UTM Up2Date 9.602 Released

30 Apr 2019

Today we've released UTM 9.602. The release will be rolled out in phases.

In phase 1 you can download the update package from our FTP server, in phase 2 we will spread it via our Up2Date servers.

Up2Date Information

News

Maintenance Release

Remarks

System will be rebooted
Configuration will be upgraded
Connected REDs will perform firmware upgrade

Issues Resolved

NUTM-10728 [Access & Identity] Race condition on configuration change of RED device
NUTM-9877 [Access & Identity] Configurable RADIUS timeout for L2TP over IPsec
NUTM-10190 [Basesystem] CVE-2018-15473: OpenSSH username enumeration
NUTM-10362 [Email] MIME type detection doesn't work as expected - header Content-Type always considered
NUTM-10480 [Email] Mail Based XSS in Sophos UTM 9
NUTM-10484 [Email] POP3 Proxy stops working sometimes
NUTM-10545 [Email] Update SPX placeholder description
NUTM-10521 [Logging] /tmp partition getting full when using livelog
NUTM-10291 [Network] DNS Host object not updated/unresolved
NUTM-10460 [Network] GeoIP dropping traffic from allowed region
NUTM-10537 [Network] Additional IP address on a bridge interface exist in back-end even after deleting it
NUTM-10536 [RED] Wifi traffic on the internal RED15w AP is always routed through the RED tunnel
NUTM-10594 [RED] RED50 disconnects randomly
NUTM-10595 [Sandstorm] Sandbox Activity Tab not accessible due to license error
NUTM-10852 [Sandstorm] Sandboxd complaining on missing column in database/sqlite
NUTM-10626 [WAF] Let's Encrypt certificate renewal fails because of failing terms of service check
NUTM-10644 [WAF] mod_session_cookie does not respect expiry time (CVE-2018-17199)
NUTM-10661 [WAF] SSL redirect broken for wildcard certificates
NUTM-10322 [Web] Proxy crash with coredump on UTM 9.508
NUTM-10633 [Web] New web templates for content warn does not work in 9.6
NUTM-10657 [Web] httpproxy uses up all CPUs in peak hours, resulting in slow browsing
NUTM-10668 [Web] Quota relevant web page are accessible when using AD SSO
NUTM-10758 [Web] Application Control - Skiplist not working for destination IP
NUTM-10546 [Wireless] Updating to 9.6 GA with REDw devices causes corrupt payload and AP becomes inactive

André Heinrich over 4 years ago

We have a problem after the 9.602 Update concerning the automatic firewall rules applied by NAT in association with Uplink Interfaces load balancing. After the Update Portforwarding Rules are ignored and connections are blocked. We had to apply firewall rules allowing any-->service-->internal host additionally to the automatically applied any-->service--> uplink primary addresses. Is this a wanted behaviour ?
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
Timo Gebhard over 4 years ago

JanboNörskau wir hatten das Problem dass die Verbindung der RED50 immer wieder verloren ging mit der Meldung

red2ctl_11679_: Overflow happened on reds1:0

red2ctl_11679_: Missing keepalive from reds1:0, disabling peer

Nach dem Update liefen die RED50 alle ohne Verbindungsabbrüche
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
Jeff x over 4 years ago

Since this update, when searching the firewall log, the returned results are just like the live log. Full log entries are NOT being returned. The results even have the salmon colored background.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
McWolle over 4 years ago

Problem with HTTPS Scanning!

community.sophos.com/.../seit-update-auf-9-602-3-probleme-mit-webfilter-https
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
JanboNörskau over 4 years ago

@Timo Gebhard: Hi Timo. Bitte notiere mal den Link auf den Problemeintrag, welches Problem genau gelöst ist. LG, Janbo
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel