Anchore Enterprise Release Notes - Version 3.0.1

Anchore Enterprise 3.0.1

v3.0.1 is a patch release of Anchore Enterprise containing targeted fixes and improvements. No database upgrade is necessary.

Enterprise Service Changes

Adds

  • Adds new “inventory-agent” RBAC role with minimal permissions for use with KAI agents deployed in kubernetes clusters
  • Adds wildcard support for GraphQL query filters in reporting service

Fixes

  • Increases the TTL for kubernetes runtime inventory items to 120 days from 1 day after last being seen
  • Fixes RHEL/UBI images imported to engine using syft have different distro name that skips OS vuln checks by mapping them to the proper “rhel” namespace and adding support for “redhat” namespaces.
  • Fixes false positive vulnerabilities due to application packages (npm, python, etc) being installed via rpms, debs, or other distro packages. Filters those “owned” packages from analysis leaving the parent rpm/deb/apk for vulnerability matching.
  • Fixes SSO login not working after upgrade from 2.4.x to 3.0.0 with “invalid_client” error
  • Fixes analysis failures due to python package manifest format issues causing Syft errors
  • Fixes image ancestor lookup failures due to ancestor being deleted or not found
  • Fixes ubuntu feed driver failures during data fetch processing

Enterprise UI Changes

Fixes

  • Fixes bulk delete image count limitations during repo cleanup
  • Fixes potential SSO issues due to Redis connection errors
  • Fixes potential LDAP connection update failures

Additional minor bug fixes and enhancements

Upgrading


Last modified March 10, 2021: Fixes typo in docker-compose page (a21afeb)