Imunify360 4.2 released

Bugs

• DEF-9022 - allow week and day for MALWARE_SCAN_SCHEDULE.interval in AV+
• DEF-9318 - support new format of modsec_audit.log in concurrent mode
• DEF–5736 - Feature’s status (installing/uninstalling) tracking mechanism is unreliable
• DEF–6605 - Deploy-script with --uninstall flag should remove all ImunifyAV/Imunify360 requirements
• DEF–7105 - TypeError: a bytes-like object is required, not ‘str’
• DEF–7126 - WebshieldDictException: send error: [Errno 111] Connection refused
• DEF–7461 - New Dashboard - UI - Map - fix truncated pins (near sides of the map)
• DEF–7735 - rpm test failure: “database is locked” in on_demand.malware_hashes.Malware hashes applied during on demand scan.Malware hash list command shows added hashes
• DEF–7756 - handle response from FeaturesManagementAPI.editUserFeatures
• DEF–7838 - Fix regular crashes of Visual Review server on Jenkins node
• DEF–7872 - Hide ImunifyAV item in reseller menu in WHM
• DEF–7902 - Failed test_configuration_management.test_managing_modsec_directives[SecAuditEngine-Off] (from pytest)
• DEF–7911 - Incorrect count in blocked ports?
• DEF–7946 - test_webshield fails on ubuntu configurations
• DEF–8013 - TypeError: modsec_get_directive() takes 1 positional argument but 2 were given
• DEF–8017 - TypeError: read_file() missing 1 required positional argument: ‘path’
• DEF–8049 - Bug from https://sentry.cloudlinux.com/sentry/imunify360-ui/issues/4729709/?referrer=slack
• DEF–8071 - modsec audit log is not parsed properly sometimes
• DEF–8075 - test_malware.test_cleanup.test_keep_in_quarntine[quarantine-quarantined] RPM test fails
• DEF–8076 - When uninstall agent we do not uninstall vendor and brake apache (cPanel)
• DEF–8092 - test_rules_restored.test_existing_chain_on_startup failed
• DEF–8093 - Not all files are detected by black hash filter
• DEF–8097 - cPanel hooks should be executed sequentially for a given target (user) (test_cpanel_events.test_account_is_modified fails)
• DEF–8099 - AttributeError: ‘SubprocessError’ object has no attribute ‘stderr’
• DEF–8111 - geodb is updated but the corresponding country ipset is not
• DEF–8156 - Allow admin to disable ignore list at end user level
• DEF–8163 - test_malware.test_user_list.test_infected failed
• DEF–8166 - Failed test_modsec_vendor_install.test_correct_vendor_installed_plesk
• DEF–8168 - test_malware failed due to missing ‘HOME’ in env
• DEF–8169 - Issue with Imunify360 installation on Ubuntu18 (PLESK)
• DEF–8205 - license_type is not available from UI
• DEF–8225 - OperationalError: too many SQL variables
• DEF–8228 - Quarantined file can’t be uploaded to MRS
• DEF–8236 - Wsshdict, ssl-cache and sentrylogs: rewrite existing PID file silently on start
• DEF–8257 - Do not include unit tests into imunify package
• DEF–8272 - Disable Contact Support in the config
• DEF–8279 - The problem is with the email field validator
• DEF–8281 - SSL is not working, issue with Cloudflare FULL Strict cert
• DEF–8296 - test_malware_user_list unit tests fail sometimes: “jsonschema.exceptions.ValidationError: ‘scan_type’ is a required property”
• DEF–8313 - When upgrading webshield from 1.6 to 1.7 version on Ubuntu it failed to start
• DEF–8327 - CL + cPanel + 1k users: test_cagefs_split_configs: AssertionError
• DEF–8352 - KeyError: ‘url’
• DEF–8361 - RuntimeError: coroutine raised StopIteration
• DEF–8362 - cron file should contain PATH or we should use absolute paths (imunify360-watchdog)
• DEF–8392 - test_malware failed (rpm-test)
• DEF–8393 - Failed whitelisted_ip_after_login.Whitelisting ip after login.ensure that user access to panel is whitelisting ip – @1.1
• DEF–8419 - Fix link in restore from quarantine modal window
• DEF–8427 - Fix looped cpanel hooks
• DEF–8428 - AttributeError: ‘set’ object has no attribute ‘extend’
• DEF–8462 - AttributeError: ‘cPanel’ object has no attribute ‘pure_ftp_conf_cls’
• DEF–8463 - Failed test_malware.test_cleanup (RPM tests) (Directadmin)
• DEF–8483 - Fix Rpc caller service exec should work even if response is divided into several packets
• DEF–8499 - inotify.new_account.Newly created account is automatically added to inotify.Inotify automatically starts watching newly created account
• DEF–8526 - test_malware.test_malware_scanner.test_pure_ftp_scanner fails in RPM tests
• DEF–8544 - Webshield is not picking up panel certificate for cPanel & LiteSpeed
• DEF–8577 - NameError: name ‘itertools’ is not defined
• DEF–8584 - Endpoint not found for RPC method “backup-systems init”
• DEF–8595 - “malware malicious restore-from-backup” does not work
• DEF–8600 - test_malware.test_malware_scanner.test_web_scanner fails
• DEF–8601 - Failure during provisioning on disabling Sentry reporting
• DEF–8605 - test_malware.test_user_list.test_scan_status fails
• DEF–8607 - test_hooks failed on AV
• DEF–8610 - inotify.new_account, malware_read rpm-tests failed
• DEF–8621 - Active response does not work on Debian
• DEF–8659 - Traceback during upgrade 4.1 -> 4.2
• DEF–8671 - test_cagefs_split_configs fails
• DEF–8702 - Broken link
• DEF-8928 - KeyError 'license_type'
• DEF-8786 - Additional properties are not allowed ('errors' was unexpected)
• DEF-8968 - Check schema validation
• DEF-9084 - Disable native feature management in ImunifyAV/AV+

