Show posts by author:
Ole Herman Elgesem

CFEngine 3.18.7 and 3.21.4 released

We are pleased to announce two new patch releases for CFEngine, version 3.18.7 and 3.21.4! These patch releases contain bug fixes and dependency updates. Changes We’d like to highlight one specific change in behavior, which some users will want to adjust to; Change in behavior - New location for ignore_interfaces.rx Users who rely on the ignore_interfaces.rx file for ignoring certain network interfaces should be aware of its new preferred location. See the blog post on the topic for more details:

January 11, 2024

CFEngine 3.23 released - Anniversary

Today, we are pleased to announce the release of CFEngine 3.23.0! This is a non-LTS (non-supported) release, where we introduce new features for users to test and give feedback on, allowing us to polish before the next LTS. (CFEngine 3.24 LTS is scheduled to release summer 2024). The codename for this release is anniversary, as this year is CFEngine’s 30th anniversary. CFEngine was initially released in 1993, and to mark this special occasion we’ve created a limited edition anniversary coin:

December 6, 2023

CFEngine 3.18.6 and 3.21.3 released

We are pleased to announce two new patch releases for CFEngine, version 3.18.6 and 3.21.3! These patch releases contain bug fixes and dependency updates. Changelogs As always, you can see a full list of changes and improvements in our changelogs: 3.18.6 Changelog for CFEngine Community 3.18.6 Changelog for CFEngine Enterprise 3.18.6 Changelog for Masterfiles Policy Framework 3.21.3 Changelog for CFEngine Community 3.21.3 Changelog for CFEngine Enterprise 3.21.3 Changelog for Masterfiles Policy Framework Please note that the Enterprise changelogs contain only changes specific to enterprise.

October 6, 2023

CFEngine 3.22 released - Coordination

Today, we are pleased to announce the release of CFEngine 3.22.0! The focus of this new version has been coordination. This is a non-LTS (non-supported) release, where we introduce new features for users to test and give feedback on, allowing us to polish before the next LTS. (CFEngine 3.24 LTS is scheduled to release summer 2024). What’s new New host filters The host filter from inventory reports have been upgraded. You can now add rules based on classes, such as linux, windows, redhat, ubuntu, xen, policy_server, cfengine_3_21, ipv4_172_31, etc:

June 16, 2023

CFEngine 3.18.5 and 3.21.2 released

We are pleased to announce two new patch releases for CFEngine, version 3.18.5 and 3.21.2! These releases mainly contain bug fixes, but there is one UI improvement to highlight here; Adding columns in inventory reports This new window allows you to easily find the columns you want to add (among a large collection of inventory attributes), and also enables adding multiple columns and deleting columns at the same time. Changelogs As always, you can see a full list of changes and improvements in our changelogs:

June 9, 2023

CFEngine 3.18.4 and 3.21.1 released

We are pleased to announce two new patch releases for CFEngine, version 3.18.4 and 3.21.1! These releases only contain security fixes for our recently discovered vulnerability; CVE-2023-26560. Changelogs As always, you can see a full list of changes and improvements in our changelogs: 3.18.4 Changelog for CFEngine Community 3.18.4 Changelog for CFEngine Enterprise 3.18.4 Changelog for Masterfiles Policy Framework 3.21.1 Changelog for CFEngine Community 3.21.1 Changelog for CFEngine Enterprise 3.21.1 Changelog for Masterfiles Policy Framework Please note that the Enterprise changelogs contain only changes specific to enterprise.

April 24, 2023

CVE-2023-26560 - Unauthorized access to system files through scheduled reports

We are writing to inform you about a security issue that was discovered in CFEngine 3.6.0 and later versions. Our development team found the vulnerabiliy relating to inadequate access control / unauthorized access to system files. MITRE assigned the CVE identifier CVE-2023-26560. We have no indications that this vulnerability has been used or known outside of the CFEngine development team. Explanation The issue is that Mission Portal users can access certain files through scheduled reports, as these reports are run with elevated privileges, without additional checks to limit what can be queried.

April 24, 2023

Security holiday calendar - Part 2

Thank you for following along with our security themed holiday calendar. Today, we summarize the last half of the calendar, in case you missed some days. Part 1 recap (12/25) A couple of weeks ago, on the 12th of December, we posted a recap of the first 12 days: cfengine.com/blog/2022/security-holiday-calendar-part-1 File integrity monitoring with CFEngine (13/25) On the 13th, we took a look at how you can use File Integrity monitoring in CFEngine for similar functionality to AIDE:

December 25, 2022

CFEngine 3.21 LTS released - Unification

Today, we are pleased to announce the release of CFEngine 3.21.0! The focus of this new version has been unification. Across our websites and UI, you should see that it’s a much more modern and unified experience, whether you’re reading this blog post on cfengine.com, browsing the new documentation site, looking for modules on the CFEngine Build website, or adding input to modules within Build in Mission Portal. This release also marks an important event, the beginning of the 3.

December 21, 2022
Get in touch with us
to discuss how we can help!
Contact us
Sign up for
our newsletter
By signing up, you agree to your email address being stored and used to receive newsletters about CFEngine. We use tracking in our newsletter emails to improve our marketing content.