Bitdefender Endpoint Security Tools for Linux
This section contains the release notes for Bitdefender Endpoint Security Tools (BEST) for Linux. For the BEST for Linux user's guide, go to this section.
Version 7.0.3.2193
Release date:
Fast ring: 2023.05.15
Slow ring: 2023.05.17
Resolved issues
BEST updates no longer refresh update repositories on SLES operating systems.
Fixed an issue causing BEST to mount NFS shares as a result of on-demand scans.
Updating BEST no longer restores NAD module script execution rights to default.
Improvements
On-demand scans that run with low priority now only use half of available endpoint resources.
Version 7.0.3.2177
Release date:
Fast ring: 2023.04.11
Slow ring: 2023.04.19
Improvements
BEST for Linux is now compatible with the PopOS and Amazon Linux 2023 distributions.
KProbes now support security content update rings.
You can now use On-Access scanning for files in the root (
/
) directory on containers protected by BEST.The Support Tool now gathers additional logs.
You can now use the Support Tool with Bitdefender Security for Containers.
Added support for upcoming features available with the next major GravityZone release.
Security containers are now deployed in a dedicated namespace on Kubernetes:
bitdefender-security-container
.Security containers now use a dedicated Kubernetes service account:
bitdefender-security-container
.
Removed features
All RHEL and RHEL derivatives (for example, CentOS and Oracle) prior 6.10 are no longer supported.
Limitations
Deploying Security Containers on OpenShift 4.12 and later environments using the Helm package manager is currently unsupported.
Resolved issues
Fixed multiple compatibility issues between BEST for Linux and NFS mounts.
Fixed an issue that was causing BEST for Linux to fail sending data to incident servers.
Security and stability fixes.
Version 7.0.3.2120
Release date:
Fast ring: 2023.01.31
Slow ring: 2023.02.07
Resolved issues
Endpoints with the Network Attack Defense module deployed are no longer experiencing connectivity issues.
Reconfigure client tasks configured with the Match List option no longer fail when the endpoints are communicating through a Relay.
Fixed an issue causing the Antimalware module to sometimes crash when performing On-access scan tasks.
Deploying BEST for Linux on endpoints not using the default package manager of their operating system no longer fails.
Version 7.0.3.2115
Release date:
Fast ring: 2022.12.12
Slow ring: 2022.12.15
New features
Outbound monitoring is now available for Network Attack Defense on Linux endpoints.
Improvements
Added support for Oracle Linux 8 and Oracle Linux 9 5.15 kernel versions.
DNF is now the first choice package manager for YUM based operating systems when installing and updating BEST for Linux.
Resolved issues
Reconfigure Client tasks with Match List option selected now properly execute for endpoints with a Linux Relay set as an update location. The tasks used to fail, returning a
no suitable update server found
error.The EDR module no longer causes increased CPU usage when enabled.
Fixed an issue causing endpoints with BEST for Linux installed not to appear in the Active Directory tree.
Version 7.0.3.2106
Release date:
Fast ring: 2022.11.21
Slow ring: 2022.11.21
Improvements
Security fixes
Version 7.0.3.2104
Release date:
Fast ring: 2022.11.16
Slow ring: 2022.11.17
Improvements
Added support for upcoming features available with the next major GravityZone release.
KProbes are now available for Linux kernel 6.0.
Security fixes.
Version 7.0.3.2085
Release date:
Fast ring: 2022.10.13
Slow ring: 2022.10.17
Improvements
On demand scans are now available for autofs network shares.
Network Attack Defense now runs as a separate process. This will considerably improve stability.
The process exclusions from your GravityZone policies now apply to EDR events from endpoints with BEST for Linux installed.
You can now define assignment rules based on endpoint hostname.
Live Search now returns a limited amount of information to GravityZone from endpoints with BEST for Linux deployed. The total number of rows generated by the search is included in the response.
Resolved issues
Fixed an issue causing Container Protection to only scan the first two levels of a file path.
Product updates on SLES 12.5 are no longer failing due to zypper license agreement.
Product updates now properly ignore global
apt
proxy settings.
Version 7.0.3.2061
Release date:
Fast ring: 2022.09.12
Slow ring: 2022.09.19
Improvements
Added support for additional Fedora kernels. Learn more
Resolved issues
Security fixes
Version 7.0.3.2050
Release date:
Fast ring: 2022.08.16
Slow ring: 2022.08.16
Resolved issues
The files used by BEST for Linux when EDR is enabled through AuditD now revert to default when no longer needed. This occurs when EDR is disabled or when kprobes are used instead of AuditD.
Version 7.0.3.2038
Release date:
Fast ring: 2022.08.03
Slow ring: 2022.08.03
Resolved issues
Fixed an issue causing security updates to fail and increase CPU usage in certain situations.
Version 7.0.3.2034
Release date:
Fast ring: 2022:08.01
Slow ring: 2022:08.02
Important
This update includes all improvements and fixes from version 7.0.3.2030 released on fast ring.