Tasks

• DEF-9352 -Implement --intensity which is joint of --intensity-cpu and --intensity-io
• DEF–4905 - Improve news component - use RSS to extract news
• DEF–6370 - Plesk mod_security settings
• DEF–7301 - No running process for ImunifyAV when it is not in use - EL7/systemd
• DEF–7347 - Re-work e2e tests as functional/unit & api tests
• DEF–7377 - No running process for ImunifyAV when it is not in use - EL6/separate binary
• DEF–7578 - Optimize SSL processing
• DEF–7635 - Open source ImunifyAV UI - check sources for any information that we might not want to open source
• DEF–7652 - Re-work e2e tests as functional/unit & api tests - add validation to agent’s responses
• DEF–7667 - Re-use a11y tests code for VR tests
• DEF–7702 - create a test for ossec
• DEF–7792 - Display slides in UI during installation
• DEF–7825 - Re-work e2e tests as functional/unit & api tests - fix small issues (marked with FIXME)
• DEF–7908 - prevent regression in memory consumption for imunify-antivirus
• DEF–7933 - Add webshield instance to integration tests
• DEF–7936 - Silence warnings about inconsistent firewall rules
• DEF–7963 - Set typical values with flags, not string values
• DEF–7964 - Add our Jenkins jobs with tests to build.cloudlinux.com to make sure our tests run on every release build
• DEF–8001 - user configs stored in /etc/imunify360/user_configs lead to quadratic increase in disk usage with increase in user count
• DEF–8023 - Purge Heuristic scan
• DEF–8074 - pytest complains about yaml.load() without Loader=…; possible security issue
• DEF–8098 - Create multiconfiguration job to test ImunifyAV
• DEF–8102 - Add scan_id to malicious list output
• DEF–8139 - ossec active response UI / enable / disable – backend part
• DEF–8144 - Add hook management functionality
• DEF–8145 - Plugin to execute hooks
• DEF–8146 - Native hooks
• DEF–8179 - Dashboard - add recommendations
• DEF–8181 - Dashboard - numbers above charts
• DEF–8182 - Reputation management - update UI
• DEF–8200 - Record the time of last ‘full’ scan per user
• DEF–8204 - update icons and descriptions in Plesk extension
• DEF–8207 - Recursive symlink does not break the scanner case fails
• DEF–8209 - Split HostingPanel code
• DEF–8210 - Remove client360 plugin dependency to (almost) all kind of messages
• DEF–8211 - Move CSF integration to corresponding plugins
• DEF–8212 - Create separate package for imunify360-only code
• DEF–8213 - Move 360 plugins to separate package
• DEF–8214 - Move 360 endpoints to separate package
• DEF–8219 - Remove ip whitelist middleware
• DEF–8220 - Remove KernelCare/HardenedPHP handling from CLN class
• DEF–8230 - Dashboard - add malware chart - server
• DEF–8239 - Update behave rpm-tests which use unoptimized steps
• DEF–8260 - Review and apply new translations
