01-04-2022 06:54 AM - edited 01-04-2022 06:59 AM
Good morning Jamf Nation!
Today we released Jamf Pro 10.35 which includes support for user deferrals for macOS Software Updates, cloud identity provider page enhancements and Bearer Authentication for Classic API.
Jamf Pro Security Issues
Jamf provides the CVE-ID for security issues with high or critical severity when possible.
[PI-010403] This release fixes a security vulnerability with Jamf Pro. The Jamf Pro installers have been updated to include Apache Log4j 2 version 2.15.0, which remediated the vulnerability (CVE-2021-44228). This bug fix is also included in Jamf Pro 10.34.1 or later.
[PI-010408] This release fixes a security vulnerability with Jamf Pro. The Jamf Pro installers have been updated to include Apache Log4j 2 version 2.16.0, which remediated a log4j vulnerability (CVE-2021-45046). This bug fix is also included in Jamf Pro 10.34.2 or later.
[PI-010417] This release fixes a security vulnerability with Jamf Pro. The Jamf Pro installers have been updated to include Apache Log4j 2 version 2.17.0, which remediated the vulnerability (CVE-2021-45105).
To learn more about new features and additional resolved issues please read full release notes here.
Cloud Upgrade Schedule
Your Jamf Pro server, including any free sandbox environments, will be updated to Jamf Pro 10.35 based on your hosted data region below.
Need assistance identifying the Hosted Data Region of your Jamf Cloud instance? Check out this guide to find out how.
|ap-southeast-2||Jan 7 at 1300 UTC||Jan 7 at 2200 UTC|
|ap-northeast-1||Jan 7 at 1500 UTC||Jan 7 at 2300 UTC|
|eu-central-1||Jan 7 at 2300 UTC||Jan 8 at 0900 UTC|
|eu-west-2||Jan 8 at 0000 UTC||Jan 8 at 0700 UTC|
|us-east-1 sandbox/us-west-2-sandbox||Jan 8 at 0100 UTC||Jan 8 at 1000 UTC|
|us-east-1||Jan 8 at 0500 UTC||Jan 8 at 1700 UTC|
|us-west-2||Jan 8 at 0800 UTC||Jan 8 at 2100 UTC|
For real-time messages about your upgrade, subscribe to alerts.
For information on what's new in Jamf Pro 10.35, please review the release notes.
Posted on 01-04-2022 07:26 AM
Is the .1 release planning to incorporate log4j 2.17.1 since the 2.17 has since been deemed vulnerable? 😫
Posted on 01-06-2022 11:47 AM
FYI, as per the previous "manual" instructions I updated my 10.32.1 on prem instances (two prod, one dev) to 2.17.1 without issue.
Posted on 01-11-2022 06:00 PM
Jamf Pro is apparently not vulnerable to the issue fixed in log4j 2.17.1. This means we can choose to manually update, or wait for the next Jamf Pro update.
Posted on 01-04-2022 07:49 AM
So slightly more info than the useless email, but no where near what you were providing a year ago. PLEASE PROVIDE UPDATE INFORMATION IN YOUR EMAILS!
Emails have not decreased from Jamf. I get several per week. But important email like this only says there's a new version.
01-04-2022 07:53 AM - edited 01-04-2022 07:55 AM
Posted on 01-04-2022 07:58 AM
I stopped receiving emails and had to open a support case to get it fixed. but now I know ahead of this weekend that Jamf Pro 10.35 will be rolled out
Posted on 01-04-2022 07:58 AM
I'm a big fan of getting alerted to check out the forums (who has time to manually check anyways?) but disappointed with the speed of some of the "critical" road map items for future Jamf release version. Here's to hoping! 🤞
Posted on 01-04-2022 06:26 PM
Jamf Admin 10.35.0 has a major bug, it fails to upload package manifests, workaround for now is to continue to use an older version of Jamf Admin, such as 10.34.1 or 10.34.2 (I had forgotten about 10.34.2 when I resolved my issue by going back to 10.34.1). I have logged Case # JAMF-3317981, but thought people should know about the issue.
Posted on 01-04-2022 11:38 PM
Hello guys, we're also affected by that issue. Wakco's workaround works. We also opened a support case.
