1.23.0 — 19th May
eBPF’s 1.23.0 release provides the following updates:
Updates
Support for OpenSSL 3.3+
Added compatibility for OpenSSL version 3.3 and above, ensuring continued TLS key capture capabilities with the latest OpenSSL releases.
Resolved Issues
Stat Count Mismatch
Resolved an issue where statistical counters could show mismatched values under certain conditions.
1.22.0 — 30th April
eBPF’s 1.22.0 release provides the following updates:
Resolved issue
Security fix for eBPF vulnerabilities
Addressed eBPF-related vulnerabilities to improve the agent's overall security and stability.
1.21.0 — 31st January
eBPF’s 1.21.0 release provides the following updates
Update
Optimized TLS Probing for Reduced CPU Usage
The eBPF tracer now includes an option to optimize CPU usage for OpenSSL/BoringSSL-based processes. Instead of placing uprobes on the frequently calledSSL_read
andSSL_write
functions, which can lead to high CPU overhead for some processes like Ruby, the tracer can now place probes on the TLS handshake function. This ensures uprobes are executed only once per new TLS connection, significantly reducing performance impact for applications with frequent SSL function calls.Example Configuration:
ssl_keylog_include_rules: - exec_name: ruby
Uprobes per monitored Process
Introduced support for attaching uprobes on a per-process basis, offering lesser overhead to unmonitored process using shared libraries.