This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM Up2Date 9.414 Released

Up2Date 9.414002 package description:

Remarks:
 System will be rebooted
 Configuration will be upgraded
 Connected REDs will perform firmware upgrade
 Connected Wifi APs will perform firmware upgrade

News:
 Maintenance Release

Bugfixes:
 Fix [NUTM-6646]: [AWS, REST API] REST API panic when unlocking unlocked mutex
 Fix [NUTM-6868]: [AWS, REST API] Missing trailing slash in Swagger URLs
 Fix [NUTM-6887]: [AWS, REST API] REST API panic when inserting into node which is not of type array
 Fix [NUTM-7173]: [AWS, REST API] [RESTD] Selfmon cannot (re)start restd
 Fix [NUTM-6503]: [AWS] Migrate to new iaas_* functions
 Fix [NUTM-6708]: [AWS] Cloud update not working with conversion deployments
 Fix [NUTM-6727]: [AWS] AWS_CONVERSION_PRE_CHECK_FAILED (Pre-check failed: 127.)
 Fix [NUTM-6814]: [AWS] Rest API is accessible with default password if basic setup has not completed
 Fix [NUTM-7032]: [AWS] SignalException not handled for SecurityGroupsManagement#update
 Fix [NUTM-7055]: [AWS] queen_configuration_management / aws_resource_management SIGUSR1 handling
 Fix [NUTM-7056]: [AWS] LocalJumpError
 Fix [NUTM-7057]: [AWS] aws_set_sd_check AWS::EC2::Errors::RequestLimitExceeded
 Fix [NUTM-7061]: [AWS] Connection refused - connect(2) for "localhost" port 4472
 Fix [NUTM-7374]: [AWS] Link to RESTful API documentation
 Fix [NUTM-7442]: [Access & Identity, RED] [RED] 3G Failback with RED15(w) not working if DHCP server is shutting down
 Fix [NUTM-3240]: [Access & Identity] Update RED10, RED15, RED50 OpenSSL to most current version
 Fix [NUTM-4852]: [Access & Identity] [RED] flock() on closed filehandle $fhi at /</var/confd/confd.plx>Object/itfhw/red_server.pm line 563.
 Fix [NUTM-5925]: [Access & Identity] [RED] prevent configuration for VLAN for Split modes
 Fix [NUTM-6387]: [Access & Identity] HTML5 VNC connection not disconnecting
 Fix [NUTM-6504]: [Access & Identity] OpenVPN 2.4.0 deprecated option "tls-remote"
 Fix [NUTM-6606]: [Access & Identity] Re-occuring issues with the Sophos UTM Support access
 Fix [NUTM-6668]: [Access & Identity] [IPsec] L2TP/Cisco policy changes do not update ipsec.conf
 Fix [NUTM-6749]: [Access & Identity] RED15w does not send split DNS traffic over RED tunnel
 Fix [NUTM-7111]: [Access & Identity] Multiple open vulnerabilities in libvncserver
 Fix [NUTM-7157]: [Access & Identity] VPN users not being created when backend AD group is used
 Fix [NUTM-7295]: [Access & Identity] HTML5 VPN: Comma not working on Portuguese (Brazil) keyboard
 Fix [NUTM-7350]: [Access & Identity] [RED] USB stick E3372 does not work with RED 15
 Fix [NUTM-7377]: [Access & Identity] Remote Access tab won't load after selecting the OTP Token tab in the User Portal
 Fix [NUTM-7774]: [Access & Identity] HTML5 - Mouse not working on Touch Devices
 Fix [NUTM-7874]: [Access & Identity] Openvpn: DoS due to Exhaustion of Packet-ID counter (CVE-2017-7479)
 Fix [NUTM-5965]: [Basesystem] Sensors command on SG125w doesn't show hardware fan RPM
 Fix [NUTM-6468]: [Basesystem] BIND Security update (CVE-2016-9131, CVE-2016-9147, CVE-2016-9444)
 Fix [NUTM-6718]: [Basesystem] Update NTP to 4.2.8p9
 Fix [NUTM-6847]: [Basesystem] BIND Security update (CVE-2017-3135)
 Fix [NUTM-6956]: [Basesystem] Hardware LCD screen: IP address of ports other than eth0 cannot be changed through LCD
 Fix [NUTM-7626]: [Basesystem] BIND Security update (CVE-2017-3136, CVE-2017-3137)
 Fix [NUTM-7646]: [Basesystem] NTP Security update (CVE-2017-6458, CVE-2017-6460)
 Fix [NUTM-7742]: [Basesystem] Update Appctrl (4.4.1.21)
 Fix [NUTM-5658]: [Confd] Stripped restore unaccessable if default internal interface is removed
 Fix [NUTM-6976]: [Confd] Privilege escalation though LOGAUDITOR and REPORTAUDITOR
 Fix [NUTM-7160]: [Confd] "&" sign in RADIUS secret will be converted into "&amp;"
 Fix [NUTM-7636]: [Confd] If changing name in REF_DefaultSuperAdmin 'Admin reset password' page is not presented
 Fix [NUTM-7976]: [Confd] [TA] - If changing name in REF_DefaultSuperAdmin 'Admin reset password' page is not presented
 Fix [NUTM-3062]: [Email] Mails from mail spool get quarantined because of "500 Max connection limit reached" in cssd
 Fix [NUTM-3513]: [Email] MIME type filter doesn't detect real mime type
 Fix [NUTM-3516]: [Email] POP3 prefetch sometimes stops working
 Fix [NUTM-3669]: [Email] SMTP Proxy vulnerable by TLS renegotiation (CVE-2011-1473)
 Fix [NUTM-3671]: [Email] SPX encrypted messages are vulnerable to access without proper authentication
