PCalomeni
Moderator
Moderator

Today we are releasing a maintenance version of Jamf Pro.

Jamf Pro 11.1.1 fixes the following product issues:

Jamf Pro Server: Security Issues

  • [PI115207] Updated a third-party library to resolve a known vulnerability (CVE-2023-34055).

Jamf Pro Server

  • [PI111014] [PI109336] Enrollment for computers no longer fails when user-initiated enrollment and PreStage enrollment settings are configured with identical management account credentials.
  • [PI111120] The user account creation step of Setup Assistant for macOS is no longer incorrectly skipped when a PreStage enrollment is configured to skip the "Transfer Information" and "Location Services" steps.
  • [PI111481] [PI103338] The user account creation step of Setup Assistant for macOS is no longer incorrectly skipped when a PreStage enrollment is configured to both create a management account and enable FileVault.
  • [PI113195] The user account creation step of Setup Assistant for macOS is no longer incorrectly skipped on computers with macOS 14 or later when user-initiated enrollment settings are configured to create a management account.
  • [PI114955] When using an extension attribute as a variable that contains a special character, the special character is no longer returned as a hex value.
  • [PI115086] Resolved a broken access control issue that could result in a denial of service.
  • [PI115599] Authorization tokens for the Jamf Cloud Distribution Service (JCDS) are now refreshed only as needed to keep them valid for JCDS calls. Previously, authorization tokens for JCDS were refreshed every time they were used, which resulted in excessive load on the authorization service and underlying infrastructure.

Other Changes and Improvements

When a computer enrolls with a PreStage enrollment and the Jamf management account is also set to be created during enrollment, the jamf binary will create the account after the first user logs in. This helps avoid several potential issues that could cause user account creation to be skipped in Setup Assistant during Automated Device Enrollment.

 

For additional information on what's included in this release, review the release notes via the Jamf Learning Hub.

To access new versions of Jamf Pro, log into Jamf Account with your Jamf ID. The latest version is located in the Products section under Jamf Pro.

 

Cloud Upgrade Schedule

Your Jamf Pro server, including any free sandbox environments, will be updated to Jamf Pro 11.1.1 based on your hosted data region below. Review this guide if you need assistance identifying the Hosted Data Region of your Jamf Cloud instance.

 

Hosted Region Begins Ends
ap-southeast-2 8 December at 1300 UTC 8 December at 2200 UTC
ap-northeast-1 8 December at 1500 UTC 9 December at 0100 UTC
eu-central-1 8 December at 2300 UTC 9 December at 0900 UTC
eu-west-2 9 December at 0000 UTC 9 December at 0700 UTC
us-east-1-sandbox/us-west-2-sandbox 9 December at 0100 UTC 9 December at 1100 UTC
us-east-1 9 December at 0500 UTC 9 December at 1800 UTC
us-west-2 9 December at 0800 UTC 9 December at 2100 UTC

 

Comments
donmontalvo
Esteemed Contributor III

Do we know if CVE-2023-34055 affects 10.50.0? Or just 11.x?

mike_paul
Contributor III
Contributor III

@donmontalvoYes, the versions of spring-boot listed in CVE-2023-34055 would be present Jamf Pro 10.50 but the CVE wasn't created until after we had already shipped Jamf Pro 11.1.0, hence it being patched in Jamf Pro 11.1.1.  

Version history
Last update:
‎12-07-2023 06:07 AM
Updated by:
Contributors