Resolved issues
Security fixes
Version 7.0.3.2030
Release date:
Fast ring: 2022.07.28
Slow ring:
New features
The Network Attack Defense module is now available for Linux. Learn more
EDR Custom rules are now applicable to endpoints with BEST for Linux v7.
Improvements
BEST for Linux v7 is now compatible with the following distributions:
CBL-Mariner 2
Ubuntu 22.04
Red Hat Enterprise Linux 9
AlmaLinux 9
Fedora 36
Added support for the Amazon Linux 2 5.10.x and 5.15.x kernel versions.
Antimalware engines are no longer loaded when on-access scanning is disabled. This feature does not apply to endpoints where the Container Protection module is installed.
Resolved issues
The Security Telemetry feature now properly displays the connection status to the telemetry servers.
BEST for Linux no longer causes high CPU usage when EDR is enabled.
Fixed issue causing servers with BEST for Linux to freeze. This was caused by resetting the firewall while using central scan with a hybrid fallback.
Using BEST for Linux with AuditD on systems running on Red Hat Enterprise Linux Server 6.7 no longer causes high resource usage.
Closing BEST for Linux v7 now properly terminates the active instance of the program.
Fixed issue causing BEST for Linux v7 to gradually increase RAM usage over time.
Known issues
Starting or stopping Network Attack Defense will reset all active connection done through ports 21 and 22.
Version 7.0.3.2004
Release date:
Fast ring: 2022.05.12
Slow ring: 2022.05.12
Resolved issues
On-Demand scanning tasks with low priority no longer cause high CPU usage.
Assignment rules based on location now properly apply policies to the target IP addresses.
Quarantined items are now automatically removed as per the policy configuration.
Version 7.0.3.1999
Release date:
Fast ring: 2022.05.09
Slow ring: 2022.05.10
Improvements
The Send feedback regarding security agents’ health and Use Bitdefender Global Protective Network to enhance protection policy options now also apply to endpoints with BEST for Linux deployed. You can find the options under General > Settings > Options when editing a policy.
EDR Custom Rules are now applicable on endpoints where BEST for Linux is deployed.
Resolved issues
Installing BEST for Linux v7 on an endpoint no longer overwrites the locally configured OSQuery service.
Deploying BEST for Linux on an Amazon Linux Docker environment no longer causes an increased resource usage.
Fixed an issue that was affecting the communication between BEST for Linux and GravityZone due to an improper integration with Active Directory.
Deploying BEST for Linux on an Red Hat Enterprise environment no longer causes increase CPU usage.
Version 7.0.3.1986
Release date:
Fast ring: 2022.04.04
Slow ring: 2022.04.06
Important
This update includes all improvements and fixes from versions 7.0.3.1982 and 7.0.3.1984 released on fast ring.
Resolved issues
Resolved a critical issue occurred after the last product update.
Version 7.0.3.1984
Release date:
Fast ring: 2022.03.31
Slow ring: -
Resolved issues
Fixed a configuration problem for BEST Relay.
Version 7.0.3.1982
Release date:
Fast ring: 2022.03.31
Slow ring: -
New features
Patch Management now supports Smart Scan on Linux.
Added support for Investigation packages for both BEST for Linux v7 and SDK.
Improvements
BEST for Linux is now compatible with Linux Mint and Miracle Linux.
Deploying or updating BEST for Linux with EDR using Linux AuditD now automatically updates configuration files.
Added support for the Shut down computer when scan is finished option scan option.
Memory usage has been optimized when using system's AuditD.
EDR events generation has been optimized.
Added detection for the exploitation of the CVE-2022-0847 vulnerability.
Information on errors related to Patch Management is now available here.
Improved product description in Docker Hub.
Resolved issues
BEST for Linux now detects Linux AD integrations.
Attempting to enable SSL on certain server types no longer causes an indefinite retry loop. This would also cause log files to be flooded with error messages.
Fixed issue causing high CPU usage on systems with BEST for Linux using AuditD.
Java applications no longer slow down after installing BEST for Linux on endpoints running on the RHEL 7 and RHEL 8 operating systems.
Using a script to write files in a high number simultaneously no longer causes high CPU utilization.
Resolved issue causing high CPU utilization when using EDR.
Custom Scan tasks no longer scan shared file paths when the Scan network share option is not selected.
Fixed issue causing On-Access scans to miss threats during performance tests.
CIFS and NFS protocols are no longer restricted for systems that use the Fanotify notification system.
Fixed issue causing On-Demand scan task reports to fail to register in logs.
On-Demand scan logs from endpoints with BEST for Linux v7 now appear properly in Control Center.
Known issues
On-Access scanning does not detect threats in network paths mounted using Amazon EFS.
Version 7.0.3.1956
Release date:
Fast ring: 2022.03.10
Slow ring: 2022.03.10
Improvements
Reduced memory consumption in certain scenarios where EDR is active.
