Sophos UTM Update v9.605 released
Sophos has completed UTM version 9.605. This version will be available in small stages. The first step is to download it from the FTP server. Later, the update will also be distributed via the Up2Date server.
Important: Note that when this version is installed, the system restarts. Then the configuration will be updated and all connected access points and REDs will be firmware upgraded.
RED 50 Problems
The UTM has had problems with the RED 50 models since version 9.6. If you are affected, you may have noticed it already, because the REDs are offline. This is a bug that has existed since firmware 9.602 and 9.603:
- Since the UTM version 9.602 the devices cannot connect anymore.
- With the UTM version 9.603 the devices fail completely and do not start anymore. Only an RMA will help!
Depending on the case, it may be possible to return to the old firmware version of the RED and then restart the device normally. Here is the matching KB article from Sophos: Advisory: Sophos UTM - Issue with RED 50 after upgrade to v9.6
- NUTM-10885 [Basesystem] Fallback log flooded since update to 9.6
- NUTM-10667 [Email] Emails are not being processed, have “Stale ID in DB” in debug log
- NUTM-10870 [Email] UTM not rejecting emails with dot at the end of the local part address
- NUTM-10809 [RED] Offline provisioned RED15 loses their config in case of UTM reboot
- NUTM-10812 [RED] RED can’t connect to UTM if it is configured in transparent/split mode and a DNS name as UTM hostname
- NUTM-10903 [RED] Transparent/split: DNS does not work if the gateway and DNS server are different but in the same network
- NUTM-10962 [RED] Fix for RED50 does not start up after firmware update for most scenarios
- NUTM-10636 [Reporting] Executive report not accurate - missing SSL VPN sessions
- NUTM-10877 [Sandstorm] Sandbox Activity in Webadmin does not show all activities since 9.6
- NUTM-10822 [WAF] Privilege escalation from modules’ scripts (CVE-2019-0211)
- NUTM-10823 [WAF] URL normalization inconsistency (CVE-2019-0220)
- NUTM-10886 [WAF] All HTTP requests are forwarded to HTTPS
- NUTM-10978 [WAF] reverseproxy.log does not show requested domain
- NUTM-10986 [WAF] HTML rewriting in large embedded CSS leaks memory
- NUTM-10705 [WebAdmin] Potential User Portal session cookie hijacking
- NUTM-10862 [WebAdmin] After updating to 9.6 read only admins cannot see advanced tabs
- NUTM-10941 [WebAdmin] Webadmin not accessible when user prefetch is running
- NUTM-10952 [WebAdmin] HTTPS pages sporadically no longer work with transparent proxy since 9.602
- NUTM-10748 [Web] Proxy restarted httpproxy.DeferredExpire
- NUTM-10792 [Web] Follow up: New Web Templates for content warn does not work in 9.6
- NUTM-10802 [Web] HTTPS websites are not accessible through http proxy if you follow the BSI recommendation regarding TLS
- NUTM-10816 [Web] Blockpage font rendered incorrectly in Firefox
- NUTM-10876 [Web] Web Proxy blocks range requests since 9.6
- NUTM-10895 [Web] Video from NEST CAM constantly loading
- NUTM-10985 [Web] HTTP proxy is getting crashed with segfault and core dump