 Fix [NUTM-3677]: [Email] Maildrop locked for account_id
 Fix [NUTM-4324]: [Email] Changing Email Protection settings fails with Sandstorm enabled and trial expired
 Fix [NUTM-5350]: [Email] Per user blacklist does not apply until smtp service restarts
 Fix [NUTM-5545]: [Email] Quarantine report can't be enabled under some circumstances
 Fix [NUTM-5823]: [Email] Scanner timeout or deadlock for all mails with a .scn attachment
 Fix [NUTM-5892]: [Email] SMTP Exception doesn't allow '&' sign within the email address
 Fix [NUTM-6135]: [Email] DLP custom expression doesn't get triggered if the email body contains certain strings
 Fix [NUTM-6355]: [Email] Email not blocked with expression list
 Fix [NUTM-6379]: [Email] Frequent cssd coredumps
 Fix [NUTM-6986]: [Email] Sender blacklist doesn't allow '&' sign within the email address
 Fix [NUTM-7220]: [Email] WAF reporting virus found when AV engine on the UTM is updating
 Fix [NUTM-7625]: [Email] SMTP DLP expressions do not trigger under specific condition
 Fix [NUTM-7722]: [Email] mailbox_size_limit is smaller than message_size_limit in notifier log
 Fix [NUTM-4474]: [Kernel] Kernel panic - not syncing: Fatal exception in interrupt
 Fix [NUTM-6358]: [Kernel] Kernel: unable to handle kernel NULL pointer dereference at 0000000000000018
 Fix [NUTM-3170]: [Network] Time-base access for wireless is dropping ipsec-routes and not creating them again
 Fix [NUTM-4969]: [Network] Uplink does not recover from error state
 Fix [NUTM-5314]: [Network] 10gb SFP+ flexi module interface fails when under load
 Fix [NUTM-6077]: [Network] Static route on bridge interface disappears after rebooting the UTM
 Fix [NUTM-6807]: [Network] SSL VPN not being redistributed into OSPF
 Fix [NUTM-6901]: [Network] Eth0 is removed while configuring bridge interface
 Fix [NUTM-6992]: [Network] OSPF re-announcing static routes
 Fix [NUTM-7044]: [Network] Disable a VLAN associated with the WAN interface breaks the complete communication
 Fix [NUTM-7439]: [Network] nf_ct_dns: dropping packet: DNS packet of insuffient length: 25
 Fix [NUTM-7395]: [RED] [RED] Split networks/domains fields not shown when editing RED10/15
 Fix [NUTM-7491]: [RED] WARNING: CPU: 0 PID: x at net/core/dst.c:293 dst_release+0x30/0x51()
 Fix [NUTM-7060]: [Reporting] Search in reports doesn't work if the username contains only numbers
 Fix [NUTM-6651]: [Sandboxd] All sandstorm tagged mails get stuck in "Sandstorm scan pending"
 Fix [NUTM-6930]: [WAF] WAF not responding after reboot of the AWS UTM
 Fix [NUTM-6522]: [WebAdmin] SMC Test failed after Settings are applied
 Fix [NUTM-6617]: [WebAdmin] Search for Network Definitions breaks in Chrome with over 1000 objects
 Fix [NUTM-7203]: [WebAdmin] Issue with password field UTM - SMC WebAdmin configuration
 Fix [NUTM-7652]: [WebAdmin] Not possible to download different SSL VPN User Profiles in one Firefox Session
 Fix [NUTM-7870]: [WebAdmin] Comment not displayed for Time Period definition
 Fix [NUTM-5794]: [Web] IPv6 fallback to IPv4 doesn't work
 Fix [NUTM-6467]: [Web] FTP connection fails when using transparent FTP Proxy
 Fix [NUTM-6502]: [Web] HTTP Proxy coredumping with EC CA certificate
 Fix [NUTM-6532]: [Web] AD Users are prefetched in lowercase letters
 Fix [NUTM-6809]: [Web] URL category name "Potiental Unwanted Programs" spelling mistake on sophostest.com
 Fix [NUTM-6848]: [Web] HTTPS warn behaviour when "Block all content, except..." is selected
 Fix [NUTM-6867]: [Web] New httpproxy coredumps after update to v9.411 - ReleaseToCentralCache
 Fix [NUTM-7076]: [Web] UTM not updating AD group definition
 Fix [NUTM-7167]: [Web] OTP Using AD Backend Membership - duplicates user when capital letters are used in the username
 Fix [NUTM-7321]: [Web] Non existent or non proxy users are able to create SSL webfilter exceptions
 Fix [NUTM-7367]: [Web] Difference between web_filter templates and default templates in web filter
 Fix [NUTM-5612]: [WiFi] Manual channel selection not possible in both bands for SG W appliances
 Fix [NUTM-5638]: [WiFi] RED15w - integrated AP isn't shown as pending in transparent / split mode
 Fix [NUTM-5786]: [WiFi] RED15w - if more then one SSID is configured only one is working correctly
 Fix [NUTM-6215]: [WiFi] Issue when roaming between wireless with some clients
 Fix [NUTM-6335]: [WiFi] VLAN fallback not working for integrated AP from RED15w
 Fix [NUTM-6448]: [WiFi] AP55 stuck as inactive
 Fix [NUTM-6511]: [WiFi] AP does not get IP address on 100 Mbit ethernet link