Version 7.0.3.1948
Release date:
Fast ring: 2022.02.17
Slow ring: 2022.02.21
Improvements
Optimized the error logging and update mechanisms.
Version 7.0.3.1942
Release date:
Fast ring: 2022.02.07
Slow ring: 2022.02.07
Resolved issues
Fixed an issue causing slow product initialization.
Version 7.0.3.1941
Release date:
Fast ring: 2022.02.03
Resolved issues
Linux machines integrated into Active Directory are now being properly detected and appear under the GravityZone console.
Applying policies no longer generates unnecessary EDR related events causing high CPU usage. This was occurring due to EDR events remaining active while the EDR Sensor was disabled and Advanced Anti-Exploit remained enabled.
The
bdsecd
process used for debug logging no longer causes high CPU usage
Version 7.0.3.1927
Release date: 2021.12.24
Resolved issues
All events are now being sent to Splunk servers.
Known issues
Event submissions to Splunk servers currently fail without a fully signed SSL certificate.
Version 7.0.3.1922
Release date: 2021.12.16
New features
Patch Management is now available for BEST for Linux. You can find a list of compatible operating systems here.
Improvements
You can now schedule recurring product and security content updates to run on endpoints. You can set the task to run on a specific day of the week or after a certain time has passed since the last occurrence.
A notification is now sent when a system restart is required. You can choose to immediately restart or postpone the process.
You can now enable an automatic shutdown or system restart based on specific scenarios such as product update or disinfection.
The Restart machine task is now available for Linux endpoints.
Antimalware events history is now available locally.
Resolved issues
Updating BEST for Linux now properly deletes all previous installation packages present on the endpoint.
Resolved multiple issues causing the security agent to crash or freeze.
All scan tasks ran through the Bitdefender User Interface Tool (
bduitool
) now receive unique IDs.
Version 7.0.3.1903
Release date: 2021.12.01
Improvements
Product update mechanism via our agent installer has been enhanced.
Version 7.0.3.1899
Release date:
Fast ring: 2021.11.23
Slow ring: 2021.11.25
Improvements
Product
You can now apply policies based on location assignment rules.
BEST for Linux v7 is now compatible with the following Linux distributions:
Rocky Linux 8.x
Pardus 21.0x
Alma Linux 8.x
Ubuntu 21.04 & 21.10
Cloud Linux OS
BEST for Linux v7 is now compatible with 32-bit operating systems on the following distributions:
CentOS 6
CentOS 7
CentOS 10
Debian 11
Debian 9
Red Hat Enterprise Linux 6
Ubuntu 14
Ubuntu 16
BEST for Linux v7 now supports DazukoFS for kernel versions 2.6.32.
Note
As a result of these improvements, feature parity between versions 6 and 7 has been achieved.
Resolved issues
Product
BEST for Linux v7 installer no longer incorrectly reports that there is not enough space on disk when the
/opt/bitdefender-security-tools
file exists.Starting an installation of BEST for Linux v7 on an endpoint with an older version of v7 installed no longer returns "The product is already installed".
Fixed the issue causing increased RAM usage on Ubuntu machines.
Product updates no longer fail when the Relay URL address has a slash (
/
) at the end.Running the
deliverall
command no longer archives thednf
folder on machines where BEST for Linux v7 has been updated from an older version.Product updates no longer fail on SUSE operating systems.
Updating BEST for Linux v6 to v7 now properly creates the
/usr/bin/bd symlink
file.
Support Tool
Troubleshooting Debug session tasks no longer remain in an In progress state.
Advanced Anti-Exploit
Alerts are no longer incorrectly triggered for
pkexec
andpolicykit
processes.
Version 7.0.3.1869
Release date: 2021.11.16
Resolved issues
Product
Security fixes
Version 7.0.3.1868
Release date: 2021.11.03
Resolved issues
Product
Background periodic clean-up of temporary support files no longer causes Bitdefender systems to crash.
Version 7.0.3.1862
Release date: 2021.10.28
Resolved issues
Product
Security content updates no longer cause scan servers to reload.
Repeated deployments via Relay on the same endpoint no longer apply the same BEST version. This would occur regardless of the specified deployment settings.
Resolved an issue causing the Quarantine module to fail clearing file descriptors during scans, resulting in higher resource usage.
Improvements
On-Access
Files previously confirmed as clean and unmodified are no longer scanned when accessed.
Version 7.0.3.1850
Release date:
Fast ring: 2021.10.21
Slow ring: 2021.10.25
Improvements
Product
Support Tool is now available for BEST for Linux v7.
Container Protection
On-Access protection is now available for Security Container Hosts.
Container Protection is now compatible with OpenShift CRI-O Container Engine.
Resolved issues
Product
Installing BEST for Linux on an VM with an RPM-based OS after clearing the
yum
cache no longer fails when no internet access is available.
Known issues
Product
During scans, the Quarantine module does not clear file descriptors, resulting in higher resource usage.
