|
| 1 | +--- |
| 2 | +title: Azure Automanage machine configuration agent release notes |
| 3 | +description: Details guest configuration agent release notes, issues, and frequently asked questions. |
| 4 | +author: timwarner-msft |
| 5 | +ms.date: 09/13/2022 |
| 6 | +ms.topic: conceptual |
| 7 | +ms.author: timwarner |
| 8 | +ms.service: machine-configuration |
| 9 | +--- |
| 10 | +# Azure Automanage machine configuration agent release notes |
| 11 | + |
| 12 | +[!INCLUDE [Machine config rename banner](../includes/banner.md)] |
| 13 | + |
| 14 | +## About the guest configuration agent |
| 15 | + |
| 16 | +The guest configuration agent receives improvements on an ongoing basis. To stay up to date with the most recent developments, this article provides you with information about: |
| 17 | + |
| 18 | +- The latest releases |
| 19 | +- Known issues |
| 20 | +- Bug fixes |
| 21 | + |
| 22 | +For information on release notes for the connected machine agent, please see [What's new with the connected machine agent](/azure/azure-arc/servers/agent-release-notes). |
| 23 | + |
| 24 | +## Release notes |
| 25 | + |
| 26 | +### Guest Configuration Linux Extension version 1.26.38 |
| 27 | + |
| 28 | +In this release, various improvements were made. |
| 29 | + |
| 30 | +- You can now restrict which URLs can be used to download machine configuration packages by setting the allowedGuestConfigPkgUrls tag on the server resource and providing a comma-separated list of URL patterns to allow. If the tag exists, the agent will only allow custom packages to be downloaded from the specified URLs. Built-in packages are unaffected by this feature. |
| 31 | + |
| 32 | +## Fixed |
| 33 | + |
| 34 | +- Resolves local elevation of privilege vulnerability [CVE-2022-38007](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38007). |
| 35 | +- If you're currently running an older version of the AzurePolicyforLinux extension, use the PowerShell or Azure CLI commands below to update your extension to the latest version. |
| 36 | + |
| 37 | +```powershell |
| 38 | +Set-AzVMExtension -Publisher 'Microsoft.GuestConfiguration' -Type 'ConfigurationforLinux' -Name 'AzurePolicyforLinux' -TypeHandlerVersion 1.26.38 -ResourceGroupName 'myResourceGroup' -Location 'myLocation' -VMName 'myVM' -EnableAutomaticUpgrade $true |
| 39 | +``` |
| 40 | + |
| 41 | +```azurecli |
| 42 | +az vm extension set --publisher Microsoft.GuestConfiguration --name ConfigurationforLinux --extension-instance-name AzurePolicyforLinux --resource-group myResourceGroup --vm-name myVM --version 1.26.38 --enable-auto-upgrade true |
| 43 | +``` |
| 44 | + |
| 45 | +## Next steps |
| 46 | + |
| 47 | +- Set up a custom machine configuration package [development environment](./machine-configuration-create-setup.md). |
| 48 | +- [Create a package artifact](./machine-configuration-create.md) |
| 49 | + for machine configuration. |
| 50 | +- [Test the package artifact](./machine-configuration-create-test.md) |
| 51 | + from your development environment. |
| 52 | +- Use the `GuestConfiguration` module to |
| 53 | + [create an Azure Policy definition](./machine-configuration-create-definition.md) |
| 54 | + for at-scale management of your environment. |
| 55 | +- [Assign your custom policy definition](../policy/assign-policy-portal.md) using |
| 56 | + Azure portal. |
| 57 | +- Learn how to view |
| 58 | + [compliance details for machine configuration](../policy/how-to/determine-non-compliance.md) policy assignments. |
0 commit comments