Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Patch Notes

Patch Note for CTE for Kubernetes

search

Patch Note for CTE for Kubernetes

Release Note Version Date
v1.2.0.53 2023-08-04

Verify that the CTE for Kubernetes Container Image Fingerprint matches the version that you are installing:

Release Date Tag Container Image Digest (Fingerprint)
2023-04-10 1.2.0.53 sha256:3f3605fdd1126f5bfa1ccb70c623ee406d1f7a1f4c372719417c08291acb7ef1

copy link to clipboardNew Features and Enhancements

  • Support for Kubernetes Operator

    The CTE for Kubernetes Operator can deploy, monitor, upgrade and delete CTE for Kubernetes. When the CTE for Kubernetes Operator is deployed, its controller deploys the CTE for Kubernetes driver on the OpenShift cluster in the kube-system namespace. The manifests required to deploy the CTE-K8s driver are bundled with the operator.

    See Introduction to the Kubernetes Operator for more information.

copy link to clipboardResolved Issues

  • AGT-44903 [CS1431227]: Error: Access check returned 2

    This issue was caused by a file that was opened and using writeback. If the process (or thread) which opened the file has exited, then CTE is unable to find any process associated with the IO. In this specific case, CTE was only able to use the original UID/GID from the opening thread, and was not able to calculate any group name, process name or process signature, which caused access checks to fail. Now, if CTE detects this scenario and has already granted access to the file, CTE prevents the access check from failing.

  • AGT-45039 | AGT-45130: MOAS: fsstress test is hanging

    The rapid execution of binaries inside a GuardPoint can result in a recursive call that can freeze the application. The solution was to fix the recursion issue. Therefore, you can now run a binary from inside a GuardPoint.

  • AGT-45478: Netlink process watcher is not working under CTE for Kubernetes

    The issue occurred due to an error in properly detecting process exiting. This may cause a memory leak in the agent's process tracking table. The solution was to fix the process exit detection to properly free process table entries.

  • AGT-46287 CS1476716: During large batch operations where data is being processed and moved between protected folders, the data is being double encrypted

    The solution was to add protection logic to prevent nested mounting of GuardPoints which can cause double encryption.

On this page