Version 7.0.1.1774
Release date:
Fast ring: 2021.10.04
Slow ring: 2021.10.05
Resolved issues
Product
(
bduitool
) is now available for BEST for Linux v7.Bitdefender user no longer appears in GNOME GUI environments.
BEST for Linux v7 no longer takes ownership of certain APT files, making software updates to fail.
Known issues
On-demand
Changing the system time on an endpoint that has scheduled custom scans causes Bitdefender product to crash.
Version 7.0.1.1762
Release date: 2021.09.29
Resolved issues
Product
Kprobes is no longer failing to load after security content updates.
Fixed issue causing update tasks run on machines with BEST for Linux v7.0.1.1626 installed to fail despite the console showing the update as successful.
Version 7.0.1.1754
Release date: 2021.09.23
Improvements
Product
Logs folder location has been changed from
/tmp
to/opt/bitdefender-security-tools/var/tmp
.Network Isolation tasks now work on endpoints which have a proxy configured.
Support tool is now available for BEST for Linux v7. It is currently available only from the command line interface.
EDR
The performance of the incidents sensor has been increased by as much as 30% in certain scenarios.
Extended the EDR support to Amazon Bottlerocket.
Resolved issues
Product
Policies now correctly apply communication settings to endpoints that have been upgraded from BEST for Linux v6 to v7.
GravityZone now properly detecting new deployments of Patch Management.
Running a Reconfigure Client task now correctly checks available disk space before installing a Relay role. The installation will only begin if sufficient disk space is available.
Uninstalling BEST for Linux v7 from virtual machines no longer results in a crash in certain situations.
BEST for Linux v7 now properly updating on all SLES machines.
Running BEST for Linux installation packages downloaded from a custom host no longer fail.
BEST for Linux v7 now compatible with machines working with FIPS protocol.
Fixed issue causing policies not to apply correctly when done through a Relay.
Security fixes.
Advanced Anti-Exploit
Custom scan exclusions now properly loading.
On-Access scans no longer scan removed scan paths specified in your policy settings.
Added exceptions for alerts related to package managers (apt, yum, dnf).
Techniques are now properly displayed for corresponding generated events.
Container Protection
Container logs now properly record Security Container updates.
Restoring a quarantined file to a container now correctly places the file back on the container instead of the host VM.
Security Containers now work properly with Bottlerocket OS.
Version 7.0.1.1725
Release date: 2021.09.09
Resolved issues
Antimalware
Security content updates no longer cause On-Demand scans to return no results.
Version 7.0.1.1713
Release date: 2021.09.07
Improvements
Network Isolation for EDR is now available.
Resolved issues
Product
Upgrading BEST for Linux from v6 to v7 no longer causes issue where both BEST versions run on the same endpoint.
Upgrading BEST for Linux from v6 to v7 no longer causes On-Demand scans to return no results.
Relay role
The Relay role is now supported again.
Known issues
Network Isolation disconnects endpoints from the network, causing a loss of connectivity with GravityZone. This issue only occurs for endpoints that use policies with proxy configurations.
Note
To change the proxy settings, go to the General > Communication policy section and choose another option for Communications between Endpoints and Relays / GravityZone.
Version 7.0.1.1626
Release date: 2021.08.12
Resolved issues
Product
Policies applied to Security Containers now function independently of policies applied to the host.
Enabling On-Access on policies that have already been applied no longer fails to activate the service.
HTTPS protocol updates no longer fail on certain operating systems.
Running an Update client task for both product and security content no longer fails to perform the security content update.
Scan reports now show the correct number of scanned files.
Version 7.0.1.1582
Release date: 2021.08.12
Improvements
Container Protection
Podman inventory support now available.
Resolved issues
Product
Update tasks now show correct status after failing.
Using On-Access scanning on a Ubuntu container no longer causes Bitdefender services to sometimes crash.
Issues no longer appear when trying to remove malware from certain archives.
Container Protection
Container runtime now registers properly in all environments.
When applying policies to containers, configured actions now apply correctly when malware is detected, including on older kernel versions.
Kprobes no longer being reloaded when no new updates are available.
Version 7.0.1.1556
Release date: 2021.08.06
Resolved issues
Product
Product updates no longer failing when no update locations are added to the policy you are using.
Version 7.0.1.1551
Release date: 2021.08.05
Resolved issues
Product
Product now correctly showing status for disabled modules.
Performing a scan task during a security content update no longer causes Bitdefender services to sometimes crash.
Using a proxy server no longer prevents EDR incidents from being generated.
Version 7.0.1.1520
Release date: 2021.07.29
BEST for Linux v7 is now available with a new set of features and benefits, including:
Features
Container Protection – protects both the container host and its running containers.
A new anti-exploit module.
Benefits and improvements
A new architecture, created using Kprobes instead of kernel modules, which eliminates the common delays or the need to sacrifice security when upgrading.
Greatly expanded platform compatibility to all Enterprise Linux distributions and cloud native Linux distributions.
Known issues
Policy per location not supported.
Bduitool
not supported.Relay role not supported.
Remote troubleshooting not supported.
