DO NOT INSTALL - THE UPDATES ARE FAULTY (Read this thread through!)
News
· Security Update
Remarks
· System will be rebooted
Bugfixes
36115 WebAdmin reflective XSS Vulnerability
36126 OpenSSL security update 1.0.1q
Cheers,
Sascha Rudolph
Senior Software Engineer, NSG
Cheers,
Sascha Rudolph
Senior Software Engineer, NSG
I'm experiencing the same issue.
This particular tool is key to me troubleshooting network bandwidth issues. I'm in the process of deploying a set of appliances at 4 locations that are supposed to go live this week. All 4 of the appliances were updated with the new firmware last night.
Any idea when "future version" might be? Are we talking hours, days, weeks?
I may need to hold off until this is resolved.
Thanks
Edit: Firmware Version 9.352-6
Sophos people:
Even though it might be important to install these updates, I suspect many now won't install them until the bug fixes are available. So please, give us some kind of SWAG ETA for the fixes?
Still running 9.351. Waiting until they fix 9.352.
Hi, Rob, and welcome to the UTM Community!
The configurations should have been backed up before the Up2Dates. It should take about 10 minutes per box to download a config backup corresponding to the version you want to install, put it in the root directory of a USB memory stick, re-image the UTM from ISO and reboot with the USB key in place to restore.
Unless you have hardware that requires the 9.35x branch, I would go with V9.31. From what I see here, 9.318 does not have this issue. I also don't see the crash on either of the two lab units I've Up2Dated to 9.318.
EDIT a few minutes later: I HAVE THE SAME PROBLEM WITH 9.318!
Cheers - Bob
Cheers Andreas
UTM SCE/SCA | Endpoint SCE
Thanks for the instructions Bob. I'll give that a try. That could help me keep my live date with customer. Thanks you very much.
I did not see the issue with 9.351-3 (version from yesterday. I'll try rolling one back to that and see what the results are.
Edit 12/16 -
I was able to use a backup config and install 9.351-3. I can confirm that I am not seeing an issue with accessing the flow monitor. It did take about 40 minutes of down time.
With three more to do (at remote locations), it's going to cost my company several hundred dollars of lost time (can't be billed to customer) and the lost productivity due to network down time. So while it isn't the end of the world, it has turned out to be a costly bug for us.
I also noticed I'm still being offered the 9.352-6 update. I would have thought it would be pulled due to issues to save someone who doesn't visit these boards the trouble and cost.
Cheers,
Sascha Rudolph
Senior Software Engineer, NSG
greets
zaphod
___________________________________________
Home: Zotac CI321 (8GB RAM / 120GB SSD) with latest Sophos UTM
Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...
greets
zaphod
___________________________________________
Home: Zotac CI321 (8GB RAM / 120GB SSD) with latest Sophos UTM
Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...
So called Flow Monitor??? This is the product you are selling... and it is called flow monitor... What do you mean so called flow monitor. All you guys did was apply an SSL patch and fixed a vulnerability that specifically affected webadmin. All you had to do was QA the daemons that are affected by SSL connections and webadmin itself. Anyone using the UTM can tell you what to test without even knowing all the other dependencies.eremit said:We had been able to reproduce and identify the source of the issue in the so-called Flow Monitor
1. Test webadmin.
2. Test WAF.
3. Test SMTP.
4. Any other dependencies.
You guys didn't even test webadmin??? Is anybody doing QA or someone downloaded the binary and changed it to an rpm and hoped it will work. Two separate trees same problem??? Now a casual contact your reseller/ don't know when it will be fixed??? Really strange what is going on at sophos [:^)]
