Edit

Share via

Azure machine configuration agent release notes

  • Article

About the machine configuration agent

The machine configuration agent receives improvements on an ongoing basis. To stay up to date with the most recent developments, this article provides you with information about:

  • The latest releases
  • Known issues
  • Bug fixes

For information on release notes for the connected machine agent, see What's new with the connected machine agent.

Windows extension release notes

Version 1.29.86.0 - January 2025

Updated

  • Updated OpenSSL from version 3.3.2 to 3.4.0.

Version 1.29.85.0 - October 2024

Updated

  • Updated OpenSSL from version 3.3.1 to 3.3.2.

Fixed

  • Added time-outs to address an issue that caused the agent to become unresponsive when trying to read a response from the service. If the agent takes more than 3 minutes to read a response or send a request to the service, it will now time out and continue execution.

Version 1.29.82.0 - September 2024

New Features

Extension for Linux extension release notes

Version 1.26.80 - January 2025

Updated

  • Updated OpenSSL from version 3.0.15 to 3.4.0.

Version 1.26.79 - October 2024

Fixed
  • Added time-outs to address an issue that caused the agent to become unresponsive when trying to read a response from the service. If the agent takes more than 3 minutes to read a response or send a request to the service, it will now time out and continue execution.

Version 1.26.77 - September 2024

Updated

  • Updated OpenSSL from version 3.0.14 to 3.0.15.

Version 1.26.76 - September 2024

New Features

Version 1.26.48 - January 2023

New Features

  • Added support for Linux distributions such as Red Hat Enterprise Linux (RHEL) 9, Mariner 1 and 2, Alma 9, and Rocky 9.

Fixed

  • Improved reliability for the guest configuration policy engine.

Version 1.26.38

In this release, various improvements were made.

  • You can now restrict which URLs can be used to download machine configuration packages by setting the allowedGuestConfigPkgUrls tag on the server resource and providing a comma-separated list of URL patterns to allow. If the tag exists, the agent only allows custom packages to be downloaded from the specified URLs. Built-in packages are unaffected by this feature.

Fixed

  • Resolves local elevation of privilege vulnerability CVE-2022-38007.
  • If you're currently running an older version of the AzurePolicyforLinux extension, use the PowerShell or Azure CLI commands in the following examples to update your extension to the latest version.
$params = @{
    Publisher              = 'Microsoft.GuestConfiguration'
    Type                   = 'ConfigurationforLinux'
    Name                   = 'AzurePolicyforLinux'
    TypeHandlerVersion     = '1.26.38'
    ResourceGroupName      = '<resource-group>'
    Location               = '<location>'
    VMName                 = '<vm-name>'
    EnableAutomaticUpgrade = $true
}
Set-AzVMExtension @params

az vm extension set \
    --publisher Microsoft.GuestConfiguration \
    --name ConfigurationforLinux \
    --extension-instance-name AzurePolicyforLinux \
    --resource-group <resource-group> \
    --vm-name <vm-name> \
    --version 1.26.38 \
    --enable-auto-upgrade true

Next steps