Base 8.3.0 release notes
🚨 Action Required
Stronger enforcement of critical security patches (On-premises only)
To reduce the risk of appliances running with known vulnerabilities, critical security patch enforcement has been strengthened in the following ways:
- For critical updates that install without downtime, the option to opt out is removed and these updates are now applied automatically.
- For critical updates that require downtime, you can still opt out, but doing so requires you to explicitly acknowledge that you assume responsibility for the associated risk.
- If an appliance has not successfully communicated with the update server within a defined time window, key functionality is degraded or disabled. This prevents appliances that are disconnected from updates, whether intentionally or through misconfiguration, from continuing to operate indefinitely in a potentially vulnerable state.
Important informationThis change removes the ability to opt out of seamless critical security updates. Review your patch management process before upgrading.
🆕 New features and enhancements
Remote syslog now follows OCSF structure
- Base Software 8.3 changes what the appliance forwards over syslog to a Security Information and Event Management (SIEM) platform, and how those events are structured.
- Added log categories now exist for on-premises appliances only.
For information, see Base syslog guide.
List all installed patches in /appliance
Administrators can now view a complete list of all installed patches, including both application and firmware updates, directly from /appliance. This provides a single, centralized view of patch history without needing to check multiple locations.
Progress bar for local file uploads
Local file uploads now display an estimated progress bar instead of a generic busy spinner, giving you clearer visibility into how long an upload will take to complete.
Removed the opt-in default certificate mechanism
The opt-in default certificate mechanism is removed, simplifying certificate configuration and reducing the risk of relying on default certificates.
🛠️ Issues resolved
| Product area | Description | Resolution |
|---|---|---|
| Authentication | Signing in through the /appliance SSO handoff could fail with an HTTP 400 error when the browser's cookie jar was too large for the nginx request-header buffer. | The /appliance SSO handoff now correctly processes large cookie jars without exceeding the nginx request-header buffer size. |
| Configuration | Configuring a failover cluster could fail with a communication error when IPv6 was enabled. | Failover cluster configuration now completes successfully when IPv6 is enabled. |
📝 Notes
- Base 8.3.0 includes Service Pack 42
- Base 8.3.0 requires Base 8.1.0+
- Certified for GA for all currently supported appliance models.
- Verified for:
- 26.2.1 RS
- 26.2.1 PRA