The StackRox Kubernetes Security Platform version 3.0.50 includes new features, bug fixes, and system changes. To upgrade to this release from a previous version, see the Upgrade StackRox section.
Release date: October 7, 2020
We’ve added new more configurable Helm chart that you can use to install and upgrade the StackRox Kubernetes Security Platform. For more information, see Quick Start (Helm) and Helm charts configuration.
The StackRox Kubernetes Security Platform now identifies vulnerabilities in images with .NET Core and ASP.NET Core developer platform. If you have existing images that are using the .NET Core runtime, you’ll now get alerts for vulnerabilities when you upgrade to the StackRox Kubernetes Security Platform version 3.0.50.
- ROX-3467: Previously, when viewing clusters in the Network Graph view, active network connections didn’t display when you switched clusters until your refreshed the page. We’ve fixed this issue.
- ROX-5551 and ROX-5593: Previously, the Navigate to deployment option in the Network Graph view and the View deployment in Network Graph option in the Risk view didn’t work. We’ve fixed this issue.
- ROX-5579: We’ve fixed an issue where the Sensor Upgrade column in the Platform Configuration > Clusters view incorrectly displayed Incomplete status even when the Sensor version was up-to-date.
Release date: Oct 21, 2020
- ROX-5785: We’ve fixed an issue in Sensor where it was treating completed jobs as deployment objects in a monitored cluster.
- ROX-5777: We’ve fixed an issue where the embedded documentation for the StackRox Kubernetes Security Platform didn’t completely render when accessing it in version 3.50.0.
We’ve increased the default resource limit to 4 CPU cores for new Central deployments. Also see Sizing guidelines for recommended compute resources and storage values.
We’ve added a new policy criteria called Service Account that evaluate policy against a deployment’s service account name.
ROX_CONTINUE_UNKNOWN_OSfeature flag is now enabled by default in Scanner. It means that the scans won’t fail if Scanner can’t determine the image OS and the image has other feature components. For example, scans won’t fail for the
- Scanner now uses Red Hat CVSS scores (instead of NVD) for
- Scanner now identifies .NET Core runtime CVEs (based on data from NVD). If you have existing images that are using the .NET Core runtime, you’ll now get alerts.
|Main||It includes Central, Sensor, Admission Controller, and Compliance. It also includes ||stackrox.io/main:18.104.22.168|
|Scanner DB||Stores image scan results and vulnerability definitions.||stackrox.io/scanner-db:2.5.0|
|Collector||Collects runtime activity in Kubernetes or OpenShift clusters.||collector.stackrox.io/collector:3.1.3-latest|
|Update||View network policies||Added details about viewing information in the Network Graph view.|
|Update||Resource requirements||Added resource sizing guidelines for Central.|
|Update||Examine images||Clarified information about the |
|Update||Quick Start (Helm)||Added instructions for installing the StackRox Kubernetes Security Platform version 3.0.50.|
|New topic||Helm chart configuration||Learn about the Helm chart configuration parameters you can use when you install or upgrade the StackRox Kubernetes Security Platform by using Helm.|
We're happy to help! Reach out to us to discuss questions, issues, or feature requests.