action to the PUT /security/user/revoke endpoint.$$$$$$Wazuh dashboard$$$#7251 Fixed documentation URL related to the usage of the authentication password in agent deployment.$$$$$$#7255 Fixed a problem with duplicated requests to get the list of valid index patterns in the menu.

Refer: https://github.com/wazuh/wazuh/blob/v4.10.1/CHANGELOG.md$$$$$$4.10.1 Release notes - 16 January 2025$$$This section lists the changes in version 4.10.1. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh dashboard$$$#7233 Added comma separators to numbers.$$$$$$#7226 Moved the ability to manage the visibility of fields in Events and Vulnerability Detection > Inventory tables from the Columns button to a new Available fields button; enhancing the performance of the view.$$$$$$#7226 Changed the color of the Export formatted button in data grid tables to match the color of the rest of the table buttons.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#27502 Handled HTTP 413 response code in the Indexer connector.$$$$$$Changelogs$$$The repository changelogs provide more details about the changes.

4.10.0 Release notes - 9 January 2025$$$This section lists the changes in version 4.10.0. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Highlights$$$This release delivers key improvements across several areas; including enhanced debugging; expanded integration capabilities; standardised logging; refined compliance checks; and an improved dashboard user experience.$$$$$$Key features include the following:$$$$$$Wazuh debug symbols generation: Debug symbols are now generated during builds for macOS; Linux; and Windows; with crash dump generation by default in installers. Adequate documentation is provided for users to disable the crash dump generation process.$$$$$$Standardized logging for cloud integrations: A logger has been introduced to standardize logs for cloud integration modules; improving log management and consistency.$$$$$$Microsoft Intune integration: Integration with Microsoft Intune allows Wazuh to retrieve audit logs from managed devices; process them using built-in decoders and rules; and generate actionable security alerts.$$$$$$Vulnerability evaluation status: A new field has been introduced to indicate whether a vulnerability is under evaluation or disputed; assisting users in tracking vulnerabilities still awaiting analysis in the National Vulnerability Database (NVD).$$$$$$Wazuh Dashboard UI improvements: Several key sections of the Wazuh dashboard have been redesigned to improve the user experience. Changes include updates to the Overview; Events; and Agent detail pages; along with the addition of an Agents management menu. Additionally; there are redesigns of the deploy new agent page; adjustments to the loading logo size; and fixes to the vulnerability inventory table for improved usability.$$$$$$Reworked SCA policies: Numerous SCA policies have been reworked; including policies for Rocky Linux 8; Alma Linux 8; Amazon Linux 2023; Windows Server 2019; RedHat 9; Windows Server 2012 R2; Windows Server 2012 (no R2); Debian 10; Ubuntu 18; Amazon Linux 2; SUSE 15; macOS Ventura; and Windows 11 Enterprise..$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh manager$$$#24333 Added self-recovery mechanism for rocksDB databases.$$$$$$#25189 Improve logging for indexer connector monitoring class.$$$$$$#23760 Added generation of debug symbols.$$$$$$#27320 Improved Vulnerability Scanner performance by optimizing the PEP440 version matcher.$$$$$$#27324 Improved Vulnerability Scanner performance by optimizing version matcher object creation.$$$$$$#27321 Improved Vulnerability Scanner performance by optimizing global data handling.$$$$$$Wazuh agent$$$#23760 Added generation of debug symbols.$$$$$$#23998 Changed how the AWS module handles non-existent regions.$$$$$$#2006 Changed macOS packages building tool.$$$$$$#7498 Enhanced Wazuh macOS agent installation instructions.$$$$$$#2826 Enhanced Windows agent signing procedure.$$$$$$#23466 Enhanced security by implementing a mechanism to prevent unauthorized uninstallation of the Wazuh agent on Linux endpoints.$$$$$$#24498 Enhanced integration with Microsoft Intune MDM to pull audit logs for security alert generation.$$$$$$#26137 Updated rootcheck old signatures.

4.9.2 Release notes - 4 November 2024$$$This section lists the changes in version 4.9.2. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#26453 Fixed an unhandled exception during IPC event parsing.$$$$$$Wazuh dashboard$$$#7128 Fixed vulnerabilities inventory table scroll.$$$$$$Changelogs$$$The repository changelogs provide more details about the changes.$$$$$$Product repositories$$$wazuh/wazuh$$$$$$wazuh/wazuh-dashboard-plugins$$$$$$wazuh/wazuh-packages$$$$$$Auxiliary repositories$$$wazuh/wazuh-ansible$$$$$$wazuh/wazuh-kubernetes$$$$$$wazuh/wazuh-puppet$$$$$$wazuh/wazuh-docker$$$$$$wazuh/wazuh-qa$$$$$$wazuh/qa-integration-framework$$$$$$wazuh/wazuh-documentation

