Warenkorb

keine Produkte im Warenkorb

Sophos Firewall Update - SFOS v17.6 MR6

Sophos Firewall OS (SFOS) Update v17.5 – MR6 veröffentlicht

Sophos hat die Version 17.5 MR6 für das Sophos Firewall OS (SFOS) veröffentlicht.

Hinweis: Für weitere Informationen zum Upgrade, schaut euch folgenden Post an: SFOS Firmware auf Sophos Firewall aktualisieren.

Info: Sophos hat die kürzlich entdeckten Sicherheitslücken im Exim-E-Mail-Server geschlossen. Exim wird von der XG Firewall v17.5 verwendet, insbesondere wenn ihr die E-Mail Protection aktiviert habt. Am Freitag, dem 7. Juni 2019, veröffentlichte Sophos bereits einen Over-the-Air-Hotfix für alle XG-Firewalls, bei denen die automatischen Updates aktiviert waren. Wer die Auto-Update-Funktion nicht nutzt oder wem diese nicht zur Verfügung steht, kann die Exim-Sicherheitslücken nun mit dem Upgrade auf v17.5 MR6 schliessen.

Radius SSO-Authentifizierung zwischen XG und APX

Benutzer, die über ein Wifi verbunden sind, können sich nun zwischen einer XG und einem APX Access Point per SSO mit dem Radius verbinden. 👍 Es werden nun auch framed IP-Adressen in client accounting messages unterstützt.

