We are pleased to announce two new patch releases for CFEngine, version 3.24.4 and 3.27.1! These patch releases contain bug fixes and dependency updates.
Changes As these are patch releases for long term supported (LTS) branches of CFEngine, there are no new major features included.
Complete changelogs As always, you can see a full list of changes and improvements in our changelogs:
3.27.1 changelog for CFEngine Community 3.27.1 changelog for CFEngine Enterprise 3.27.1 changelog for Masterfiles Policy Framework 3.24.4 changelog for CFEngine Community 3.24.4 changelog for CFEngine Enterprise 3.24.4 changelog for Masterfiles Policy Framework Please note that the Enterprise changelogs contain only changes specific to enterprise. To get a full overview of all changes in a version, read all 3 changelogs.
We have recently discovered and fixed multiple security issues in CFEngine. These discoveries were made by ethical hackers as a part of our HackerOne bug bounty program. All of these issues can be remediated by upgrading to CFEngine 3.27.0, 3.24.3, 3.21.8, or later versions. We have no indications of these issues being exploited or known outside of the company and the security researchers that reported them. All of these issues require authentication / some initial level of access - they cannot be exploited on their own, without first compromising an account, or similar.
Today, we are pleased to announce the release of CFEngine 3.27.0! The code word for this release is exploration.
This release also marks an important event, the beginning of the 3.27 LTS series, which will be supported for 3 years.
Several new features have been added since the release of CFEngine 3.24 LTS, in the form of non-LTS releases. In this blog post we’ll highlight the most important features since the previous LTS release, even though some of them technically landed in intermediate non-supported releases.
We are pleased to announce two new patch releases for CFEngine, version 3.21.8 and 3.24.3! These patch releases contain bug fixes and dependency updates.
Changes As these are patch releases for long term supported (LTS) branches of CFEngine, there are no new major features included.
Complete changelogs As always, you can see a full list of changes and improvements in our changelogs:
3.24.3 changelog for CFEngine Community 3.24.3 changelog for CFEngine Enterprise 3.24.3 changelog for Masterfiles Policy Framework 3.21.8 changelog for CFEngine Community 3.21.8 changelog for CFEngine Enterprise 3.21.8 changelog for Masterfiles Policy Framework Please note that the Enterprise changelogs contain only changes specific to enterprise. To get a full overview of all changes in a version, read all 3 changelogs.
Today, we are pleased to announce the release of CFEngine 3.26.0! Being a non-LTS (not supported) release, this release allows users to test the new functionality we’ve been working on before it arrives in an LTS release later this year. The codename for this release is a bit different, as it is named after a new feature introduced, and what it eliminates - the default admin user.
What’s new In recent releases, we’ve made important security improvements like stricter password policies, 2FA support, audit logs, and more. We’re continuing down this track of improving the overall account and login security of CFEngine Enterprise by eliminating the default admin user and introducing a much more secure first time setup feature to create your own user with administrative rights.
We are pleased to announce two new patch releases for CFEngine, version 3.21.7 and 3.24.2! These patch releases contain bug fixes and dependency updates.
Changes As these are patch releases for long term supported (LTS) branches of CFEngine, there are no new major features included.
Complete changelogs As always, you can see a full list of changes and improvements in our changelogs:
3.24.2 Changelog for CFEngine Community 3.24.2 Changelog for CFEngine Enterprise 3.24.2 Changelog for Masterfiles Policy Framework 3.21.7 Changelog for CFEngine Community 3.21.7 Changelog for CFEngine Enterprise 3.21.7 Changelog for Masterfiles Policy Framework Please note that the Enterprise changelogs contain only changes specific to enterprise. To get a full overview of all changes in a version, read all 3 changelogs.
We are writing to inform you of a recently discovered security issue in the CFEngine Enterprise web UI, Mission Portal. The issue has been fixed in the recently released 3.21.6 and 3.24.1 versions. Prior versions (3.24.0, 3.21.5, and below) are affected. We have no indications of this issue being exploited or known outside of the company. The issue was discovered thanks to the vulnerability scanning software Acunetix by Invicti.
Description On the affected versions, some fields lack input validation, allowing an authenticated user with administrator-level privileges to enter javascript into input text fields, which will be evaluated by other users of the system who open up the same form. In addition to fixing this specific issue of confirmed XSS, we also added much more strict input validation to many other fields in Mission Portal, to prevent similar issues, even though we were not able to find something exploitable in those cases.
Today, we are pleased to announce the release of CFEngine 3.25.0! The code word for this release is auditability. Being a non-LTS (not supported) release, this release allows users to test the new functionality we’ve been working on before it arrives in an LTS release ~1 year from now.
What’s new The audit log CFEngine Mission Portal now logs user actions in a structured audit log. This means you can go back and see who edited group data, who deleted a host, who created a user, etc. The audit log can be filtered by time and date, resource type, who performed the action, and what was affected.
With another year behind us, we take a look back at what happened with CFEngine in 2024.
Webinars: ‘The agent is in’ We are 3 years in to our webinar series, ‘The agent is in’, and the show had, as expected, 12 new episodes. You can find all the recordings, and the registration link, at cfengine.com/webinars. Additional show notes are also available on our blog.
Module Mondays and Feature Fridays Nick and Craig have been writing regularly throughout the year about their favorite features and modules. You can find these posts on our blog:
We are pleased to announce two new patch releases for CFEngine, version 3.21.6 and 3.24.1! These patch releases contain bug fixes and dependency updates.
Changes In 3.24.1, Mission Portal has one new feature, requested by our users, which we’d like to highlight - When logging in to the CFEngine Enterprise web UI, Mission Portal, we now support 2FA using a time-based one time password (TOTP). Aside from this, these are patch releases which mainly focus on bugfixes, not new features.