4.9.1 Release notes - 17 October 2024$$$This section lists the changes in version 4.9.1. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh manager$$$#24110 Improved provisioning method for wazuh-keystore to enhance security.$$$$$$Wazuh agent$$$#25652 Added support for macOS 15 Sequoia in Wazuh Agent.$$$$$$RESTful API$$$#26103 Changed the error status code thrown when basic services are down to 500.$$$$$$Wazuh dashboard$$$#6977 Added feature to filter by field in the events table rows.$$$$$$#6981 Changed the text of the query limit tooltip.$$$$$$#6919 Upgraded the axios dependency to 1.7.4.$$$$$$#6954 Improved MITRE ATT&CK intelligence flyout details readability.$$$$$$#6984 Upgraded Event-tab column selector to show picked columns first.$$$$$$#6960 Changed vulnerabilities.reference to links in Vulnerability Detection > Inventory columns.$$$$$$#6982 Upgraded the follow-redirects dependency to 1.15.6.$$$$$$#6956 Changed many loading spinners in some views to loading search progress.$$$$$$#6999 Removed the XML autoformat function group configuration due to performance issues.$$$$$$#7023 Removed the PDF report footer year.$$$$$$#7086 Removed data grid tables from Threat Hunting dashboard; GitHub panel; and Office365 panel.$$$$$$Packages$$$#3111 Added offline installation assistant import for the downloaded GPG Wazuh key.$$$$$$#3098 Changed version to tag reference in source_branch references.$$$$$$#3118 Changed Filebeat passwords only when installing Wazuh Server or changing passwords.$$$$$$#3119 Updated SECURITY.md format.$$$$$$#3121 Added stage parameter in bump_version script.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#24909 Fixed vulnerability detector issue where RPM upgrade wouldnt download new content.$$$$$$#25667 Fixed uncaught exception at Keystore test tool.$$$$$$#25705 Replaced eval calls with ast.literal_eval.$$$$$$#26277 Fixed the cluster being disabled by default when loading configurations.$$$$$$#25945 Added support for ARM packages for wazuh-manager.$$$$$$Wazuh agent$$$#24910 Fixed agent crash on Windows version 4.8.0.$$$$$$#25209 Fixed data race conditions at FIMs run_check.$$$$$$#24376 Fixed Windows agent crashes related to syscollector.dll.$$$$$$#25445 Fixed errors related to the libatomic.a library on AIX 7.X.$$$$$$#24932 Fixed errors in Windows Agent where EvtFormatMessage returned errors 15027 and 15033.$$$$$$#25459 Fixed FIM issue where it couldnt fetch group entries longer than 1024 bytes.$$$$$$#25469 Fixed Wazuh Agent crash at syscollector.$$$$$$#23528 Fixed a bug in the processed dates in the AWS module related to the AWS Config type.$$$$$$#24694 Fixed an error in Custom Logs Buckets when parsing a CSV file that exceeds a certain size.$$$$$$#26108 Fixed macOS syslog and ULS not configured out-of-the-box.$$$$$$RESTful API$$$#25764 Fixed requests logging to obtain the hash_auth_context from JWT tokens.$$$$$$#25216 Enabled API to listen to both IPv4 and IPv6 stacks.$$$$$$Wazuh dashboard$$$#6933 Fixed issue causing vulnerability dashboard to fail loading for read-only users.$$$$$$#6905 Fixed the temporal directory variable in the command to deploy a new Windows agent.$$$$$$#6906 Fixed an error in the command to deploy a new macOS agent that could cause the registration password to have a wrong value due to a $$$ inclusion.$$$$$$#6901 Fixed rendering of an active response as disabled when it is active.$$$$$$#6908 Fixed an error in Dev Tools when using payload properties as arrays.$$$$$$#6987 Fixed font size in tables used in the events tab; the Threat hunting dashboard tab; and the Vulnerabilities inventory tab.$$$$$$#6983 Fixed missing link to Vulnerabilities detection and Office 365 in the agent menu of Endpoints Summary.$$$$$$#6983 Fixed missing options depending on agent operating system in the agent configuration report.$$$$$$#6989 Fixed a style issue that affected the Discover plugin.$$$$$$#

4.9.1 Release notes - 17 October 2024$$$This section lists the changes in version 4.9.1. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh manager$$$#24110 Improved provisioning method for wazuh-keystore to enhance security.$$$$$$Wazuh agent$$$#25652 Added support for macOS 15 Sequoia in Wazuh Agent.$$$$$$RESTful API$$$#26103 Changed the error status code thrown when basic services are down to 500.$$$$$$Wazuh dashboard$$$#6977 Added feature to filter by field in the events table rows.$$$$$$#6981 Changed the text of the query limit tooltip.$$$$$$#6919 Upgraded the axios dependency to 1.7.4.$$$$$$#6954 Improved MITRE ATT&CK intelligence flyout details readability.$$$$$$#6984 Upgraded Event-tab column selector to show picked columns first.$$$$$$#6960 Changed vulnerabilities.reference to links in Vulnerability Detection > Inventory columns.$$$$$$#6982 Upgraded the follow-redirects dependency to 1.15.6.$$$$$$#6956 Changed many loading spinners in some views to loading search progress.$$$$$$#6999 Removed the XML autoformat function group configuration due to performance issues.$$$$$$#7023 Removed the PDF report footer year.$$$$$$#7086 Removed data grid tables from Threat Hunting dashboard; GitHub panel; and Office365 panel.$$$$$$Packages$$$#3111 Added offline installation assistant import for the downloaded GPG Wazuh key.$$$$$$#3098 Changed version to tag reference in source_branch references.$$$$$$#3118 Changed Filebeat passwords only when installing Wazuh Server or changing passwords.$$$$$$#3119 Updated SECURITY.md format.$$$$$$#3121 Added stage parameter in bump_version script.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#24909 Fixed vulnerability detector issue where RPM upgrade wouldnt download new content.$$$$$$#25667 Fixed uncaught exception at Keystore test tool.$$$$$$#25705 Replaced eval calls with ast.literal_eval.$$$$$$#26277 Fixed the cluster being disabled by default when loading configurations.$$$$$$#25945 Added support for ARM packages for wazuh-manager.$$$$$$Wazuh agent$$$#24910 Fixed agent crash on Windows version 4.8.0.$$$$$$#25209 Fixed data race conditions at FIMs run_check.$$$$$$#24376 Fixed Windows agent crashes related to syscollector.dll.$$$$$$#25445 Fixed errors related to the libatomic.a library on AIX 7.X.$$$$$$#24932 Fixed errors in Windows Agent where EvtFormatMessage returned errors 15027 and 15033.$$$$$$#25459 Fixed FIM issue where it couldnt fetch group entries longer than 1024 bytes.$$$$$$#25469 Fixed Wazuh Agent crash at syscollector.$$$$$$#23528 Fixed a bug in the processed dates in the AWS module related to the AWS Config type.$$$$$$#24694 Fixed an error in Custom Logs Buckets when parsing a CSV file that exceeds a certain size.$$$$$$#26108 Fixed macOS syslog and ULS not configured out-of-the-box.$$$$$$RESTful API$$$#25764 Fixed requests logging to obtain the hash_auth_context from JWT tokens.$$$$$$#25216 Enabled API to listen to both IPv4 and IPv6 stacks.$$$$$$Wazuh dashboard$$$#6933 Fixed issue causing vulnerability dashboard to fail loading for read-only users.$$$$$$#6905 Fixed the temporal directory variable in the command to deploy a new Windows agent.$$$$$$#6906 Fixed an error in the command to deploy a new macOS agent that could cause the registration password to have a wrong value due to a $$$ inclusion.$$$$$$#6901 Fixed rendering of an active response as disabled when it is active.$$$$$$#6908 Fixed an error in Dev Tools when using payload properties as arrays.$$$$$$#6987 Fixed font size in tables used in the events tab; the Threat hunting dashboard tab; and the Vulnerabilities inventory tab.$$$$$$#6983 Fixed missing link to Vulnerabilities detection and Office 365 in the agent menu of Endpoints Summary.$$$$$$#6983 Fixed missing options depending on agent operating system in the agent configuration report.$$$$$$#6989 Fixed a style issue that affected the Discover plugin.$$$$$$#