Has issues status not being removed properly from endpoints once the issue has been resolved.
SELinux not supported.
EDR Isolate action not supported.
Shut down computer when scan is finished option not functioning properly after scan is performed. Endpoints are not being shut down.
Restart computer task with Restart now option enabled not functioning properly. Virtual machines and computers are not being restarted.
Files in mounted network directories not being scanned through On-Access scanning.
Machines with 32-bit OS not supported.
Delay in security content update status change after security update.
On-Access scanning ignoring file size limitation. All file sizes are scanned.
Version 6.2.21.212
Release date:
Fast ring: 2022.04.12
Slow ring: 2022.04.12
Improvements
Added support for the automatic migration to version 7.
Version 6.2.21.173
Release date:
Fast ring: 2022.01.17
Slow ring: 2022.01.19
Resolved issues
EDR events are now properly received from endpoints communicating through a Relay.
Version 6.2.21.171
Release date: 2021.11.16
Resolved issues
Product
Security fixes
Version 6.2.21.170
Release date: 2021.09.28
Improvements
Prior to each deployment of BEST for Linux v6, endpoints will be checked by the system. If BEST for Linux v7 is already installed, the deployment will not be initiated.
Resolved issues
Security fixes.
Version 6.2.21.169
Release date: 2021.08.18
Resolved issues
Product
Endpoints with BEST for Linux v7 now properly update on SUSE systems when using BEST for Linux v6 Update Servers.
Security Server instances now publishing accordingly on Update Servers that use BEST for Linux v6.
Version 6.2.21.167
Release date:
Fast ring: 2021.07.21
Slow ring: 2021.07.22
New features and improvements
Changes were made to Update Server in preparation for BEST for Linux v7 launch.
Note
No restart is required.
Version 6.2.21.165
Release date:
Fast ring: 2021.07.01
Slow ring: 2021.07.05
New features and improvements
Endpoint Detection and Response (EDR)
Extended the supported kernels list for the EDR module. For more information, refer to the Endpoint Detection and Response (EDR) and supported Linux kernels section.
Version 6.2.21.160
Release date:
Fast Ring: 2021.06.03
Slow Ring: 2021.06.07
New features and improvements
Endpoint Detection and Response (EDR)
Extended the supported kernels list for the EDR module. The new kernel versions are available here.
Resolved issues
Endpoint Detection and Response (EDR)
The EDR module caused intermittent reboots and crashes on endpoints that use the DazukoFS module.
Product
Security fixes.
Version 6.2.21.155
Release date:
Fast Ring: 2021.05.17
Slow Ring: 2021.05.19
Resolved issues
Product
The security agent led to system crashes on Red Hat Enterprise Linux after the update to version 8.3.
Security fixes.
Version 6.2.21.141
Release date:
Fast Ring: 2021.04.15
Slow Ring: 2021.04.19
New features and improvements
Relay
Added support for the newest update locations necessary for the Security Server update process.
Version 6.2.21.137
Release date:
Fast Ring: 2021.03.04
Slow Ring: 2021.03.08
Note
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools versions 6.2.21.135 and 6.2.21.136, released on fast ring.
New features and improvements
Endpoint Detection and Response (EDR)
Extended the supported kernels list for the EDR module. For more information, refer to the Endpoint Detection and Response (EDR) and supported Linux kernels section.
Resolved issues
Product
Fixed multiple crashes that affected systems with product version 6.2.21.135, released on fast ring.
The remote deployment of the security agent failed due to permission issues when non-root credentials were used.
Endpoint Detection and Response (EDR)
The EDR module caused system crashes when the
kubectl
command was used.
Version 6.2.21.136
Release date:
Fast Ring: 2021.02.26
Slow Ring: -
Resolved issues
Product
Fixed multiple crashes that affected systems with product version 6.2.21.135, released on fast ring.
Version 6.2.21.135
Release date:
Fast Ring: 2021.02.25
Slow Ring: -
Resolved issues
Product
The remote deployment of the security agent failed due to permission issues when non-root credentials were used.
Endpoint Detection and Response (EDR)
The EDR module caused system crashes when the
kubectl
command was used.
Version 6.2.21.133
Release date:
Fast Ring: 2021.02.03
Slow Ring: 2021.02.08
New features and improvements
Bduitool
Improved the
bduitool
scan options as follows:The command
bduitool get scantask
now returns a task identifier for each task in the list. The tasks in progress are listed first.Every listed timestamp is now followed by the time zone.
These improvements do not impact the current system requirements.
For more information, refer to the Bitdefender Endpoint Security Tools for Linux User's Guide section.
Resolved issues
Product
The product led to system crashes after updating to Red Hat Enterprise Linux 8.3.
A corrupted system configuration file (
/etc/fstab
) prevented successful reboots on Red Hat Enterprise Linux 5 and 6.The Bitdefender Crash Handler mechanism caused multiple applications to hang leading the system into an unresponsive state.
Oracle Linux Server systems with the security agent installed reported errors when elevated commands were run.
