Released: January 8, 2024
Highlights
New Security Policy for Specific Packages
You can create a security Policy rule for specific packages and package versions. This allows you to issue violations and perform actions if the specified packages are detected by Xray. For more information, see Trigger Violations Using Xray Policy Rules.
Support VMDK and OVA Indexing
Added support for Xray scanning of ".vmdk" VMWare Disk Image files (incl. when inside ".ova" archives)
monolithicSparse
streamOptimized
The supported partition table formats are:
MBR
GPT
The supported filesystems are:
XFS
EXT4
OCI Repository Support
With the support of OCI repositories in Artifactory version 7.75.3, this Xray version supports scans of OCI and Docker images deployed to an OCI repository including SCA, Contextual Analysis, and Exposures scans as supported in a Docker repository.
Additional Technologies Support in Xray
Added support for scanning XZ compressed files that were not part of a TAR archive
Added support for scanning of ISO image files
Added support for scanning of CPIO (SVR4) archive files
Added support for listing dependencies from OpenSUSE package metadata files (ex. ".packages.initrd")
Feature Enhancements
Jira Integration Ticket Mapping Enhancement
You now can map tickets to relevant Profiles based on the violation impact path. For more information, see Xray Jira Integration.
Contextual Analysis in Reports
Contextual Analysis scan findings are now available in Xray's Vulnerabilities and Violations Reports.
License Coverage Enhancement
Xray's out-of-the-box license coverage expanded from 400 licenses to ~1800 licenses.
SBOM Report Enhancement
You now have the option to choose whether or not to include/exclude VEX data in CycloneDX format.
Resolved Issues
Jira | Description |
---|---|
XRAY-27432 | Fixed an issue whereby, when working with Projects, Project roles with permissions to create an Ignore Rule on the Project level were unable to delete the Ignore Rule. |
XRAY-25826 | Fixed an issue whereby, in some cases, a deleted Ignore Rule was still displayed in the UI. |
XRAY-26557 | Fixed an issue whereby, when applying Index Now on a Docker repository resulted in the scanning of all artifacts including ones that have already been scanned. |
XRAY-20134 | Fixed an issue whereby, support of special characters in build version caused a 500 error when accessing the build version. |
XRAY-28231 | Improved the operation of JFrog Advanced Security when operating under the Kubernetes runAsNonRoot policy by enabling UID setting in the system.yaml configuration file. Use the following new parameter: executionService: uid: “1035” Default Value: 1035 |
XRAY-24962 | Fixed an issue whereby, applying an Ignore Rule for selected Watches was not working properly, as it did not apply on all the selected Watches. |
XRAY-24201 | Fixed an issue whereby, it was not possible to select a Watch in the Ignore Rule conditions for violations generated in an on-demand scan. |