4.9.1 Release notes - 17 October 2024$$$This section lists the changes in version 4.9.1. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh manager$$$#24110 Improved provisioning method for wazuh-keystore to enhance security.$$$$$$Wazuh agent$$$#25652 Added support for macOS 15 Sequoia in Wazuh Agent.$$$$$$RESTful API$$$#26103 Changed the error status code thrown when basic services are down to 500.$$$$$$Wazuh dashboard$$$#6977 Added feature to filter by field in the events table rows.$$$$$$#6981 Changed the text of the query limit tooltip.$$$$$$#6919 Upgraded the axios dependency to 1.7.4.$$$$$$#6954 Improved MITRE ATT&CK intelligence flyout details readability.$$$$$$#6984 Upgraded Event-tab column selector to show picked columns first.$$$$$$#6960 Changed vulnerabilities.reference to links in Vulnerability Detection > Inventory columns.$$$$$$#6982 Upgraded the follow-redirects dependency to 1.15.6.$$$$$$#6956 Changed many loading spinners in some views to loading search progress.$$$$$$#6999 Removed the XML autoformat function group configuration due to performance issues.$$$$$$#7023 Removed the PDF report footer year.$$$$$$#7086 Removed data grid tables from Threat Hunting dashboard; GitHub panel; and Office365 panel.$$$$$$Packages$$$#3111 Added offline installation assistant import for the downloaded GPG Wazuh key.$$$$$$#3098 Changed version to tag reference in source_branch references.$$$$$$#3118 Changed Filebeat passwords only when installing Wazuh Server or changing passwords.$$$$$$#3119 Updated SECURITY.md format.$$$$$$#3121 Added stage parameter in bump_version script.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$#24909 Fixed vulnerability detector issue where RPM upgrade wouldnt download new content.$$$$$$#25667 Fixed uncaught exception at Keystore test tool.$$$$$$#25705 Replaced eval calls with ast.literal_eval.$$$$$$#26277 Fixed the cluster being disabled by default when loading configurations.$$$$$$#25945 Added support for ARM packages for wazuh-manager.$$$$$$Wazuh agent$$$#24910 Fixed agent crash on Windows version 4.8.0.$$$$$$#25209 Fixed data race conditions at FIMs run_check.$$$$$$#24376 Fixed Windows agent crashes related to syscollector.dll.$$$$$$#25445 Fixed errors related to the libatomic.a library on AIX 7.X.$$$$$$#24932 Fixed errors in Windows Agent where EvtFormatMessage returned errors 15027 and 15033.$$$$$$#25459 Fixed FIM issue where it couldnt fetch group entries longer than 1024 bytes.$$$$$$#25469 Fixed Wazuh Agent crash at syscollector.$$$$$$#23528 Fixed a bug in the processed dates in the AWS module related to the AWS Config type.$$$$$$#24694 Fixed an error in Custom Logs Buckets when parsing a CSV file that exceeds a certain size.$$$$$$#26108 Fixed macOS syslog and ULS not configured out-of-the-box.$$$$$$RESTful API$$$#25764 Fixed requests logging to obtain the hash_auth_context from JWT tokens.$$$$$$#25216 Enabled API to listen to both IPv4 and IPv6 stacks.$$$$$$Wazuh dashboard$$$#6933 Fixed issue causing vulnerability dashboard to fail loading for read-only users.$$$$$$#6905 Fixed the temporal directory variable in the command to deploy a new Windows agent.$$$$$$#6906 Fixed an error in the command to deploy a new macOS agent that could cause the registration password to have a wrong value due to a $$$ inclusion.$$$$$$#6901 Fixed rendering of an active response as disabled when it is active.$$$$$$#6908 Fixed an error in Dev Tools when using payload properties as arrays.$$$$$$#6987 Fixed font size in tables used in the events tab; the Threat hunting dashboard tab; and the Vulnerabilities inventory tab.$$$$$$#6983 Fixed missing link to Vulnerabilities detection and Office 365 in the agent menu of Endpoints Summary.$$$$$$#6983 Fixed missing options depending on agent operating system in the agent configuration report.$$$$$$#6989 Fixed a style issue that affected the Discover plugin.$$$$$$#

4.9.0 Release notes - 5 September 2024$$$This section lists the changes in version 4.9.0. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Highlights$$$This release introduces several significant updates aimed at enhancing functionality; compatibility; and user experience. Key updates include support for journald logs in Logcollector; improved compatibility with OpenSearch 2.11.0; and integration with AWS Security Hub. Additionally; there are improvements to WPK packages and enhancements in the Wazuh-API with Connexion 3.0 and Uvicorn support. The release also addresses numerous bugs; further stabilizing the platform and improving overall performance.$$$$$$Journald support in Logcollector: Systemds journald logging is now supported; enabling Logcollector to monitor these logs; which can provide valuable information for users.$$$$$$Integrate Wazuh with AWS Security Hub: Wazuh now integrates with AWS Security Hub; enabling users to manage security and assess compliance with best practices directly within AWS.$$$$$$Improve WPKs: The WPK packages logic has been streamlined; reducing complexity; especially in the backup/rollback process; and ensuring smoother updates.$$$$$$Refactoring and redesign Endpoints Summary charts: The Endpoints Summary charts have been refactored and redesigned for improved clarity and usability.$$$$$$New or updated SCA policies: Added support for Oracle Linux 9; Alma Linux 9; and Rocky Linux 9; and updated policies for RedHat 7; CentOS 7; RedHat 8; and CentOS 8.

