« Changelog History


OSQuery v4.5.1 Release Notes

Release Date: 2020-10-05 // over 3 years ago

  • Git Commits

    Under the Hood improvements

    • 👌 Improve carver tests by faking postCarve (#6659)
    • Emit an error during carving, if the carve SQL function is disabled (#6658)
    • ⚡️ Update carves specs to allow full scan (#6657)
    • ⚡️ Update carves table to use JSON (#6656)
    • 👌 Improve performance and accuracy of Windows registry querying (#6647)
    • 🔨 Refactor ephemeral database plugin into core and simplify tests (#6648)

    Table Changes

    • 👌 Support for Office MRU (most recently used) entries (#6587)
    • 🔧 Implement configurable timeout through WHERE clause on curl_certificate (#6641)
    • ➕ Add atom_packages table spec to window (#6649)
    • ➕ Add signature information to authenticode table on windows (#6677)
    • ➕ Add additional AWS regions (#6666)

    🐛 Bug Fixes

    • 🛠 Fix container overflow in curl_certificate (#6664)
    • 🛠 Fix handling of invalid array bound error with EvtNext function (#6660)
    • Fix wmi_bios_info table searching (#5246)
    • 🛠 Fix image column within drivers table on Windows (#6652)
    • 🛠 Fix windows dirPathsAreEqual to use the documented way (#6690)
    • 🛠 Fix incorrect stat() return checking within process_events (#6694)
    • Always flush stdout when called with --help (#6693)

    📚 Documentation

    • ⏱ Document max scheduled query interval (#6683)
    • 📚 Update documentation around build steps (#6681)
    • 📚 Documentation copy editing (#6676, #6665, #6662)
    • ➕ Add 4.5.0 CHANGELOG (#6646)
    • ➕ Add 4.5.1 CHANGELOG (#6692)

    🏗 Build

    • 👌 Improve flaky python test handling (#6654)
    • ⏪ Restore test_osqueryi (#6631)
    • Limit osqueryd CPU usage to 20% in systemd unit file (#6644)
    • 👌 Improve flaky test_osqueryi (#6688)
    • ➕ Add cppcheck support to macOS (#6685)

    Hardening

    • ➕ Add exception catching for table execution (#6689)