01-24-2023 06:51 AM - edited 01-31-2023 09:32 AM
Posted on 01-24-2023 07:11 AM
This feature Retrieve FileVault Information via the Jamf Pro API is VERY exciting!
Posted on 01-24-2023 07:16 AM
Indeed, that will be so exciting!
Posted on 01-24-2023 08:29 AM
I've forgotten how many years I've been waiting for this feature! I was in fact someone who submitted a FR for this many years back. Bravo Jamf for finally getting this one done.
Posted on 01-24-2023 07:19 AM
Finally, Jamf added API for Retrieving FileVault Information via the Jamf Pro API. This was a long awaited feature. Thanks Jamf team for bringing this API.
Posted on 01-24-2023 07:19 AM
This is very helpful article as it shows exactly what we are looking for 🙂
Posted on 01-24-2023 07:46 AM
This should not have been skipped in this post.
Posted on 01-24-2023 08:34 AM
Please clarify if you indeed intend to recommend MySQL 8.0.30 and not .31 - .30 is already pretty old and has known security vulnerabilities. It would be great if you could update the documentation if .31 is indeed working, or test internally if you could shiftt your recommendation to .31 .
Posted on 01-24-2023 08:38 AM
The announcements says nothing about security issues, but https://docs.jamf.com/10.43.0/jamf-pro/release-notes/Resolved_Issues.html mentions quite a few CVEs, some of them marked as CRITICAL in the NVD.
So how serious are these vulnerabilities for the JSS? How urgent is it to upgrade?
I'm extremely disappointed that JAMF fails again to properly inform its clients and users about the seriousness of the vulnerabilities!
Posted on 01-25-2023 02:16 PM
Hello @mschroder,
Historically we often did not document when we updated 3rd party libraries even if they had identified vulnerabilities within. We have recently changed that with the intention of being more transparent on the upgrade of 3rd party libraries we use, especially if they have corresponding vulnerabilities identified with them.
When we see that a library we use has an identified vulnerability we assess the risk and determine our next course of action. If we find that the issue potentially presents a big risk to our customers we will convey that in different communication means; typically via email, a Jamf Nation post and potentially its very own hot fix release. Often times a vulnerability is identified in a library we use but after investigation we can see that either due to usage or configurations on our part that the risk is exponentially lower. If we determine the risk is lower it just becomes part of our normal development process and will be patched in a future release, as is seen with the entires in this 10.43 release.
As you may remember, the Release Notes > Resolved Issues > Security Issues in Jamf Pro 10.42 was actually longer list than this release and if all goes according to plan the 10.44 release's list of issues resolved will be even longer. That is to say we are attempting to do a better job of patching all libraries we use, regardless of risk presented by them, in all releases. Going along with that we are working at doing a better job of disclosing those items being patched in our release notes.
We intentionally don't list the issues resolved in our beta notes as to not disclose the risks, even if they are low, until a version is available for all customers to download. We also intentionally keep the description of the security issues resolved vague as to not provide greater risks to those customers who cannot update quickly (it also makes my writing of each of those description that much easier). If you feel that you need more information on any of those issues listed don't hesitate to reach out to support.
But rest assured, our intentions is to keep you the most secure in all the means we can. And if something is identified that we feel is a larger risk, we will let you know.
Mike Paul
Product Security Engineer
Posted on 01-27-2023 07:11 AM
Just tried to run upgrade in our test setup for JAMF Pro version 10.43. Servers are running on CENTOS 7 and this is the first time I remember running into this error during installation. Running the install "sudo sh ./jamfproinstaller.run" I get an "Error: Found 8080 in use, but no Jamf Pro web app is running over the port... in the jamf-pro-installer.log file. Our JAMF Setups are configured with SSL and run on port 8443 and not 8080.
Here is a copy of the infomation in the install log for today:
[2023-01-27 09:56:20]: Starting the Linux Jamf Pro Installation
[2023-01-27 09:56:20]: Checking installation requirements...
[2023-01-27 09:56:20]: Checking for a 64-bit OS...
[2023-01-27 09:56:20]: OK
[2023-01-27 09:56:20]: Checking available disk space...
[2023-01-27 09:56:20]: Warning: Available disk space is below the recommended 150 GB to install Jamf Pro. Ensure your server has adequate disk space before proceeding.
[2023-01-27 09:56:23]: Continuing installation requirements...
[2023-01-27 09:56:23]: Checking for Java 11...
[2023-01-27 09:56:23]: Verifying JCE Unlimited Strength Jurisdiction Policy files...
[2023-01-27 09:56:24]: Java JCE files verified
[2023-01-27 09:56:24]: Checking if Tomcat is running...
[2023-01-27 09:56:24]: Stopping Tomcat for the upgrade...
[2023-01-27 09:56:32]: Error: Found 8080 in use, but no Jamf Pro web app is running over the port...
[2023-01-27 09:56:32]: Aborting installer...
[2023-01-27 09:56:32]: Aborting installation due to unsatisfied requirements.
Posted on 01-28-2023 03:14 AM
conditional access or device compliance for macOS? we start to register mac with Conditional access. should i wait of 10.43 and register all mac with device compliance?
Posted on 01-30-2023 09:51 AM
@JustinV, It doesn't look like the 10.43 upgrade happened over the weekend as per emails received from Jamf. Anyone else still see their JSS version showing as 10.42.1? Were the upgrades postponed but no notice sent?
Posted on 01-30-2023 09:55 AM
if you look at the end of this original post, they postponed it back on the 25th.
Posted on 01-30-2023 09:59 AM
Odd, because we received the emails on the 25th saying the upgrades were happening this weekend but no email saying the upgrade was being postponed.
Posted on 01-30-2023 10:03 AM
Hello All,
there were newly discovered issue and hence jamf is holding off the update.
Posted on 01-30-2023 10:15 AM
Obviously, but in the past if an upgrade was being postponed then an email was sent by Jamf letting us know. Adding a line to the bottom of a JN post doesn't seem like a great way to let customers know.
Posted on 01-30-2023 10:57 AM
Hey All,
As we do monitor these post we wanted to share with our community that your concerns are being heard and we will share additional information as soon as it is available.
We appreciate your patience dearly, please be on the lookout for more information.
- Justin
Posted on 01-31-2023 03:29 AM
Anyone heard when Jamf cloud will be upgraded to 10.43?
Posted on 01-31-2023 10:12 AM