Posted on 01-05-2022 03:29 PM
Ran into this as well. The specific manifestation for this is that there will be a failure message when trying to upload. The file will actually copy to the server but you will not be able to delete from within Jamf admin. I found that I could, via the web interface, "add" the package that was already on the distribution point manually, and when launching Jamf admin the package would show up, minus the checksum. But the earlier version of Jamf admin works better as already noted.
01-05-2022 04:02 AM - edited 01-05-2022 04:03 AM
Posted on 01-05-2022 03:24 PM
A bug in a new release seems to be right topic
Posted on 01-05-2022 05:17 AM
So the real question here is, as an on-prem instance..do we NEED to upgrade to 10.35? We are currently on 10.34.2.
Posted on 01-05-2022 05:31 AM
I think it depends on the release notes. All log4J related and security is always interesting to do the update asap. But 10.35.0 had a very short beta, is suppose it's because of the log4j stuff it was released so quickly.
we see on our on prem a performance degrad of about 30% in comparison to 10.34-2 after updating to 10.35.0.
Also opened a tix for that.
Posted on 01-05-2022 03:31 PM
Can you define the performance degradation? Which tasks or processes? All of them?
Posted on 01-06-2022 12:48 AM
All of them. The entire GUI is awfully slow. We got some help from support which makes it a little better, but compared to previous release it's very non.reactive.
Posted on 01-05-2022 03:37 PM
I see in the release notes that Jamf Remote will not be supported in a future release. This is terrible. The web interface does NOT provide equivalent functionality. There are no IMMEDIATELY install package options, immediately run custom command options, immediately run script options, screen sharing options. Removing a competitive advantage compared to other tools doesn't make much sense to me. ( Don't tell me there are other tools, the point is not needing to use other tools if you have Jamf.)
01-06-2022 07:06 AM - edited 01-06-2022 07:19 AM
"It is recommended to use TeamViewer.." LOL. Love how tech writers switch to passive voice when they tell you that their product is a failure and you're going to have to buy another product to make up for it.
Posted on 03-15-2022 01:36 PM
And team viewer doesn't let you QUICKLY AND IMMEDIATELY push out packages and scripts to dozens of computers without waiting for checkin or dependency on apples servers. Jamf is not going to exist in 5 years. Everyone of it's competitive advantages, things no other product could accomplish are being mothballed. Jamf is only a bit better at doing some things than other products, which are cross platform by the way. If you are only going to support one platform you can't only be marginally better. The bean counters don't care about your marginal productivity. My university is abandoning Jamf quickly; I believe I am only one of two departmental holdouts.
Posted on 01-07-2022 07:36 AM
I use Jamf Remote heavily so this will be sorely missed if there is no replacement. I will admit though that when we went completely offsite when covid first hit that it was the kick in the pants to realize that something needed to change since it was useless in that situation.
Posted on 01-10-2022 05:47 PM
What do you mean Jamf remote was useless off site? We used it very heavily while we were working remote. Worked great! You did setup a vpn to access to your remote site first right?
Posted on 01-11-2022 08:40 AM
Our users aren't connected to vpn unless they absolutely have to.
Posted on 01-14-2022 01:36 PM
So you are trying to use Jamf remote to control users devices that are also offsight?
Posted on 01-11-2022 01:30 AM
we also have performance trouble since 10.35
Posted on 01-12-2022 12:50 AM
Significant slowdowns for us also since 10.35
Posted on 01-12-2022 12:55 AM
We had with support some cleanups in DB but this did not resolve the performance degradation. Windows stay white for 20 secs before displaying the content. Working on multiple tabs in browser is in the meantime impossible as content is shown minutes later.....
Posted on 01-18-2022 09:48 AM
Anyone else seeing a package with a custom manifest no longer deploying from a Prestage with this version?
02-14-2022 06:36 AM - edited 02-14-2022 06:37 AM
Bad latency issues for us since 10.35. Going on for two weeks now. Jamf needs to patch this version ASAP. My only saving grace is to use a dedicated M1 with Safari. It helps, but not much. This is the first time an update was so impactful to our system.😞
02-15-2022 05:32 AM - edited 02-15-2022 05:34 AM
it seems that a hotfix 10.35.1 is available.