Public Release 1.4.1

Adds

• PR-296 Apache Solr Support: The security agent now also supports Apache Solr Version 4.0.0 and above. NR-288599
• PR-275 The maximum permissible size for a request body for scan will be set at 500KB. NR-174195
• PR-306 Add csec prefix to all instrumentation Jar, this resolves CVE flagged by third party scanners on our instrumentation JARs. NR-289249
• PR-303 Honour OFF Flag, Handle Boolean values for config log_level. NR-293102
• PR-299 Support Authentication capabilities for Proxy Settings. NR-283945
• PR-313 Processing of the security agent will persist even if the creation of the security home directory encounters an issue. NR-297206
• PR-277 Improve Management of Log file size and its count. NR-272900
• PR-314 Report error to Error Inbox upon connection failure to Security Engine. NR-299700
• PR-316 Detailed IAST Scan metric reporting via HealthCheck. NR-267166
• PR-302 Detect API Endpoint of the Application for Vertx Framework. NR-287771
• PR-293, PR-284, PR-302 Detect route of an incoming request for mule server, play framework and Vertx Framework. NR-283915, NR-265915, NR-287771

Changes

• PR-265 Improve Secure Cookie event reporting to provide detailed vulnerability. NR-273609
• PR-283 Update IAST Header Parsing Minimum Expected Length Set to 8. NR-282647
• PR-308 Remove jackson-dataformat-properties to address CVE-2023-3894 and exclude transitive dependency junit to address CVE-2020-15250 NR-295033

Fixes

• PR-292 Fix for ClassNotFoundException observed in glassfish server NR-262453
• PR-286 Detect correct user class in Netty Reactor Server NR-253551
• PR-317 Add a workaround for an issue where New Relic Security Agent breaks the gRPC endpoints #130. NR-299709

Deprecations

• Status File Used for Debugging: This feature has been deprecated. All debugging capabilities have been moved to either Init Logging or Error Inbox and will be removed in a future agent release. NR-293966