Fehlerbehebungen

  • NC-40785 [API Framework] Incorrect data types and values in API documentation
  • NC-44687 [API Framework] Unable to update webadmin settings when WAF rule with port 80 is configured
  • NC-43933 [Authentication] csd not cleaning up stale connections
  • NC-45077 [Authentication] Some LDAP users are not associated with the expected group
  • NC-45283 [Authentication] Memory leak in access server
  • NC-46024 [Authentication] Guest user registration is not working after upgrading to 17.5 MR4
  • NC-46572 [Authentication] Race condition in access server when setting authserverid
  • NC-44178 [Backup-Restore] Unnecessary selection button when downloading backup without encryption password
  • NC-45532 [Clientless Access] Clientless SMB Bookmark – Unable to upload files in a folder or share with an apostrophe
  • NC-39353 [Core Utils] Brazilian timezone and DST problem
  • NC-40924 [Core Utils] ATP patterns filling up /content/ folder
  • NC-43506 [DHCP] Established connection is destroyed when dynamic WAN interface gets configured
  • NC-46351 [DHCP] DHCP service dies on firmware upgrade
  • NC-43624 [Dynamic Routing (PIM)] Coredump from pimd while applying interfaces in pim-sm in HA-AA case
  • NC-41225 [Email] Assertion while scanning mail with custom file mime type
  • NC-42752 [Email] Issues with certificate chain
  • NC-42986 [Email] Mail application usage reports shows 0bytes for POP and IMAP
  • NC-43179 [Email] Mails stuck in queue when email id contains ‚=‘
  • NC-43285 [Email] Filtering for bounced mails freezes mail log page
  • NC-43399 [Email] „DKIM: validation of body hash failed“ when DKIM signed mail gets forwarded by XG
  • NC-43445 [Email] Mails are split in different header information and hang in spool
  • NC-43539 [Email] Unable to access appliance after restoring backup
  • NC-44131 [Email] Core dumps in smtpd while deleting mail from mail spool page
  • NC-44490 [Email] Unable to use CAs with ECC certificates
  • NC-44559 [Email] Conan engine does not get upgraded on migration
  • NC-44662 [Email] Mails with folded headers might not be processed correctly
  • NC-45144 [Email] Exim complaining about illegal header file
  • NC-45223 [Email] Unable to filter mail log with some special russian characters
  • NC-46145 [Email] Email notification using external mail server not working after upgrading to 17.5 MR4
  • NC-42902 [Firewall] IPsec traffic flows only after REKEY event
  • NC-44344 [Firewall] Not able to enable IP Spoofing on more than 18 zones
  • NC-46188 [Firewall] GUI icons broken in firewall rules
  • NC-44083 [Hotspot] Hotspot voucher created in HA setup is expired and has used data attached to it
  • NC-38688 [IPsec] Sporadic connection interruption to local XG after IPsec rekeying
  • NC-41631 [IPsec] Tunnel not established in HA setup
  • NC-43220 [IPsec] Unable to use „Reset“ button on Sophos Connect settings page
  • NC-43898 [IPsec] Improve udp/500 firewall rule activation
  • NC-44072 [IPsec] Charon timeout while starting on small appliances with 20+ IPsec tunnels and auth type ‚rsa‘
  • NC-44240 [IPsec] XG not accepting MODP_1024 DH during IKE negotiations
  • NC-44016 [Logging Framework] Garner segfault in Central Management plugin of garner
  • NC-44693 [Logging Framework, SecurityHeartbeat] Reports are not being generated
  • NC-45339 [Logging Framework] Assertion fail in garner causing RED clients to disconnect
  • NC-46535 [Logging Framework] Memory leak in notification plugin
  • NC-44531 [nSXLd] nSXLd connection handling improvements
  • NC-46117 [Policy Routing] Traffic passing through IPSec link though policy route (MPLS) has high priority
  • NC-30294 [PPPoE] PPPoE interface graph is showing incorrect bandwidth information
  • NC-33657 [SFM-SCFM] API output shows „Configuration parameters validation failed“
  • NC-44007 [SFM-SCFM] Error message on GUI: SSOD is stopped
  • NC-44562 [SFM-SCFM] Backup snapshot has not been restored from SFM when SF having encrypted password for backup
  • NC-43684 [SNMP] libsnmp segfaults for „AVVERSION Get“
  • NC-44695 [SSLVPN] Unable to connect via SSL VPN after migrating from CROS
  • NC-46253 [SupportAccess] Backport: Cannot connect to WebAdmin via SupportAccess
  • NC-43936 [UI Framework] Guest Users page not loading after deleting the last page of available Guest Users
  • NC-44018 [UI Framework] Type of icon should be drop-down instead of icon of increase-decrease
  • NC-44283 [UI Framework] Cannot load Connection Details page of an IPsec VPN connection when Chinese characters are used in local/remote host configuration
  • NC-45358 [WAF] Privilege escalation from modules‘ scripts (CVE-2019-0211)
  • NC-45544 [WAF] Reduce memory footprint
  • NC-45974 [WAF] URL normalization inconsistency (CVE-2019-0220)
  • NC-46104 [WAF] HTML rewriting in large embedded CSS causes appliance to reboot due to OOM
  • NC-46810 [WAF] NULL pointer dereference in mod_proxy_html
  • NC-43970 [Web] Policy editor window doesn’t close when new policy created
  • NC-44089 [Web] Backslashes not properly escaped on User Activities page
  • NC-44228 [Web] Web categorization fails randomly
  • NC-44609 [Web] Incorrect parsing of DNS responses leads to 502 errors
  • NC-45020 [Web] Memory leak in sandbox pending page
  • NC-45094 [Web] SSL scan not on in case of force_ntlm on transparent connection
  • NC-27524 [Wireless] Restoring backup of Cyberoam 10.6.5050 GA not working when WLAN is configured
  • NC-45088 [Wireless] Selective export of WirelessNetworks with dependencies does not contain any dependencies
  • NC-45405 [Wireless] Country field for AP shown empty while accepting it with multple pending APs
  • NC-46142 [Wireless] SSID deleted but WiFi interface remains
Patrizio
Patrizio

Newsletter abonnieren

Wir versenden monatlich einen Newsletter mit allen Blogbeiträgen des jeweiligen Monats.