4.9.0 Release notes - 5 September 2024$$$This section lists the changes in version 4.9.0. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Highlights$$$This release introduces several significant updates aimed at enhancing functionality; compatibility; and user experience. Key updates include support for journald logs in Logcollector; improved compatibility with OpenSearch 2.11.0; and integration with AWS Security Hub. Additionally; there are improvements to WPK packages and enhancements in the Wazuh-API with Connexion 3.0 and Uvicorn support. The release also addresses numerous bugs; further stabilizing the platform and improving overall performance.$$$$$$Journald support in Logcollector: Systemds journald logging is now supported; enabling Logcollector to monitor these logs; which can provide valuable information for users.$$$$$$Integrate Wazuh with AWS Security Hub: Wazuh now integrates with AWS Security Hub; enabling users to manage security and assess compliance with best practices directly within AWS.$$$$$$Improve WPKs: The WPK packages logic has been streamlined; reducing complexity; especially in the backup/rollback process; and ensuring smoother updates.$$$$$$Refactoring and redesign Endpoints Summary charts: The Endpoints Summary charts have been refactored and redesigned for improved clarity and usability.$$$$$$New or updated SCA policies: Added support for Oracle Linux 9; Alma Linux 9; and Rocky Linux 9; and updated policies for RedHat 7; CentOS 7; RedHat 8; and CentOS 8.

[v4.8.2]$$$Manager$$$Fixed$$$Backport fix when remoted fails to read a message. (#25225)

[v4.8.1]$$$Manager$$$Added$$$Added dedicated RSA keys for keystore encryption. (#24357)$$$Fixed$$$Fixed bug in upgrade_agent CLI where it would sometimes raise an unhandled exception. (#24341)$$$Changed keystore cipher algorithm to remove reuse of sslmanager.cert and sslmanager.key. (#24509)$$$Agent$$$Fixed$$$Fixed incorrect macOS agent name retrieval. (#23989)$$$RESTful API$$$Changed$$$Changed GET /manager/version/check endpoint response to always show the uuid field. (#24173)$$$Other$$$Changed$$$Upgraded external Jinja2 library dependency version to 3.1.4. (#24108)$$$Upgraded external requests library dependency version to 2.32.2. (#23925)

4.8.0 Release notes - 12 June 2024$$$This section lists the changes in version 4.8.0. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Highlights$$$This release introduces a major refactor of the Vulnerability Detector module that increases coverage and improves reliability by using a centralized feed of curated vulnerabilities maintained by Wazuh. It introduces global queries for vulnerability detection information; allowing users to search through vulnerability detection data across all endpoints.$$$$$$The Wazuh dashboard notifies users whenever theres a newer Wazuh version available and offers a revamped UX navigation experience by completely overhauling the menu layout.$$$$$$To support the centralized vulnerability feed and update check services; Wazuh has developed a new platform aimed at integrating and distributing Cyber Threat Intelligence (CTI) data.$$$$$$Package inventory can now collect information from expanded sources; including the Snap package manager.$$$$$$The release also addresses hundreds of bugs of varying impacts; further stabilizing the platform and improving the overall user experience.$$$$$$Vulnerability Detector refactor: Vulnerability detection uses a centralized feed maintained by Wazuh and introduces global queries; significantly improving vulnerability detection capabilities and performance.$$$$$$Update check service UI: Users can now be notified whenever theres a new Wazuh version available.$$$$$$Wazuh dashboard UX redesign: A significant overhaul aimed at enhancing the user interface and experience; making navigation and operation more intuitive.$$$$$$Snap packages support & PYPI and Node packages support: Wazuh now includes support for inventorying packages installed through the Snap package manager; improving visibility into software management.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Manager$$$#21201 Refactored vulnerability detection capability.$$$$$$#18476 Improved wazuh-db detection of deleted database files.$$$$$$#16893 Added timeout and retry parameters to the VirusTotal integration.$$$$$$#18988 Extended wazuh-analysisd EPS metrics with events dropped by overload and remaining credits in the previous cycle.$$$$$$#19819 Replaced Filebeat date index name processor to ensure the indices are identifiable by the index alias for auto-rollover.$$$$$$#18466 Updated API and framework packages installation commands to use pip instead of direct invocation of setuptools.$$$$$$#17015 Refactored how cluster status dates are treated in the cluster.$$$$$$#21602 The log message about file rotation and signature from wazuh-monitord has been updated.$$$$$$#21670 Implemented a dedicated keystore for indexer configuration to improve management of sensitive information.$$$$$$#22774 Improved Wazuh-DB performance by adjusting SQLite synchronization policy.$$$$$$#17750 Upgraded docker-compose V1 to V2 in API Integration test scripts.$$$$$$Agent$$$#15740 Added snap package manager support to Syscollector.$$$$$$#18574 Disabled hosts IP query by Logcollector when ip_update_interval=0.$$$$$$#17932 Added event size validation for the external integrations.$$$$$$#17623 Refactored and modularized the AWS integration code.$$$$$$#17623 Added new unit tests for the AWS integration.$$$$$$#19064 Added multiple tenants support to the MS Graph integration module.$$$$$$#16200 FIM now buffers the Linux audit events for who-data to prevent side effects in other components.$$$$$$#19720 The sub-process execution implementation has been improved.$$$$$$#20649 Added geolocation mapping for the AWS WAF events.$$$$$$#21530 Added a validation to reject unsupported regions when using the inspector service.$$$$$$#21561 Added additional information on some AWS integration errors.$$$$$$#21791 Replaced the usage of fopen with wfopen to avoid processing invalid characters on Windows.$$$$$$#21637 Fixed installation script to prevent macOS agent to start automatically after installation.

