Fastly engineers are aware of a recent change to some package file names due to a new release process. We are currently working on a fix for this issue.

All other services are unaffected.

This issue has been identified and a fix is being implemented.

Customers seeing errors pulling from our Alpine apk repository via apk can pull .apk packages manually from our apk site: https://apk.signalsciences.net/?prefix=3.17/main/ or download site: https://dl.signalsciences.net/?prefix=sigsci-agent/4.39.1/alpine/

Cloud Foundry customers can set the SIGSCI_DISABLE_CHECKSUM_INTEGRITY_CHECK environment variable as true to disable the package checksum verification during the install process until a fix is released.

A fix has been implemented and we are monitoring the results.

This incident has been resolved.

Our teams have detected an issue that impacts Signal Sciences data collectors beginning at 00:53 UTC. Agents may appear offline in dashboard/API, agents will not receive rule updates; rate limit rules, templated rules and sites alerts will not take new traffic into account; new traffic will not appear in the dashboard/API. Customers may experience delays in data available in the Signal Sciences console.

This issue has been identified and a fix is being implemented. 

A fix has been implemented and we are monitoring the results.

This incident has been resolved.

Our teams have detected an issue that is currently impacting Signal Sciences data collectors. New events from agents may not be processed by our back end services, agents may erroneously appear to be offline, and agents may not be receiving updated rules sets. Customers may experience delays in data available in the Signal Sciences console.

A fix has been implemented and we are monitoring the results.

This incident has been resolved.

Our teams have identified impact to the Signal Sciences Rule Builder from approximately 20:48 UTC to 21:15 UTC.

During this time new rule sets would not be pushed to agents. Customers sites would continue being protected by previous rule sets during this time.

Agents should have received updated rules sets once systems recovered.

This incident has been resolved.

We are currently investigating issues surrounding customers trying to download noarch packages via yum and receiving a 404 response. Direct downloads of these packages via https://dl.signalsciences.net/ can be used as a temporary workaround.

The issue has been identified and a fix is being implemented.

This Incident has now been resolved

We are continuing to investigate and monitor this issue as an isolated incident, please continue to send and monitor ticket updates via email (securitysupport@fastly.com) while we investigate.

Issue has been isolated and determined to be impacting customers whom have enabled SSO and have not accepted the invite sent from the console. Logging in directly from SSO will prevent customers from viewing, updating and interacting with tickets in the console. Fastly advises customers to accept the invite send from the console to resolve their issues with ticket logging and interactions.

Fastly is aware of an expected critical vulnerability the OpenSSL project is expected to disclose in the near future. We are studying the currently available information surrounding this vulnerability and do not currently believe that Signal Sciences is vulnerable. We will continue to monitor as additional information is released and will provide our customers with more information as available.

Fastly has reviewed the initial notification from OpenSSL regarding CVE-2022-3786 and CVE-2022-3602. We have analyzed the versions of OpenSSL in use at Fastly, and verified that we do not use OpenSSL 3.x. Fastly and customer usage of Fastly services are not vulnerable to CVE-2022-3786 or CVE-2022-3602.