IMPORTANT: This site is planned to be decommissioned in 2026. Visit the Tanium Resource Center for all Tanium release notes, user guides, and support information. To view release notes in the Resource Center, see Tanium Release Notes.
IMPORTANT: If you are using semi-annual releases for on premises, see the Release notes for 2024H1 semiannual release, Release notes for 2024H2 semiannual release, or Release notes for 2025H1 semiannual release on the Tanium Resource Center.
Effective October 15, 2024: On prem release notes on the Tanium Knowledge Base are frozen. For release notes related to 7.4 or 7.5 Server and Solutions, see the Monthly updates for Tanium Version 7.4 and 7.5 Server and Solutions on the Tanium Resource Center.
Release Notes Comply (Version 1.2.7)
Tanium Comply 1.2.7
Release Date: May 9, 2017
Feature Improvements
- Added the ability to encrypt JREs when deployed to endpoints and dissolve the JRE after a scan has completed.
- Added support SCC 4.2. Also added the ability to upload the inner archives from SCC packages. This requires users to upload roughly half as much to Comply for SCC.
- Added additional sorting options to vulnerability report results.
- Added additional compliance rule information (fix text, rationale, description) when drilling down on a rule result.
- Added a feature that displays the list of supported versions when uploading engines to Comply.
- Added the ability to specify tags when importing individual benchmarks as well as the ability to modify the tags of existing benchmarks.
- Added the ability to cancel a vulnerability scan that is in progress.
- Added support for server JRE packages.
For more information on which versions of CIS-CAT, jOval, and SCC are supported, see Comply Supported Engines.
Bug Fixes
- Fixed an issue where a failed vulnerability source import would report success.
- Fixed an issue where the Computer Group popover widget couldn't be dismissed.
- Fixed an issue where a completed vulnerability scan that contained no positive vulnerabilities would display that the report had not yet been deployed.
- Fixed an issue where the last modified date on a vulnerability source was not being updated when the source was updated/reprocessed.
- Fixed an issue where benchmarks with no tags would prevent the benchmark list from being displayed.
- Fixed an issue where a compliance rule's "Fix text" value wasn't being correctly imported.
- Fixed a number of inconsistencies with browser "back" button behavior.
- Fixed an issue where the custom profile modal window would extend beyond the browser window's viewport.
- Fixed an issue that prevented users from uploading SCC for more than one Linux distribution.
- Fixed an issue where uploaded files were not being properly removed after processing.
- Fixed a couple of issues around solution uninstall and upgrade.
- Fixed an issue where a report scheduled to run in the future could not be deployed with the Deploy Now button.
- Fixed an issue where some report and engine deployment error messages were not being displayed to users.
- Fixed an issue where provided CVE URL was causing unnecessary redirects.
- Fixed an issue where vulnerability results would not be displayed under certain sorting conditions.
- Fixed script error in Is Java Runnable sensor.
- Fixed an issue that prevented benchmarks with SCE files from being imported during bulk import.
- Fixed an issue where a custom profile's title would display as "Unknown" on the report results screen.
- Fixed an issue where an invalid meta mapping file would cause a scan to fail on Windows endpoints.
- Fixed an issue where RHEL SCC bundles could not be uploaded.
- Fixed an issue where custom check results on Linux/OS X would not be properly reported in aggregate statistics.
- Fixed an issue where the vulnerability execution script would fail when using the SCC engine.
- Fixed an issue where deployment statuses would be reported against the wrong deployment.
- Fixed an issue where engine names were unsorted on the deployment creation screen.
- Fixed an issue where "Cancel running scan" message would be displayed when a scan was not in flight.
Known Issues
- Vulnerability scanning using the SCC engine is known to have issues during content validation.
- Tanium Comply does not support any benchmarks that require authentication.
- Endpoint computers with less than 2GB of installed RAM may not have enough free memory to run the CIS-CAT engine when evaluating CIS checklists.