Predix Edge Agent Release Notes 2.3.1
Security Issues
This is an out of band maintenance release for security issues identified in Predix Edge Agent, versions 2.3.0 and prior. It is recommended you apply this fix as soon as possible, especially if you are running Predix Edge in a production environment.
- Fixed an issue that could result in local privilege escalation for an attacker with write access to /tmp.
- Fixed an issue where a signed SSH key could bypass validation.
- Fixed an issue where a Predix Edge application could bypass application signing enforcement.
- Fixed an issue where a Predix Edge application could bypass validation.