4.8.0 Release notes - 12 June 2024$$$This section lists the changes in version 4.8.0. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Highlights$$$This release introduces a major refactor of the Vulnerability Detector module that increases coverage and improves reliability by using a centralized feed of curated vulnerabilities maintained by Wazuh. It introduces global queries for vulnerability detection information; allowing users to search through vulnerability detection data across all endpoints.$$$$$$The Wazuh dashboard notifies users whenever theres a newer Wazuh version available and offers a revamped UX navigation experience by completely overhauling the menu layout.$$$$$$To support the centralized vulnerability feed and update check services; Wazuh has developed a new platform aimed at integrating and distributing Cyber Threat Intelligence (CTI) data.$$$$$$Package inventory can now collect information from expanded sources; including the Snap package manager.$$$$$$The release also addresses hundreds of bugs of varying impacts; further stabilizing the platform and improving the overall user experience.$$$$$$Vulnerability Detector refactor: Vulnerability detection uses a centralized feed maintained by Wazuh and introduces global queries; significantly improving vulnerability detection capabilities and performance.$$$$$$Update check service UI: Users can now be notified whenever theres a new Wazuh version available.$$$$$$Wazuh dashboard UX redesign: A significant overhaul aimed at enhancing the user interface and experience; making navigation and operation more intuitive.$$$$$$Snap packages support & PYPI and Node packages support: Wazuh now includes support for inventorying packages installed through the Snap package manager; improving visibility into software management.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Manager$$$#21201 Refactored vulnerability detection capability.$$$$$$#18476 Improved wazuh-db detection of deleted database files.$$$$$$#16893 Added timeout and retry parameters to the VirusTotal integration.$$$$$$#18988 Extended wazuh-analysisd EPS metrics with events dropped by overload and remaining credits in the previous cycle.$$$$$$#19819 Replaced Filebeat date index name processor to ensure the indices are identifiable by the index alias for auto-rollover.$$$$$$#18466 Updated API and framework packages installation commands to use pip instead of direct invocation of setuptools.$$$$$$#17015 Refactored how cluster status dates are treated in the cluster.$$$$$$#21602 The log message about file rotation and signature from wazuh-monitord has been updated.$$$$$$#21670 Implemented a dedicated keystore for indexer configuration to improve management of sensitive information.$$$$$$#22774 Improved Wazuh-DB performance by adjusting SQLite synchronization policy.$$$$$$#17750 Upgraded docker-compose V1 to V2 in API Integration test scripts.$$$$$$Agent$$$#15740 Added snap package manager support to Syscollector.$$$$$$#18574 Disabled hosts IP query by Logcollector when ip_update_interval=0.$$$$$$#17932 Added event size validation for the external integrations.$$$$$$#17623 Refactored and modularized the AWS integration code.$$$$$$#17623 Added new unit tests for the AWS integration.$$$$$$#19064 Added multiple tenants support to the MS Graph integration module.$$$$$$#16200 FIM now buffers the Linux audit events for who-data to prevent side effects in other components.$$$$$$#19720 The sub-process execution implementation has been improved.$$$$$$#20649 Added geolocation mapping for the AWS WAF events.$$$$$$#21530 Added a validation to reject unsupported regions when using the inspector service.$$$$$$#21561 Added additional information on some AWS integration errors.$$$$$$#21791 Replaced the usage of fopen with wfopen to avoid processing invalid characters on Windows.$$$$$$#21637 Fixed installation script to prevent macOS agent to start automatically after installation.

4.8.0 Release notes - 12 June 2024$$$This section lists the changes in version 4.8.0. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Highlights$$$This release introduces a major refactor of the Vulnerability Detector module that increases coverage and improves reliability by using a centralized feed of curated vulnerabilities maintained by Wazuh. It introduces global queries for vulnerability detection information; allowing users to search through vulnerability detection data across all endpoints.$$$$$$The Wazuh dashboard notifies users whenever theres a newer Wazuh version available and offers a revamped UX navigation experience by completely overhauling the menu layout.$$$$$$To support the centralized vulnerability feed and update check services; Wazuh has developed a new platform aimed at integrating and distributing Cyber Threat Intelligence (CTI) data.$$$$$$Package inventory can now collect information from expanded sources; including the Snap package manager.$$$$$$The release also addresses hundreds of bugs of varying impacts; further stabilizing the platform and improving the overall user experience.$$$$$$Vulnerability Detector refactor: Vulnerability detection uses a centralized feed maintained by Wazuh and introduces global queries; significantly improving vulnerability detection capabilities and performance.$$$$$$Update check service UI: Users can now be notified whenever theres a new Wazuh version available.$$$$$$Wazuh dashboard UX redesign: A significant overhaul aimed at enhancing the user interface and experience; making navigation and operation more intuitive.$$$$$$Snap packages support & PYPI and Node packages support: Wazuh now includes support for inventorying packages installed through the Snap package manager; improving visibility into software management.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Manager$$$#21201 Refactored vulnerability detection capability.$$$$$$#18476 Improved wazuh-db detection of deleted database files.$$$$$$#16893 Added timeout and retry parameters to the VirusTotal integration.$$$$$$#18988 Extended wazuh-analysisd EPS metrics with events dropped by overload and remaining credits in the previous cycle.$$$$$$#19819 Replaced Filebeat date index name processor to ensure the indices are identifiable by the index alias for auto-rollover.$$$$$$#18466 Updated API and framework packages installation commands to use pip instead of direct invocation of setuptools.$$$$$$#17015 Refactored how cluster status dates are treated in the cluster.$$$$$$#21602 The log message about file rotation and signature from wazuh-monitord has been updated.$$$$$$#21670 Implemented a dedicated keystore for indexer configuration to improve management of sensitive information.$$$$$$#22774 Improved Wazuh-DB performance by adjusting SQLite synchronization policy.$$$$$$#17750 Upgraded docker-compose V1 to V2 in API Integration test scripts.$$$$$$Agent$$$#15740 Added snap package manager support to Syscollector.$$$$$$#18574 Disabled hosts IP query by Logcollector when ip_update_interval=0.$$$$$$#17932 Added event size validation for the external integrations.$$$$$$#17623 Refactored and modularized the AWS integration code.$$$$$$#17623 Added new unit tests for the AWS integration.$$$$$$#19064 Added multiple tenants support to the MS Graph integration module.$$$$$$#16200 FIM now buffers the Linux audit events for who-data to prevent side effects in other components.$$$$$$#19720 The sub-process execution implementation has been improved.$$$$$$#20649 Added geolocation mapping for the AWS WAF events.$$$$$$#21530 Added a validation to reject unsupported regions when using the inspector service.$$$$$$#21561 Added additional information on some AWS integration errors.$$$$$$#21791 Replaced the usage of fopen with wfopen to avoid processing invalid characters on Windows.$$$$$$#21637 Fixed installation script to prevent macOS agent to start automatically after installation.