Version 6.2.21.125
Release date:
Fast Ring: 2020.12.15
Slow Ring: 2020.12.17
New features and improvements
General
Added improvements for product crash scenarios.
Antimalware
Added improvements for better resource consumption.
Resolved issues
Installation
The security agent failed to install on a Red Hat Enterprise 6.5 Korean system.
Antimalware
The Antimalware module appeared as disabled in the local interface when the mount point used NFSv4.
The product caused system crashes on Red Hat Enterprise 8.3.
Endpoint Detection and Response (EDR)
The security agent consumed a large amount of memory triggering Linux Out Of Memory Killer on some Ubuntu systems.
Version 6.2.21.108
Release date:
Fast Ring: 2020.11.17
Slow Ring: 2020.11.17
New features and improvements
General
Added support for the latest Red Hat Compatible Kernels (RHCK) versions of Oracle Linux 7.
Version 6.2.21.106
Release date:
Fast Ring: 2020.11.09
Slow Ring: 2020.11.11
New features and improvements
General
Added support for upcoming features available with the next GravityZone release.
Antimalware
Improved the Bitdefender User Interface Tool (bduitool
) as follows:
A task ID is provided when an On-Demand scan task is initiated. Using this unique identifier you can easily manage tasks and find the necessary information.
The users can now query the status of previous and current On-Demand scan tasks using a task ID. The result consists of an individual summary for each scan task. The summary includes details like scan type, scanned items, a path to the full report, and others.
On-Demand scan tasks initiated via
bduitool
now support wildcards that expand the full directory path.
Version 6.2.21.103
Release date:
Fast Ring: 2020.09.30
Slow Ring: 2020.10.05
New features and improvements
Relay
Added support to display the latest security content in the Repository details tab, in GravityZone console.
Endpoint Detection and Response (EDR)
Extended the EDR supported kernels list with version 2.6.32.
Quarantine
Minor improvements related to backing up quarantined files.
Resolved issues
Antimalware
In some cases, start time for On-Demand scheduled scan tasks was set to UTC regardless of the local time zone.
The product failed to apply the option Copy files to quarantine before applying the disinfect action enabled in the GravityZone console.
Endpoint Detection and Response (EDR)
The product returned operating system and EDR commands without logging feature enabled.
The EDR module caused high latencies on Linux systems such as CentOS 7.6.
Patch Management
In certain conditions, the Patch Management module failed to download patches properly.
General
Changing standard umask settings to comply with custom security guidelines caused incorrect product installation.
Version 6.2.21.97
Release date:
Fast Ring: 2020.09.10
Slow Ring: 2020.09.10
Resolved issues
Relay
Addressed a vulnerability discovered recently.
Version 6.2.21.94
Release date:
Fast Ring: 2020.08.24
Slow Ring: 2020.08.24
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 6.2.21.92, released on fast ring.
Resolved issues
General
The security agent caused disk space usage on Linux systems.
Antimalware
The endpoint reported infected files as blocked when the scan action was set to Take no action.
In some cases, suspicious or infected files were reported as deleted instead of unresolved in the Malware Status report.
Version 6.2.21.92
Release date:
Fast Ring: 2020.08.20
Slow Ring: 2020.08.24
Resolved issues
General
The security agent caused disk space usage on Linux systems.
Antimalware
The endpoint reported infected files as blocked when the scan action was set to Take no action.
In some cases, suspicious or infected files were reported as deleted instead of unresolved in the Malware Status report.
Version 6.2.21.88
Release date:
Fast ring: 2020.08.12
Slow ring: 2020.08.12
Resolved issues
Antimalware
The product monitoring mechanism failed to use the Full Scan settings to determine the infection status of the endpoint.
Stopping the Bitdefender services while the product was checking the status of an existing infection caused the loss of some files from the monitoring mechanism.
Known issues
Antimalware
The On-Access and On-Demand features may report the same files with different names when HyperDetect is set to Aggressive or when the option Extend reporting on higher levels is selected. This issue causes the Malware Status report to display the files as deleted instead of unresolved.
Version 6.2.21.87
Release date:
Fast Ring: 2020.07.28
Slow Ring: 2020.07.29
Resolved issues
General
The product caused critical errors (Kernel Panic) on CentOS 7 systems.
Version 6.2.21.84
Release date:
Fast Ring: 2020.07.08
Slow Ring: 2020.07.09
New features and improvements
General
Incidents based on the Antimalware On-demand scans are now generated and displayed in the GravityZone Control Center.
Version 6.2.21.79
Release date:
Fast Ring: 2020.07.01
Slow Ring: 2020.07.01
Resolved issues
General
The security agent caused crashes on CentOS 6.10 systems, after updating to version 6.2.21.76.
Version 6.2.21.76
Release date:
Fast Ring: 2020.06.29
Slow Ring: 2020.06.30
New features and improvements
General
Added support for upcoming features available with the next GravityZone release.
