The StackRox Kubernetes Security Platform version 3.0.53 includes new features, bug fixes, and system changes. To upgrade to this release from a previous version, see the Upgrade StackRox section.
Release date: December 16, 2020
We’ve added a new Health dashboard that provides status information on the services that are part of the StackRox Kubernetes Security Platform. To learn about how to access and view the StackRox Kubernetes Security Platform health dashboard, see Use the health dashboard topic.
When generating a diagnostic bundle, you can now configure the clusters for which you want to generate the diagnostic data and specify the time and date to include the data.
- ROX-5405: We fixed a memory leak in Collector that sometimes caused high memory consumption and the Collector pod to restart.
- ROX-5506: Previously, if you were using Azure Active Directory as an authentication provider, the logged-in user’s email address wasn’t visible in the StackRox portal. We’ve fixed this issue.
- ROX-5952: We’ve fixed an issue with Helm installation for the StackRox Kubernetes Security Platform on Helm version 3.1.2.
- ROX-5961: We’ve fixed an issue where the
roxctl central generatecommand would result in an incorrect image name when you specified the image name along with a port number.
- ROX-5990: Previously, when scanning images, if the StackRox Kubernetes Security Platform found a language vulnerability in an image layer, which was fixed in another image layer, the StackRox Kubernetes Security Platform would still report that as a vulnerability. We’ve fixed this issue.
- ROX-6094: Previously, if you were using the StackRox Kubernetes Security Platform
version 188.8.131.52 and an OIDC authentication provider that used the
fragmentresponse type, the StackRox Kubernetes Security Platform would force log out the users after 5 minutes. We’ve fixed this issue.
- ROX-6113: We’ve fixed an issue where adding a SAML authentication provider from the Platform Configuration > Access Control view would sometimes crash the StackRox portal page.
- ROX-6117: Previously, sometimes the StackRox portal didn’t show network policies that apply to the selected deployment in the Network Graph view. We’ve fixed this issue.
- ROX-6141: Previously, if you were using the StackRox Kubernetes Security Platform version 3.0.52 without NetworkPolicy enforcement, Scanner didn’t validate Central client certificates when running new scans or getting previous scan results. We’ve fixed this issue.
- We’ve updated the Helm charts templates for the StackRox Kubernetes Security Platform to include support for additional ports (443, 80).
- We’ve updated the minimum required version of Helm for installing the StackRox Kubernetes Security Platform to 3.2.
- We’ve updated the Central chart name to
stackrox-central-servicesand the short name to
central-servicesin the charts.stackrox.io repository.
We’ve added a Discovered in Image column in the Fixable CVE section, which shows up when you view an image’s details. This column lists the time and date the CVE was first discovered in the image.
|Main||It includes Central, Sensor, Admission Controller, and Compliance. It also includes ||stackrox.io/main:184.108.40.206|
|Scanner DB||Stores image scan results and vulnerability definitions.||stackrox.io/scanner-db:2.8.1|
|Collector||Collects runtime activity in Kubernetes or OpenShift clusters.||collector.stackrox.io/collector:3.1.9-latest|
|New topic||Use the health dashboard||Learn how to access and view the StackRox Kubernetes Security Platform health dashboard.|
|Update||Generate a diagnostic bundle||Added instructions for generating a diagnostic bundle for the StackRox Kubernetes Security Platform version 3.0.53 and newer.|
We're happy to help! Reach out to us to discuss questions, issues, or feature requests.