Wazuh v4.14.5 released
By SecBurg
Wazuh is an open-source security platform that delivers combined XDR and SIEM functionality to safeguard endpoints and cloud workloads.
The newest version 4.14.5 is once again primarily a maintenance and bugfix update:
Wazuh v4.14.5 Latest
Manager
Fixed
Fixed DAPI callable resolution to restrict invocations to exposed resources only. (#34889)
Fixed uncontrolled memory allocation in cluster caused by crafted packet length. (#35173) (#35412)
Fixed rate limit bypass for the /events endpoint. (#35077)
Fixed buffer overflow in analysisd regex match processing. (#35106)
Fixed path traversal in authd via agent group name validation. (#35230)
Fixed size_t underflow in remoted ReadSecMSG causing potential heap overflow. (#35193)
Fixed RBAC bypass in DAPI allowing privilege escalation. (#35307)
Fixed analysisd plugin decoder argument alignment. (#35176)
Agent
Fixed
Fixed rootcheck false positive for /dev/.blkid.tab. (#34734)
Fixed ORDER_REVERSAL deadlocks in FIM. (#34735)
Fixed Roundcube decoder regex to prevent srcip truncation in "Failed login ... in session" logs. (#34793)
Fixed macOS Ventura SCA policy incorrectly passing pmset checks. (#34693)
Fixed Office365 integration pagination by trimming HTTP header values. (#34673)
Fixed FIM false positives caused by double readdir check. (#34880)
Fixed audit log cache overflow for events with many records in logcollector. (#35285)
Fixed daily marker for GuardDuty log collector. (#35110)
Fixed rootcheck not generating findings. (#35297)
Fixed heap buffer overflow in syscheck Registry Wildcard Expansion. (#35287)
Changed
Changed RHEL init script with SUSE variant on SLES 11. (#34563)
Changed service check from WMI to sc.exe. (#34543)
Changed windows syscollector to include command arguments. (#34727)
RESTful API
Fixed
Fixed allow_higher_versions validation in API upload_configuration. (#34905)
Fixed nested JSON depth limit in API request processing. (#35224)
Fixed upload size limit config mismatch. (#35141)
Ruleset
Fixed
Fixed bug in CIS SCA checks 35675 and 35689 for Ubuntu 24.04. (#35088)
Fixed Dovecot decoders to correctly extract rip and lip fields. (#35089)
Other
Changed
Updated dependencies cryptography to 46.0.5, Werkzeug to 3.1.6, pip to 26.0.1 and wheel to 0.46.3. (#34907)
Updated embedded Python to 3.10.20 and dependencies pyjwt, pyasn1. (#35135)
Updated dependencies cryptography, requests. (#35331)
Read the installation guide if you want to try it out.