January 2024 Linux Agent Release

v6.11.2 Release Notes

This release fixes the following issues that can occur when you enable active package detection for agent v6.11:

Files are kept open on Linux kernel versions earlier than 3.14.
Excessive use of disk space or file descriptors on Linux kernel versions earlier than 3.12

Ability to verify the status of the agent - Starting in this release, you can use the following command to verify the status of the agent process (datacollector):
```
sudo /var/lib/lacework/datacollector -status
```
The status can be one of the following:
- ACTIVE - The agent process is up and running.
- STARTING - The agent process is starting.
- OFFLINE - The agent process is not running. This can happen if you stopped the agent process. For more information, see Start, Stop, or Restart Lacework Agent.
Support for detecting active and inactive PHP packages on hosts and containers - The Lacework platform can now detect active and inactive PHP packages on hosts and containers if you do the following:
1. Install Linux agent v6.11 or later on hosts or containers.
2. Enable active package detection for the agent. For more information, see How do I enable active package detection?.
3. Enable Agentless Workload Scanning on the hosts.
This enables you to know whether a vulnerable PHP package is being used by an application and prioritize fixing active vulnerable packages first. Use the Package status filter in the Host Vulnerabilities page and Container Vulnerabilities page to see active or inactive vulnerable PHP packages on hosts and containers. See Host Vulnerability - Package Status for details.

Ecosystem certification - Lacework now supports the following new certified ecosystems, allowing you to deploy agents to these environments with assurance that there are no security gaps in your workloads.
- Oracle Linux Server versions 8.7, 8.8, and 8.9