4.7.5 Release notes - 30 May 2024$$$This section lists the changes in version 4.7.5. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh manager$$$#23441 Added a database endpoint to recalculate the hash of agent groups.$$$$$$Wazuh dashboard$$$#6687 Added sanitization to custom branding SVG files.

4.7.4 Release notes - 29 April 2024$$$$$$This section lists the changes in version 4.7.4. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$Reference$$$$$$Description$$$$$$#22933$$$$$$Fixed wazuh-db not clearing labels from deleted agents.$$$$$$#22994$$$$$$Improved stability by ensuring workers resume normal operations even during master node downtime.$$$$$$Changelogs$$$More details about these changes are provided in the changelog of each component:$$$$$$wazuh/wazuh$$$$$$wazuh/wazuh-dashboard$$$$$$wazuh/wazuh-packages

4.7.4 Release notes - 29 April 2024$$$$$$This section lists the changes in version 4.7.4. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$Reference$$$$$$Description$$$$$$#22933$$$$$$Fixed wazuh-db not clearing labels from deleted agents.$$$$$$#22994$$$$$$Improved stability by ensuring workers resume normal operations even during master node downtime.$$$$$$Changelogs$$$More details about these changes are provided in the changelog of each component:$$$$$$wazuh/wazuh$$$$$$wazuh/wazuh-dashboard$$$$$$wazuh/wazuh-packages

4.7.3 Release notes - 4 March 2024$$$$$$This section lists the changes in version 4.7.3. Every update of the Wazuh solution is cumulative and includes all enhancements and fixes from previous releases.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$Reference$$$$$$Description$$$$$$#21997$$$$$$Resolved a transitive mutex locking issue in wazuh-db that was impacting performance.$$$$$$#21977$$$$$$Wazuh DB internal SQL queries have been optimized by tuning database indexes to improve performance.$$$$$$Wazuh dashboard$$$Reference$$$$$$Description$$$$$$#6458$$$$$$Fixed an error when uploading CDB lists.$$$$$$Changelogs$$$More details about these changes are provided in the changelog of each component:$$$$$$wazuh/wazuh$$$$$$wazuh/wazuh-dashboard$$$$$$wazuh/wazuh-packages

4.7.2 Release notes - 10 January 2024$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh manager$$$#21142 Added minimum time constraint of 1 hour for downloading the Vulnerability Detector feed.$$$$$$Wazuh agent$$$#20638 Added request timeouts for the external and cloud integrations. This prevents indefinite waiting for a response.$$$$$$Ruleset$$$#17565 Added new SCA policy for Debian 12 systems.$$$$$$Other$$$#20798 Upgraded external aiohttp library dependency to version 3.9.1 to address a security vulnerability.$$$$$$Wazuh dashboard$$$#6191 Added Hostname and Board Serial information to Agents > Inventory data.$$$$$$#6208 Added contextual information to the deploy agent steps.$$$$$$Packages$$$#2670 Removed installed dependencies that were part of the Wazuh installation assistant. This ensures a clean post-installation state.$$$$$$#2677 Removed gnupg package as RPM dependency in the Wazuh installation assistant.$$$$$$#2693 Added Debian12 SCA files.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$Reference$$$$$$Description$$$$$$#21011$$$$$$wazuh-remoted now logs the warning regarding invalid message size from agents in hex format.$$$$$$#20658$$$$$$Fixed a bug within the Windows Eventchannel decoder to ensure proper handling of Unicode characters.$$$$$$#20735$$$$$$Fixed data validation for decoding Windows Eventchannel XML input strings.$$$$$$Wazuh agent$$$Reference$$$$$$Description$$$$$$#20656$$$$$$Implemented validation for the format of the IP address parameter in the host_deny active response.$$$$$$#20594$$$$$$Fixed a bug in the Windows agent that might lead it to crash when gathering forwarded Windows events.$$$$$$#20447$$$$$$Fixed issue with the profile prefix in parsing AWS configuration profiles.$$$$$$#20660$$$$$$Fixed parsing and validation for the AWS regions argument; expanding the AWS regions list accordingly.$$$$$$Ruleset$$$Reference$$$$$$Description$$$$$$#20663$$$$$$Updated AWS Macie rules to show relevant fields in alert details.$$$$$$Wazuh dashboard$$$Reference$$$$$$Description$$$$$$#6185$$$$$$Fixed Agents preview page load when there are no registered agents.$$$$$$#6206; #6213$$$$$$Changed the endpoint to get Wazuh server auth configuration to manager/configuration/auth/auth.$$$$$$#6224$$$$$$Fixed error navigating back to agent in some scenarios.$$$$$$Packages$$$Reference$$$$$$Description$$$$$$#2667$$$$$$Fixed warning message when generating certificates.$$$$$$Changelogs$$$More details about these changes are provided in the changelog of each component:$$$$$$wazuh/wazuh$$$$$$wazuh/wazuh-dashboard$$$$$$wazuh/wazuh-packages