• DEF–8261 - Remove client360 plugin dependency on received messages
• DEF–8316 - Replace “Lists” in the global menu with “Firewall” item
• DEF–8317 - Disable integration with CSF via settings
• DEF–8323 - Reputation management - update agent
• DEF–8358 - [UI + Correlation Server] Screen resolution and other browser’s parameters reporting to CH
• DEF–8372 - ossec active response UI / enable / disable
• DEF–8395 - Fix warning at the end of unit test run
• DEF–8398 - Make ClamAV binary configurable
• DEF–8417 - Move firewall code into im360 package
• DEF–8422 - Fix description for “Alerts total”
• DEF–8435 - Move defence360/api/ips.py into im360 package
• DEF–8436 - Move defence360agent/model/cache_sources.py into im360 package
• DEF–8443 - Cancel background scanning when settings are changed
• DEF–8446 - Move defence360agent.subsys.features into im360
• DEF–8471 - Add a triangle to autocomplete in dashboard
• DEF–8480 - Adjust intensity level and resource consumption while scanning with AI-BOLIT (nice / ionice) - UI part
• DEF–8482 - Process ‘X-Forwarded-For’ header only after vendor-specific headers
• DEF–8489 - Remove messages class dependencies from the_sink.py
• DEF–8516 - Make RPC handlers registration explicit
• DEF–8531 - Add to release of agent 4.2.0 new package of proactive defense 4.2.0
• DEF–8536 - Disable integration with CSF via settings - UI
• DEF-8836 - Add to release of agent 4.2.x new package of proactive defense 4.2.0-1.20
• DEF-8838 - Add to release of agent 4.2.x ai-bolit 4.0.2-1
• DEF-8845 - Bump webshield version to 1.7-12 for 4.2 and master
• DEF-8848 - Add OSSEC 3.1.0-29 to dependencies
• DEF-8919 - OSSEC 3.1.0-30 beta release
• DEF-8922 - the new package of Proactive Defense 4.2.2-1.2 is added to the release of agent 4.2.x
• DEF-8996 - Add to release of agent 4.2.x new package of proactive defense 4.2.2-1.4
• DEF-8639 - Investigate and fix agent response validation errors
• DEF-9078 - Add to release of agent 4.2.x ai-bolit 4.0.3-1
• DEF-9089 - Remove news from av-client side
• DEF-9098 - Include webshield 1.7-13 into 4.2
• DEF-9121 - Add to release of agent 4.2.x new package of proactive defence 4.2.5-1.1

Fixes

• DEF–8687 - Imunify360 is scanning php session files too
• DEF–8731 - Imunify360 service in cPanel service manager should be updated
• DEF–8757 - Sentry tags are missing
• DEF-7932 - Don't block ips that are added manually to {BLACK, GRAY, WHITE} list already
• DEF-8635 - there are imunify-service INFO messages in syslog
• DEF-8761 - AttributeError: 'NoneType' object has no attribute 'groups'
• DEF-8768 - TypeError: Can't convert 'bytes' object to str implicitly
• DEF-8777 - fixed an issue when two admin contacts modal dialogs appear at once right after EULA is accepted