Resolved issues
General
The endpoint submitted multiple events to GravityZone Control Center, which led to high memory consumption.
Bitdefender Redline service caused high memory usage on CentOS systems.
Version 6.2.21.74
Release date:
Fast Ring: 2020.06.25
Slow Ring: 2020.06.30
New features and improvements
General
Added support for upcoming features available with the next GravityZone release.
EDR
Improved the EDR incidents detections.
Extended the supported kernels list for the EDR module.
Resolved issues
General
The endpoint submitted multiple events to GravityZone console, which led to high memory consumption.
Bitdefender Redline service caused high memory usage on CentOS systems.
Version 6.2.21.67
Release date:
Fast Ring: 2020.06.08
Slow Ring: 2020.06.08
Resolved issues
The security agent failed to detect certain machines joined to Amazon Web Services (AWS) which prevented GravityZone from licensing them.
Version 6.2.21.66
Release date:
Fast ring: 2020.04.23
Slow ring: 2020.04.23
Resolved issues
The product caused deadlocks on CentOS 7 servers in environments with high volume ICMP events.
Version 6.2.21.64
Release date:
Fast ring: 2020.04.16
Slow ring: 2020.04.16
Resolved issues
The security content updates did not start automatically on endpoints with 6.2.21.63 product version.
Version 6.2.21.63
Release date:
Fast ring: 2020.04.06
Slow ring: 2020.04.08
New features and improvements
Added support for generating incidents on Elite licensed endpoints.
Introduced Bitdefender Update Daemon (
bdupdated
) as a new update service. The previous service (bdlived
) has been removed.Added support for process kill action on incidents generated by Incidents Sensor.
Improved the scanning mechanism with new built-in Antimalware On-Access and On-Demand exclusions.
Added support for moving endpoints between companies in GravityZone Control Center.
Improved the On-Demand scheduler.
Added support for EDR with a new range of Linux kernel versions, available with the following operating systems:
CentOS 6
CentOS 7
CentOS 8
Oracle Linux 6
Oracle Linux 7
Ubuntu 14.04
Ubuntu 16.04
Ubuntu 18.04
For the list of supported kernel versions, refer to the Endpoint protection section.
New installations and product updates now require minimum free disk space as follows:
Scanning type
AV only
Full options
Local scanning
1600 MB
1600 MB
Hybrid scanning
1100 MB
1100 MB
Centralized scanning
600 MB
600 MB
Local scanning + centralized scanning
1600 MB
1600 MB
Hybrid scanning + centralized scanning
1100 MB
1100 MB
Resolved issues
The
bduitool
crashed when used for custom scan on Red Hat Enterprise Linux Server.The On-Access module could not detect EICAR files located in an overlay partition, on Ubuntu 18.04.1 LTS.
Bitdefender Redline service triggered multiple cron failure notifications.
The Relay communication with endpoints failed with error
1004
.The endpoint updated through proxy even if it was not configured in the policy.
Version 6.2.21.53
Release date:
Fast ring: 2020.02.10
Slow ring: 2020.02.10
Caution
This version includes on slow ring all the improvements and fixes delivered with Bitdefender Endpoint Security Tools version 6.2.21.49, released on fast ring.
New features and improvements
Enhanced the scanning engines loading mechanism.
Resolved issues
The On-Access scanning module interfered with the software compilation process on Ubuntu 18.04, even when disabled.
Version 6.2.21.49
Release date:
Fast ring: 2020.01.20
Slow ring: -
Resolved issues
The On-Access scanning module interfered with the software compilation process on Ubuntu 18.04, even when disabled.
Version 6.2.21.46
Release date:
Fast ring: 2019.12.09
Slow ring: 2019.12.11
Resolved issues
The security agent interfered with the authselect application on certain Linux systems.
Fixed a product incompatibility that required SELinux to be disabled on Linux systems using Fanotify.
Version 6.2.21.42
Release date:
Fast ring: 2019.10.30
Slow ring: 2019.11.04
New features and improvements
Added support for configuring Antimalware exclusions in the GravityZone console by file hash or threat name.
Added support for configuring Antimalware Process exclusions in GravityZone console for the On-Access module.
Added support for wildcards when customizing Antimalware On-Access /On-Demand exclusions. Question mark (?) substitutes for one character, whereas asterisk (*) substitutes for any number of characters until the special character(/) is reached.
The product can now be installed at a configured custom path with the following restrictions:
All paths have to start with slash (/) – except
%PROGRAMFILES%
Paths starting with
/tmp
or/proc
are not acceptedPaths that contain a special character ($, !, *, ?, “, ‘, `, ‘\’, %) , including any type of parentheses are not accepted
The EDR Sensor is now improved to reflect the current status more accurately.
Resolved issues
Simultaneous contextual scans with
bduitool
resulted in only one local scanlog.Bitdefender Redline service triggered multiple cron failure notifications.
In certain situations, the On-Access module could not detect specific files on XFS partition.
The Contextual Scan archive limit size configured in the policy did not reflect on the endpoint.