4.7.2 Release notes - 10 January 2024$$$$$$Whats new$$$This release includes new features or enhancements as the following:$$$$$$Wazuh manager$$$#21142 Added minimum time constraint of 1 hour for downloading the Vulnerability Detector feed.$$$$$$Wazuh agent$$$#20638 Added request timeouts for the external and cloud integrations. This prevents indefinite waiting for a response.$$$$$$Ruleset$$$#17565 Added new SCA policy for Debian 12 systems.$$$$$$Other$$$#20798 Upgraded external aiohttp library dependency to version 3.9.1 to address a security vulnerability.$$$$$$Wazuh dashboard$$$#6191 Added Hostname and Board Serial information to Agents > Inventory data.$$$$$$#6208 Added contextual information to the deploy agent steps.$$$$$$Packages$$$#2670 Removed installed dependencies that were part of the Wazuh installation assistant. This ensures a clean post-installation state.$$$$$$#2677 Removed gnupg package as RPM dependency in the Wazuh installation assistant.$$$$$$#2693 Added Debian12 SCA files.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Wazuh manager$$$Reference$$$$$$Description$$$$$$#21011$$$$$$wazuh-remoted now logs the warning regarding invalid message size from agents in hex format.$$$$$$#20658$$$$$$Fixed a bug within the Windows Eventchannel decoder to ensure proper handling of Unicode characters.$$$$$$#20735$$$$$$Fixed data validation for decoding Windows Eventchannel XML input strings.$$$$$$Wazuh agent$$$Reference$$$$$$Description$$$$$$#20656$$$$$$Implemented validation for the format of the IP address parameter in the host_deny active response.$$$$$$#20594$$$$$$Fixed a bug in the Windows agent that might lead it to crash when gathering forwarded Windows events.$$$$$$#20447$$$$$$Fixed issue with the profile prefix in parsing AWS configuration profiles.$$$$$$#20660$$$$$$Fixed parsing and validation for the AWS regions argument; expanding the AWS regions list accordingly.$$$$$$Ruleset$$$Reference$$$$$$Description$$$$$$#20663$$$$$$Updated AWS Macie rules to show relevant fields in alert details.$$$$$$Wazuh dashboard$$$Reference$$$$$$Description$$$$$$#6185$$$$$$Fixed Agents preview page load when there are no registered agents.$$$$$$#6206; #6213$$$$$$Changed the endpoint to get Wazuh server auth configuration to manager/configuration/auth/auth.$$$$$$#6224$$$$$$Fixed error navigating back to agent in some scenarios.$$$$$$Packages$$$Reference$$$$$$Description$$$$$$#2667$$$$$$Fixed warning message when generating certificates.$$$$$$Changelogs$$$More details about these changes are provided in the changelog of each component:$$$$$$wazuh/wazuh$$$$$$wazuh/wazuh-dashboard$$$$$$wazuh/wazuh-packages

Whats new$$$This release includes new features or enhancements as the following:$$$$$$Agent$$$#20616 Improved WPK upgrade scripts to ensure safe execution and backup generation.$$$$$$Other$$$#20149 Upgraded external certifi library dependency version to 2023.07.22.$$$$$$#20149 Upgraded external requests library dependency version to 2.31.0.$$$$$$#18800 Upgraded embedded Python version to 3.9.18.$$$$$$Packages$$$#2559 Updated Wazuh assistant help text for offline download option.$$$$$$#2627 Updated error message for CentOS GPG key import failure.$$$$$$#2624 Added macOS 14 Sonoma SCA files.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Manager$$$Reference$$$$$$Description$$$$$$#20178$$$$$$Fixed a thread lock bug that slowed down wazuh-db performance.$$$$$$#20386$$$$$$Fixed a bug in Vulnerability detector that skipped vulnerabilities for Windows 11 21H2.$$$$$$#5941$$$$$$The installer now updates the merged.mg file permissions on upgrade.$$$$$$#19993$$$$$$Fixed an insecure request warning in the Shuffle integration.$$$$$$#19888$$$$$$Fixed a bug that corrupted cluster logs when rotated.$$$$$$#20580$$$$$$Fixed a bug causing the Canonical feed parser to fail in Vulnerability Detector.$$$$$$Agent$$$Reference$$$$$$Description$$$$$$#20332$$$$$$Fixed a bug that prevented the local IP address from appearing in the port inventory from macOS agents.$$$$$$#20180$$$$$$Fixed the default Logcollector settings on macOS to collect logs out-of-the-box.$$$$$$#20169$$$$$$Fixed a bug in the FIM decoder at wazuh-analysisd that ignored Windows Registry events from agents earlier than 4.6.0.$$$$$$#20250$$$$$$Fixed multiple bugs in the Syscollector decoder at wazuh-analysisd that did not sanitize the input data properly.$$$$$$#20284$$$$$$Added the pyarrow_hotfix dependency to fix the pyarrow CVE-2023-47248 vulnerability in the AWS integration.$$$$$$#20598$$$$$$Fixed a bug that allowed two simultaneous updates to occur through WPK.$$$$$$RESTful API$$$Reference$$$$$$Description$$$$$$#18423$$$$$$Fixed inconsistencies in the behavior of the q parameter of some endpoints.$$$$$$#18495$$$$$$Fixed a bug in the q parameter of the GET /groups/{group_id}/agents endpoint.$$$$$$#19533$$$$$$Fixed bug in the regular expression used to reject non ASCII characters in some endpoints.$$$$$$Wazuh dashboard$$$Reference$$$$$$Description$$$$$$#6076$$$$$$Fixed problem when using non latin characters in the username.$$$$$$#6104$$$$$$Fixed UI crash on retrieving log collection configuration for macos agent.$$$$$$#6105$$$$$$Fixed incorrect validation of the agent name on the Deploy new agent window.$$$$$$#6184$$$$$$Fixed missing columns in the agent table of Groups.$$$$$$Packages$$$Reference$$$$$$Description$$$$$$#2561$$$$$$Fixed network.host fetching in Password tool. A commented line like #network.host: XXX.XXX.XXX.XXX is now ignored.$$$$$$#2493$$$$$$Fixed issue where Intel64 macos packages failed to install on ARM-based machines.$$$$$$#2611$$$$$$Fixed file permissions issue in merged.mg files when updating a manager using packages update.$$$$$$Changelogs$$$More details about these changes are provided in the changelog of each component:$$$$$$wazuh/wazuh$$$$$$wazuh/wazuh-dashboa

