IMPORTANT: This site is planned to be decommissioned in 2026. Visit the Tanium Resource Center for all Tanium release notes, user guides, and support information. To view release notes in the Resource Center, see Tanium Release Notes.
IMPORTANT: If you are using semi-annual releases for on premises, see the Release notes for 2024H1 semiannual release, Release notes for 2024H2 semiannual release, or Release notes for 2025H1 semiannual release on the Tanium Resource Center.
Effective October 15, 2024: On prem release notes on the Tanium Knowledge Base are frozen. For release notes related to 7.4 or 7.5 Server and Solutions, see the Monthly updates for Tanium Version 7.4 and 7.5 Server and Solutions on the Tanium Resource Center.
Release Notes Comply (Version 1.2.6)
Tanium Comply 1.2.6
Release Date: April 6, 2017
Feature Improvements
- Added the ability to customize rule values when creating a custom profile.
- Added the ability to display details of a custom profile without having to download the corresponding XML.
- Added progress indicator for vulnerability scans. Opening a vulnerability report that is in progress will present the user with an option to display scan progress.
- Added support for CIS-CAT 3.0.35 (users are strongly encouraged to upgrade to this version).
- Added CVSS vector and link to NVD database to vulnerability scan results.
- Added support for the jOval scan engine.
- Added the ability to create and remove benchmark categories. This includes the ability to move a benchmark to a different category.
- Added the ability to filter the benchmark list by benchmark category.
- Added a feature that will refresh the question results for report details. This functionality works similarly to the refresh seen on the aggregate results page.
- Added feed date information to vulnerability reports.
- Added date/time information to vulnerability feeds to indicate when they were created and last updated.
- Added the ability to refresh all vulnerability sources with a single button click.
- Added REST API endpoint documentation.
- Added CIS Windows Server 2016 benchmark to list of supported benchmarks.
For more information on which versions of CIS-CAT, jOval, and SCC are supported, see Comply Supported Engines.
Bug Fixes
- Fixed an issue where a report scheduled to run in the future could not have its schedule modified.
- Fixed an issue where saved questions were created with an incorrect set of flags.
- Fixed an issue where package cache timeout was not handled appropriately.
- Fixed an issue where the last report run date was not refreshed without a full browser refresh.
- Fixed an issue where support bundle collection date was not presented to the user.
- Fixed an issue where engines were not correctly filtered by architecture on the Deployment creation page.
- Fixed an issue with Java runnability sensor returning false positives.
- Fixed an issue where invalid Distribute Over time prevented reports from being deployed.
- Fixed an issue where a grey line was displayed in place of CVSS score.
- Fixed an issue where Deployment ID was not exposed on the Deployments page.
- Fixed issues with Red Hat vulnerability feeds so that they are now usable with Comply.
- Fixed an issue where SCC packages could not be uploaded for multiple architectures per Linux distribution.
- Fixed an issue where reports would display an invalid Next Run Time that occurs after the End Time of the report’s schedule.
- Fixed an issue in the UI that incorrectly indicated that start or end time could be cleared from a report schedule.
- Fixed an issue where start and end time were not being passed to Tanium correctly when creating a report.
- Fixed an issue on Windows where a system-installed JRE would be used instead of the JRE put in place by Comply.
- Fixed an issue where a missing log directory would cause vulnerability scan to fail.
- Fixed an issue where platform mismatch error during compliance scan was not properly reported to the user.
- Fixed an issue where single run reports did not properly support the Distribute Over setting.
- Fixed an issue where CVSS score was not displayed with certain CVEs during vulnerability scans.
- Fixed various issues causing errors to not be conveyed to users when errors occur during vulnerability scans.
- Fixed an issue where vulnerability results were duplicated in the result file.
- Fixed an issue with the JRE Is Runnable sensor not returning results.
- Fixed an issue where the tag filter input field would not show up on a benchmark list that had no tags.
- Fixed an issue where custom profile creation would not work on Tanium 6.5.
Known Issues
- Upgrading from previous versions of Comply that contain custom imported benchmarks could cause the benchmark list screen to fail to load. Please contact your TAM prior to upgrading Comply if you have uploaded custom benchmarks.
- Uploading multiple versions of SCC for the same version/platform/architecture but different Linux distribution will cause the last uploaded engine to be used for all instances. For example, uploading the 64-bit Debian SCC 4.1.1 then the 64-bit RHEL7 SCC 4.1.1 will result in both pointing to the RHEL7 package.
- Tanium Comply does not support any benchmarks that require authentication.
- Endpoint computers with less than 2GB of installed RAM may not have enough free memory to run the CIS-CAT engine when evaluating CIS checklists.