1. Overview

The following table outlines the release particulars:

Build

20.12.541

Code name

Galileo, 20.12 update 2

Release date

16 February 2021

Type

Maintenance release

SHA-256 Digest

9fc22923ae3b11af19c93adcd56af756f5d6a38e4385bb22414f279a9e80fea9

2. Improvements, fixes, and performance enhancements

  • Updates Console and Defender containers to comply to the U.S. Air Force Platform One Security Technical Implementation Guide (STIG) for base images.

  • Adds support for OpenShift 4.7.

  • Adds support for Azure Kubernetes Service (AKS) 1.19.

  • Adds support for allow-lists for DNS and IP addresses in host runtime network protection rules. The Console UI will display the new allow-list fields in the rule dialog, but Defenders will silently ignore the new settings until they are upgraded to 20.12 update 2.

  • Fixes the path to runC for Kubernetes on DC/OS.

  • Fixes an issue where manual backups cannot be created when database collections are larger than 4 GB.

  • Fixes an issue in the UI where the summary table of registry scan reports (Monitor > Vulnerabilities > Images > Registries) reported zero vulnerabilities for an image even if the scanner failed to pull the image. The UI now correctly reports a download error.

  • Updates the Intelligence Stream to show the vendor score for vulnerabilities in packages from SUSE distributions.

  • Reintroduces vendor links for NodeJS CVEs.

  • [Enterprise Edition (SaaS)] Fixes authentication in twistcli when Prisma Cloud has Trust Login Addresses enabled.

  • Updates open source packages used in Prisma Cloud Compute components.