Whats new$$$This release includes new features or enhancements as the following:$$$$$$Agent$$$#20616 Improved WPK upgrade scripts to ensure safe execution and backup generation.$$$$$$Other$$$#20149 Upgraded external certifi library dependency version to 2023.07.22.$$$$$$#20149 Upgraded external requests library dependency version to 2.31.0.$$$$$$#18800 Upgraded embedded Python version to 3.9.18.$$$$$$Packages$$$#2559 Updated Wazuh assistant help text for offline download option.$$$$$$#2627 Updated error message for CentOS GPG key import failure.$$$$$$#2624 Added macOS 14 Sonoma SCA files.$$$$$$Resolved issues$$$This release resolves known issues as the following:$$$$$$Manager$$$Reference$$$$$$Description$$$$$$#20178$$$$$$Fixed a thread lock bug that slowed down wazuh-db performance.$$$$$$#20386$$$$$$Fixed a bug in Vulnerability detector that skipped vulnerabilities for Windows 11 21H2.$$$$$$#5941$$$$$$The installer now updates the merged.mg file permissions on upgrade.$$$$$$#19993$$$$$$Fixed an insecure request warning in the Shuffle integration.$$$$$$#19888$$$$$$Fixed a bug that corrupted cluster logs when rotated.$$$$$$#20580$$$$$$Fixed a bug causing the Canonical feed parser to fail in Vulnerability Detector.$$$$$$Agent$$$Reference$$$$$$Description$$$$$$#20332$$$$$$Fixed a bug that prevented the local IP address from appearing in the port inventory from macOS agents.$$$$$$#20180$$$$$$Fixed the default Logcollector settings on macOS to collect logs out-of-the-box.$$$$$$#20169$$$$$$Fixed a bug in the FIM decoder at wazuh-analysisd that ignored Windows Registry events from agents earlier than 4.6.0.$$$$$$#20250$$$$$$Fixed multiple bugs in the Syscollector decoder at wazuh-analysisd that did not sanitize the input data properly.$$$$$$#20284$$$$$$Added the pyarrow_hotfix dependency to fix the pyarrow CVE-2023-47248 vulnerability in the AWS integration.$$$$$$#20598$$$$$$Fixed a bug that allowed two simultaneous updates to occur through WPK.$$$$$$RESTful API$$$Reference$$$$$$Description$$$$$$#18423$$$$$$Fixed inconsistencies in the behavior of the q parameter of some endpoints.$$$$$$#18495$$$$$$Fixed a bug in the q parameter of the GET /groups/{group_id}/agents endpoint.$$$$$$#19533$$$$$$Fixed bug in the regular expression used to reject non ASCII characters in some endpoints.$$$$$$Wazuh dashboard$$$Reference$$$$$$Description$$$$$$#6076$$$$$$Fixed problem when using non latin characters in the username.$$$$$$#6104$$$$$$Fixed UI crash on retrieving log collection configuration for macos agent.$$$$$$#6105$$$$$$Fixed incorrect validation of the agent name on the Deploy new agent window.$$$$$$#6184$$$$$$Fixed missing columns in the agent table of Groups.$$$$$$Packages$$$Reference$$$$$$Description$$$$$$#2561$$$$$$Fixed network.host fetching in Password tool. A commented line like #network.host: XXX.XXX.XXX.XXX is now ignored.$$$$$$#2493$$$$$$Fixed issue where Intel64 macos packages failed to install on ARM-based machines.$$$$$$#2611$$$$$$Fixed file permissions issue in merged.mg files when updating a manager using packages update.$$$$$$Changelogs$$$More details about these changes are provided in the changelog of each component:$$$$$$wazuh/wazuh$$$$$$wazuh/wazuh-dashboa

Agent$$$#17951 Added support for Custom AWS Logs in Buckets via AWS SQS. This enhancement improves visibility and troubleshooting in AWS environments.$$$$$$#15582 Added geolocation for aws.data.client_ip field. The new GeoIP feature enables tracking of geographical locations of AWS ALB client IP addresses. This addition enhances visibility into network traffic and security monitoring. Acknowledgements to Arran Rhodes @rh0dy.$$$$$$#15699 Added package inventory support for Alpine Linux in Syscollector.$$$$$$#16117 Added package inventory support for MacPorts package manager in Syscollector. This enhancement improves compatibility with macOS.$$$$$$#17982 Added package inventory support for Python PYPI and Node.js in Syscollector.$$$$$$#15000 Added process information to the open ports inventory in Syscollector. This addition enhances ports inventory capabilities for better management and tracking on Linux systems.$$$$$$#17966 The shared modules code has been sanitized according to the convention.$$$$$$#18006 The package inventory internal messages have been modified to honor the schema compliance.$$$$$$#20360 Added clarification to the agent connection log. The agent must connect to a manager of the same or higher version.

Refer the below link:$$$https://documentation.wazuh.com/current/release-notes/release-4-5-3.html

Refer the below link:$$$https://documentation.wazuh.com/current/release-notes/release-4-5-3.html

Refer the below link:$$$https://documentation.wazuh.com/current/release-notes/release-4-5-3.html