Version 6.2.21.32
Release date:
Fast ring: 2019.07.25
Slow ring: 2019.07.25
Resolved issues
In a particular case, the On-demand scan tasks did not run when using
bduitool
.
Version 6.2.21.31
Release date:
Fast ring: 2019.07.03
Slow ring: 2019.07.03
Resolved issues
Addressed a particular scenario causing scanning service crashes.
Version 6.2.21.29
Release date:
Fast ring: 2019.06.26
Slow ring: 2019.06.27
Caution
This version includes on slow ring all the improvements and fixes delivered with Bitdefender Endpoint Security Tools versions 6.2.21.27 and 6.2.21.28 released on fast ring.
New features and improvements
Improved EDR Sensor now reports incidents and suspicious activity to GravityZone.
Resolved issues
The EDR module was not licensed when installed via a Reconfigure task.
In certain conditions, the product crashed on Debian 9 after updating the agent to version 6.2.21.27.
The
bduitool
command returned the exit code 0 for both successful and failed statuses. Now for failed operations the command returns error codes different than 0.In a particular case, Ubuntu 18.04 physical machine with the EDR module installed stopped.
High CPU usage occurred on Debian 9 Relay servers.
Known issues
When running
bduitool
get ps command on endpoints with EDR Sensor installed, the feature status is always "Installed", even if the module is disabled or the kernel version is unsupported.
Version 6.2.21.28
Release date:
Fast ring: 2019.06.25
Slow ring: -
Resolved issues
In certain conditions, the product crashed on Debian 9 after updating the agent to version 6.2.21.27.
Version 6.2.21.27
Release date:
Fast ring: 2019.06.24
Slow ring: -
New features and improvements
Improved EDR Sensor now reports incidents and suspicious activity to GravityZone.
Resolved issues
The
bduitool
command returned the exit code 0 for both successful and failed statuses. Now for failed operations the command returns error codes different than0
.
In a particular case, Ubuntu 18.04 physical machine with the EDR module installed stopped.
High CPU usage occurred on Debian 9 Relay servers.
Known issues
When running
bduitool
get ps
command on endpoints with EDR Sensor installed, the feature status is always "Installed", even if the module is disabled or the kernel version is unsupported.
Version 6.2.21.23
Release date:
Fast ring: 2019.05.02
Slow ring: 2019.05.02
Resolved issues
In a particular scenario, the Relay failed to download product kits, causing deployment issues.
Version 6.2.21.21
Release date:
Fast ring: 2019.04.22
Slow ring: 2019.04.22
Caution
This version includes on slow ring all the improvements and fixes delivered with Bitdefender Endpoint Security Tools for Windows Legacy version 6.2.21.18, released on fast ring.
New features and improvements
New EDR blocklist capability allows administrators to automatically prevent suspicious files from running based on hash.
Remote deployment now also works using
sudo
to elevate user with full permissions.
Resolved issues
In some situations, the product failed to report FQDN for EDR events.
In some situations, the endpoint crashed at boot time after installing the agent through DazukoFS.
Reconfigure Client task status remained In Progress in GravityZone console once completed on the endpoint.
High memory usage occurred during on-demand scanning on some Ubuntu 18.04 systems.
Bitdefender Redline connectivity errors are no longer logged to syslog.
Version 6.2.21.18
Release date:
Fast ring: 2019.04.09
Slow ring: -
New features and improvements
New EDR blocklist capability allows administrators to automatically prevent suspicious files from running based on hash.
Remote deployment now also works using
sudo
to elevate user with full permissions.
Resolved issues
In some situations, the endpoint crashed at boot time after installing the agent through DazukoFS.
Reconfigure Client task status remained In Progress in GravityZone console once completed.
High memory usage occurred during On-demand scanning on some Ubuntu 18.04 systems.
Bitdefender Redline connectivity errors are no longer logged to syslog.
Version 6.2.21.12
Release date:
Fast ring: 2019.02.14
Slow ring: 2019.02.18
New features and improvements
Streamlined EDR module installation and update process reducing network traffic.
New installations and product updates now require kernel version 2.6.32 or higher. Installing on older kernels will fail with error 12.
New installations and product updates now check for and require minimum free disk space (in addition to existing checks for Relay and Patch Caching Serverroles). Installing on systems with insufficient disk space will fail with error 74. The minimum requirements are as follows:
Scanning type
AV only
AV + EDR
Local scanning
1300 MB
1450 MB
Hybrid scanning
800 MB
950 MB
Centralized scanning
300 MB
450 MB
Local scanning + centralized scanning
1300 MB
1450 MB
Hybrid scanning + centralized scanning
800 MB
950 MB
Resolved issues
In some cases, the product blocked logical volumes (LV) mounts when using DazukoFS.
The product now detects AutoFS mount points to avoid mounting NFS file systems using DazukoFS.
In certain situations when using Remote Scan, On-demand scanning caused high memory consumption.
Other minor improvements and bug fixes.