Hi Everyone,
Today we've released UTM 9.503. The release will be rolled out in phases. In phase 1 you can download the update package from our FTP server, in phase 2 we will spread it via our Up2Date servers.
Update 2017-08-25: Unfortunately the update package has an issue with a missing config file for Samba and we needed to pull the update package down from the FTP server. We are working on a replacement urgently.
Update 2017-08-31: New update files with the fix for the missing Samba config (NUTM-8702) are available on our FTP server. There are two update files available now:
- u2d-sys-9.502004-503004.tgz.gpg for all who are on 9.502 and
- u2d-sys-9.503003-503004.tgz.gpg for those who already installed the previous 9.503-3
Update 2017-09-07: Update is available for all via Up2Date servers.
Up2Date Information
News
- Maintenance Release
- Configuration will be upgraded
- Connected REDs will perform firmware upgrade
- Connected Wifi APs will perform firmware upgrade
Remarks
- System will be rebooted
Bugfixes
- NUTM-7891 [AWS] awslogsd.log is beeing flooded with logmessages
- NUTM-3196 [Access & Identity] Overlapping backend user prefetches may not be executed
- NUTM-7943 [Basesystem] Ntpd permanently restarting on slave node
- NUTM-8130 [Basesystem] Linux vulnerability ‘The Stack Clash’
- NUTM-8442 [Basesystem] Network Monitor heavily logs “Writing static route to” in fallback log
- NUTM-8431 [Configuration Management] Privilege escalation via insecure directory permissions
- NUTM-8167 [Configuration Management] Stored XSS in UTM
- NUTM-8229 [Configuration Management] Expiring certificate check still send notifications even after CA is regenerated
- NUTM-8300 [Configuration Management] Expiring certificate check error fails for incomplete date in certificate
- NUTM-8160 [Email] \N in Password of bind request causes account log out
- NUTM-8173 [Email] UTM fails to apply DKIM signature to outbound mail with reason RC -102
- NUTM-8339 [Email] Avira scanner in single or dual scan still results in SMTP proxy AV scanner unreachable errors on 9.414/9.501
- NUTM-8364 [Email] S/MIME encryption - automatic certificate extraction causing high load
- NUTM-8464 [Email] worker_do_get_file req content parsing error or missing parameters when mime header “From” in blank
- NUTM-8455 [Hardware] Fix hardware detection for SG230nc
- NUTM-6981 [Network] No multicast packets visible on bridge with 10 Gbit interfaces
- NUTM-7187 [Network] Prefix Delegation does not work correctly during a PPPoE reconnect
- NUTM-7502 [Network] Wireless client hostname not displayed/updated
- NUTM-7749 [Network] Filter list with hosts didn’t work in BGP and should not be possible to configure
- NUTM-7754 [Network] WAF permanently restarts on slave node
- NUTM-8556 [Network] SNMP - Error allocating more space for arpcache
- NUTM-8017 [REST API] REST API not returning expected objects from API Explorer
- NUTM-8137 [WAF] URL hardening prevents login to succeed as side effect of “Redirect to requested URL” feature
- NUTM-8174 [WAF] Increase LimitRequestLine
- NUTM-8169 [WebAdmin] Certain WebAdmin search fields not usable after upgrade to 9.414/9.5
- NUTM-5797 [Web] Winbindd: Exceeding 16000 client connections
- NUTM-7070 [Web] In Advanced Protection statistics, email count number for “Awaiting result” displayed in web field
- NUTM-8102 [Web] Standard SSO AD issue after updating to 9.5 - IE/Chrome failing/slow to load sites
- NUTM-8191 [Web] SSL exception matched for a specific website but didn’t work
- NUTM-8352 [Web] Add patch for CVE-2017-11103 “Orpheus’ Lyre”
- NUTM-8353 [Web] HTTP proxy AD-SSO authentication failing on 9.502 with more than 5,000 users or groups in AD
- NUTM-8387 [Web] UTM registering all of it’s IPs in DNS when joining a domain
- NUTM-8702 [Web] After 9.503-3 Update: net: error while loading shared libraries
- NUTM-8105 [Wireless] Wireless network connected issue with Bridge to AP LAN
