Sophos UTM update 9.411-3 released

complete Changelog:

Up2Date 9.411003 package description:

Remarks:
System will be rebooted
Configuration will be upgraded
Connected REDs will perform firmware upgrade
Connected Wifi APs will perform firmware upgrade

News:
Maintenance Release

Bugfixes:
Fix [NUTM-534]: [AWS] Template update notification
Fix [NUTM-6178]: [AWS] pg_xlog directory filling up on AWS deployments
Fix [NUTM-6186]: [AWS] Make all UTM logs available in AWS CloudWatch
Fix [NUTM-6224]: [AWS] awslogs daemon init script: restart broken
Fix [NUTM-6296]: [AWS] REST API doesn't work in cluster mode
Fix [NUTM-6402]: [AWS] [RESTD] Session is not closed after token is deleted
Fix [NUTM-6804]: [AWS] Update breaks HVM standalone installations
Fix [NUTM-5846]: [Access & Identity] IPsec Remote Access use the IP address instead of the username in the log
Fix [NUTM-6174]: [Access & Identity] [RED] mobile_network config part not pushed to prov
Fix [NUTM-6218]: [Access & Identity] HTML5 VPN: Comma not working on Portuguese (Brazil) keyboard
Fix [NUTM-6374]: [Access & Identity] REDs with static WAN config are offline after update to v9.409
Fix [NUTM-6375]: [Access & Identity] Cisco VPN with iOS doesn't work after update to 9.409
Fix [NUTM-6647]: [Access & Identity] [IPsec] Pluto dies in UTM 9.4 MR-7 (9.4xx) HA with Remote Access PSK w/o Xauth
Fix [NUTM-3152]: [Basesystem] libxml2 security update (CVE-2013-2877)
Fix [NUTM-5158]: [Basesystem] glibc security update
Fix [NUTM-5726]: [Basesystem] Follow up NUTM-5403 - Sometimes slave stuck in syncing indefinitely after failover
Fix [NUTM-5800]: [Basesystem] curl security update
Fix [NUTM-6127]: [Confd] Expired license loaded after reboot even if the valid license was imported already
Fix [NUTM-6396]: [Confd] Character ">" or "<" for password will change to "&lt;"
Fix [NUTM-5447]: [Documentation] Japanese description has the wrong vocabulary of black list at "Sender Blacklist" in user portal
Fix [NUTM-3515]: [Email] [SPX] Using 'ß' and ',' as windows-1252 in form breaks utf-8 conversion
Fix [NUTM-4932]: [Email] Password protected file passes SMTP proxy
Fix [NUTM-6196]: [Email] E-Mail with Sandstorm supported and unsupported files will be moved into quarantine
Fix [NUTM-6256]: [Email] SPX inserts Backslashes into nicename of receipient address
Fix [NUTM-6747]: [Email] SAVI scanner coredumps permanently in MailProxy after update to 9.410
Fix [NUTM-5656]: [Endpoint, Web] Sandstorm feature does not work if SEC managed endpoints with Full Web Control are used
Fix [NUTM-5756]: [Network] Remove empty log lines coming from the firewall subsystem
Fix [NUTM-6202]: [SUM] After update to v9.358 the "guid" was recreated
Fix [NUTM-5717]: [Sandboxd] Respect "file OK" error responses from get/score for SB Proxy API 1.2
Fix [NUTM-6165]: [WAF] Additional cookie from WAF is added without HttpOnly detail
Fix [NUTM-6356]: [WebAdmin] AD User Test fails after first creation of an authentication server
Fix [NUTM-4118]: [Web] Still coredumps from httpproxy since installation of rpms from NUTM-3119
Fix [NUTM-5399]: [Web] httpproxy[xxxx]: segfault at 4 ip 00000000080c2113 sp 00000000ea8aee90 error 6 in httpproxy
Fix [NUTM-5561]: [Web] URL category name "Potiental Unwanted Programs" spelling mistake
Fix [NUTM-5663]: [Web] HTTP proxy restarted with core dumps in 9.407
Fix [NUTM-5834]: [Web] 'Force caching for Sophos Endpoint updates' doesn't seem to force caching
Fix [NUTM-5956]: [Web] UTM breaks auto-update on SAV for Mac
Fix [NUTM-6310]: [Web] Corrected ownership and permission of sandboxd db files
Fix [NUTM-6802]: [Web] New coredumps from httpproxy after update to v9.410
Fix [NUTM-5366]: [WiFi] Wireless Protection Manager doesn't have sufficient rights to edit time definitions
Fix [NUTM-5567]: [WiFi] APs remain inactive after being accepted on UTM
Fix [NUTM-6125]: [WiFi] Customized login page displays invalid characters

Thanks for the Update!

We have just installed this firmware on our SG210. Appliance rebooted as expected.

Now when we view web admin it shows the firmware version is 9.411-3 but it still says there is 1 Update available for installation.

If I go to Up2Date, it says the new version available for installation is 9.411-3

Updated and now my UTM shows this: It on 9.411-3 and says an update to 9.411-3 is available.  Strange.

To be clear - It rebooted after the install and I reboot again once I saw this anomaly.

Have Installed UP2DATE 9.411-3 to Software Appliance  (Reused Astaro 320 with 2Gb RAM upgrade actually) All OK..

Its only a EDGE Router for PPPoE and IPS and Country blocking ...

Once OK will then update our VMWare HA pair  (they sit behind the old ASG320) from 9.409-9  to 9.411-3they operate full HTTP Proxy, Web SMTP, VPN, AV the whole 9 yards,

... as can SNAPshot them and also back up the VM's via NAkivo... will report back.. if all goes well... other wise you will find us on the window sill 8th Floor ;-))

[Y]

Update of a active-passive SW-Cluster 9.408-4 -> 9.411003:

It ended up in a split brain cluster,  master on 9.411, slave on 9.408. After manually updating slave to 9.411  HA is still not working and I have to downgrade to 9.408-4

Any other beta-testers with cluster-update experiences?

Worked fine here, 9.409 to 9.411, HA Active/Passive Cluster.  I think what you ran across was one of the bugs that is now fixed (the fix wouldn't have helped you avoid the situation -- it's for future HA upgrades I believe:

Fix [NUTM-5726]: [Basesystem] Follow up NUTM-5403 - Sometimes slave stuck in syncing indefinitely after failover

I've seen this at a customer site.  Fix was to kill the slave that was stuck, manually re-add it to the HA.

Hi Bruce

Thank you for your information. I will do a factory reset to the slave and then try to reconstruct the cluster with 9.411

Regards, Peter

Hi all,

I had scheduled an update for our UTMs for 9.30 pm today (via SUM). We can't do that earlier because many of our employees work remote via Citrix for one of our customers.
After reading the comments about 9.411-3 I've cancelled the update.

What about Sophos? What do you say? We need a functionally fix for 9.410 ASAP. Sorry, but I don't want to play "beta-tester" for the bugs in 9.410...

Greets,

Manu

I have applied this update, and continue to get HTTP proxy restart errors.

Http proxy not running - restarted

--

System Uptime      : 0 days 3 hours 39 minutes

System Load        : 1.50

System Version     : Sophos UTM 9.411-3

Please refer to the manual for detailed instructions.