OSQuery v5.2.2 Release Notes
-
🍎 Osquery 5.2.2 brings native Apple Silicon (M1) support to the macOS ⚡️ platform. It also represents a comprehensive review and update of our 📄 third-party dependencies. To support this work, the developer docs ⚡️ have been updated, as have several parts of the build system
🚀 This release represents commits from 24 contributors! Thank you all.
🆕 New Features
- 👍 Apple Silicon support (#7330)
🗄 Deprecation Notices
- 👀 The
cpuid
table is x86 only. See #7462 - The
smart_drive_info
table has been deprecated, and is not included in the m1 builds. See #7464 - 🏗 The
lldp_neighbors
table has been deprecated, and is not included in the m1 builds. See #7463
Table Changes
- ⚡️ Update
time
table to always reflect UTC values (#7276, #7460, #7437) - 🔒 Hide the deprecated
antispyware
column inwindows_security_center
(#7411) - Add
windows_firewall_rules
table for windows (#7403)
🐛 Bug Fixes
- ⚡️ Update the ATC table
path
column check to be case insensitive (#7442) - 🛠 Fix a crash introduced by 5.2.0 when Yara uses its own strutils functions (#7439)
- Fix
user_time
andsystem_time
unit in processes table on M1 (#7473)
📚 Documentation
🏗 Build
- ⚡️ Update sqlite to version 3.37.0 (#7426)
- 🛠 Fix linking of thirdparty_sleuthkit (#7425)
- 🛠 Fix how we disable tables in the fuzzer init method (#7419)
- Prevent running discovery queries when fuzzing (#7418)
- 👉 Add BOOST_USE_ASAN define when enabling Asan (#7469)
- 🍎 Removing unnecessary macOS version check (#7451)
- 🛠 Fix submodule cache for macOS CI runner (#7456)
- ➕ Add osquery version to macOS app bundle Info.plist (#7452)
- ⚡️ libs: Update OpenSSL to verion 1.1.1l (#7330)
- ⚡️ libs: Update augeas to version 1.12.0 (#7330)
- ⚡️ libs: Update aws-sdk to version 1.9.116 (#7330)
- ⚡️ libs: Update boost to version 1.77 (#7330)
- ⚡️ libs: Update gflags to 2.2.2 (#7330)
- ⚡️ libs: Update glog to version 0.5.0 (#7330)
- ⚡️ libs: Update googletest to version 1.11.0 (#7330)
- ⚡️ libs: Update libarchive to version 3.5.2 (#7330)
- ⚡️ libs: Update libcap to version 1.2.59 (#7330)
- ⚡️ libs: Update libmagic to version 5.40 (#7330)
- ⚡️ libs: Update librdkafka to version 1.8.0 (#7330)
- ⚡️ libs: Update libxml2 to version 2.9.12 (#7330)
- ⚡️ libs: Update linenoise-ng to the latest commit (#7330)
- ⚡️ libs: Update lzma to version 5.2.5 (#7330)
- ⚡️ libs: Update rocksdb to version 6.22.1 (#7330)
- ⚡️ libs: Update sleuthkit to version 4.11.0 (#7330)
- ⚡️ libs: Update ssdeep-cpp to the latest commit (d8705da) (#7330)
- ⚡️ libs: Update thrift to version 0.15.0 (#7330)
- ⚡️ libs: Update yara to version 4.1.3 (#7330)
- ⚡️ libs: Update zstd to version 1.4.0 (#7330)