Skip to main content

File Inspection Engine changelog

The changelog contains references to our internal ticketing system. We use the Keep a Changelog format.

v1.2.1

March 2025

Changed

  • Improved accuracy of the error message in the /scan endpoint response. The response now contains the message "Analysis not accepted due to high processing load" if FIE cannot accept new samples due to too many unpacked samples being processed at the same time. [FIE-208]
  • Logging cleaned up. [FIE-208]

Fixed

  • Fixed multiple high security vulnerabilities. [FIE-210, FIE-211]

v1.2.0

February 2025

Added

  • When the decompression ratio is reached, the response will contain an "Exceeds decompression ratio." message in the errors field in the /scan endpoint. [FIE-150]
  • A warning is logged when a boolean command line parameter isn't passed correctly [FIE-38]. Reminder:
    • Correct ✅:
      • --example-parameter=true
      • --example-parameter (implied true)
      • --example-parameter=false
    • Incorrect ❌:
      • --example-parameter true
      • --example-parameter false
  • The File Inspection Engine now includes /livez and /readyz endpoints for liveness and readiness checks, respectively, ensuring compatibility with container orchestration tools like Kubernetes. [FIE-34]

Changed

  • FIE now returns the "429 Too Many Requests" HTTP status when Spectra Core is busy, and not only in case the RL_CONCURRENCY_LIMIT value has been exceeded. In practice, this means that you can see the 429 response when only a few files are being analyzed (if one or more such files is highly complex, i.e. contains many child files). [FIE-140]
  • Spectra Core updated to version 5.2.3. [FIE-199]
  • The response format for the /scan endpoint has been changed [FIE-150]:
    • An errors array has been added to the response to replace the deprecated message field.
    • analysis_information has been added as an optional section with analysis metadata. This section also contains a partial_unpacking boolean (true when a file hasn't been fully unpacked/extracted.

Deprecated

  • In the /scan endpoint, the message field is deprecated; use errors instead. The message field contains all errors from the errors array combined into one string (separated by semicolons). [FIE-150]

Removed

  • Command line options, and their corresponding environment variables [FIE-144]:
    • --cloud-threat-data / RL_CLOUD_THREAT_DATA
    • --tmp-dir / RL_TMP_DIR
    • --core-dir / RL_CORE_DIR
    • --core-config-dir / RL_CORE_CONFIG_DIR

Fixed

  • Inconsistent handling of invalid configuration values. Now, if a value is not within the allowed range, it is automatically set to the default. [FIE-193]

v1.1.1

January 2025

Fixed

  • Fixed multiple security vulnerabilities [FIE-170, FIE-172]

v1.1.0

January 2025

Added

  • Spectra Core updated to version 5.2.1. [FIE-77]
  • Configurable maximum allowable decompression factor for files. [FIE-133]
  • Added logic to retry failed updates with the threat-data command. All attempts are logged, and the command exits with an error code if retries are exhausted. [FIE-42]
  • File Inspection Engine now logs configuration parameters at application start. [FIE-21]

Changed

  • The /version endpoint was replaced with /status, and now also returns application configuration and the license expiration date. [FIE-21]

Fixed

  • Typo in error messages related to misconfigured Cloud account. [FIE-57]
  • Fixed security vulnerabilities. [FIE-46] [FIE-148]

Deprecated

  • The /version endpoint, while still available, is considered deprecated. [FIE-21]

v1.0.2

November 2024

Added

  • Implemented configurable concurrency rate limiting for HTTP requests, with a default limit of 20. [FIE-41]
  • Improved logging. [FIE-96]
  • Stop the application if tmpfs reaches 100% usage. [FIE-112]

Fixed

  • Fixed high security vulnerabilities. [FIE-54, FIE-55]
  • Fixed a medium security vulnerability. [FIE-86]

v1.0.1

November 2024

  • Fixed a high security vulnerability. [FIE-76]

v1.0.0

November 2024

General Availability

This is the first public release of the product, moving from Alpha to General Availability.

Added

  • Users can now configure the depth of file unpacking at container startup. [FIE-32]
  • Configurable timeout option added to limit the maximum scan time in Docker. If the scan exceeds this limit, the application returns an error message. [FIE-29]

Updated

  • Updated to the latest Red Hat Universal Base Image (UBI8) to address vulnerabilities.
  • Integrated the latest release of the ReversingLabs static analysis engine to improve scanning capabilities.

Fixed

  • Corrected processing behavior for empty files. [FIE-35]
  • Removed certain error messages that appeared at startup without providing actionable information.
  • Resolved multiple STIG (Security Technical Implementation Guides) requirements to enhance system security and compliance.