Nessus 8.11.1 Release Notes - 2020-08-20

Changed Functionality and Performance Enhancements

  • nessusd.dump Log File Millisecond Timestamps - When the advanced setting logfile_msec is enabled, millisecond resolution is enabled for nessusd.dump log file timestamps. Previously, only the nessusd.messages log file supported this setting.

    For more information, see Advanced Settings in the Nessus User Guide.

  • Added Context for Security Notes - Nessus scan security notes now show the IP address and plugin ID of the target and plugin that produced the note, adding critical context which is useful for debugging.
  • Duplicate Agent Detection - Nessus Manager detects duplicates agents that have the same MAC address. When the agent setting detect_duplicates is enabled, agents detected as a duplicate automatically unlink and reset its Tenable UUID.

  • Updated jQuery third party library - Upgraded the version of jQuery used in the online Nessus API documentation, to remove security vulnerabilities reported in the older version.

For more information about the features and functionality supported in this release, see the Nessus 8.11.x User Guide.

Bug Fixes

Bug Fix Defect ID Applies to
Added protections to prevent out-of-bounds memory access in the NASL process space. - All Nessus versions
Added validation checks to the JSON config file used for streamlined scanner deployment. 01027462 All Nessus versions
Fixed an issue causing the session timeout to not be honored when the user was on the Settings > About page. - Nessus Professional, Nessus Manager
Added systemd support for Debian/Ubuntu on versions that use systemd over init.d, to address an issue with running as non-root user. 00847209 Nessus Professional
Fixed an issue encountered in Google Chrome where the navigation links were only clickable from the bottom. 00920107 Nessus Professional
Fixed a pagination issue with host discovery scan results when a large number of hosts was returned. 01025309 Nessus Professional
Fixed an issue where Agent scans configured with a 24-hour scan window would miss the next day's launch due to unfinished processing for the current scan. 01020512 Nessus Manager
Updated DB access settings to prevent the possibility of DB corruption on Nessus Manager configured as a Cluster Manager. 01041759 Nessus Manager
Fixed an issue where scanners managed by Tenable.io would not update plugins if a core software update was also pending. 00908570 Tenable.io-linked scanners
Fixed a race condition that could cause scan results to not be detected as completed, resulting in aborted scan chunks. 01025683 Tenable.io-linked scanners

Upgrade Notes

  • You can upgrade to the latest version of Nessus from any previously supported version.
  • If your upgrade path skips versions of Nessus, Tenable recommends reviewing the release notes for all skipped versions to learn about new features and bug fixes.
  • Tenable.io-linked scanners receive the latest software update starting one week after the Nessus general availability (GA) date.

    • If you want your scanners to automatically update to the newest version prior to that date, set your Nessus Update Plan to Opt in to Early Access releases.
    • If you want to manually update your scanners to the latest version prior to that date, disable automatic updates so the scanner does not automatically downgrade to the previous version.
  • For Nessus 8.8.0 and later running on Windows, you must install Visual C++ Redistributable for Visual Studio 2015 on the host operating system. The following Windows versions require a minimum Service Pack to be installed:

    • Windows 7 SP1
    • Windows Server 2008 SP2
    • Windows Server 2008 R2 SP1