RPM packages contained:
 libsensors4-3.3.0-2.7.13.1880.ga281026.rb11.i686.rpm
 libudev0-147-0.84.1.1676.gf3268b9.rb4.i686.rpm    
 libvncserver-0.9.11-0.g483b9a9.rb12.i686.rpm      
 awslogs-agent-1.3.9-0.250867252.g4df7c06.rb5.noarch.rpm
 client-openvpn-9.40-15.g34ad98f.rb4.noarch.rpm    
 firmwares-bamboo-9400-0.253109868.ge2f1a38.rb9.i586.rpm
 freerdp-1.0.2-9.gae4b426.rb2.i686.rpm             
 gtk2-libs-2.18.9-0.23.1.1463.ga6e6ff9.rb5.i686.rpm
 jq-1.5-0.233418733.gd9cd757.rb7.i686.rpm          
 perf-tools-3.12.58-78.g225d710.rb5.i686.rpm       
 perl-Date-Calc-5.4-1.1246.gb797af7.rb9.i686.rpm   
 perl-File-LibMagic-0.96-1.952.ga51b3e8.rb9.i686.rpm
 perl-Net-SSLeay-1.49-1.761.gd1bee20.rb13.i686.rpm
 postfix-2.11.0-16.gbdc4d92.rb3.i686.rpm           
 red-firmware2-5043-0.256377517.g0623fa8.rb1.noarch.rpm
 red15-firmware-5043-0.256393916.g3aedd09.rb5.noarch.rpm
 rubygem-addressable-2.5.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-airbrake-5.7.1-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-airbrake-ruby-1.7.1-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-aws-sdk-1.66.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-aws-sdk-v1-1.66.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-celluloid-0.17.3-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-celluloid-essentials-0.20.5-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-celluloid-extras-0.20.5-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-celluloid-fsm-0.20.5-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-celluloid-pool-0.20.5-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-celluloid-supervision-0.20.6-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-crack-0.4.3-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-diff-lcs-1.2.5-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-docile-1.1.5-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-hashdiff-0.3.2-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-hitimes-1.2.4-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-json-1.8.3-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-little-plugger-1.1.4-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-logging-2.1.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-mini_portile2-2.0.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-multi_json-1.12.1-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-nokogiri-1.6.7.2-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-pg-0.19.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-pidfile-0.3.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-public_suffix-2.0.5-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-retries-0.0.5-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-rspec-3.5.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-rspec-core-3.5.4-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-rspec-expectations-3.5.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-rspec-mocks-3.5.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-rspec-support-3.5.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-safe_yaml-1.0.4-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-sequel-4.42.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-simplecov-0.12.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-simplecov-html-0.10.0-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-sophos-iaas-1.0.0-0.255611249.g062b817.rb3.i686.rpm
 rubygem-thor-0.19.4-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-timers-4.1.2-0.253186261.g62d8cf9.rb6.i686.rpm
 rubygem-webmock-2.3.2-0.253186261.g62d8cf9.rb6.i686.rpm
 sensors-3.3.0-2.7.13.1880.ga281026.rb11.i686.rpm  
 udev-147-0.84.1.1676.gf3268b9.rb4.i686.rpm        
 uma-9.40-20.gcfb3eac.rb7.i686.rpm                 
 ep-reporting-9.40-34.gca719d9.rb11.i686.rpm       
 ep-reporting-c-9.40-33.g6f3bc54.rb8.i686.rpm      
 ep-reporting-resources-9.40-34.gca719d9.rb11.i686.rpm
 ep-aua-9.40-46.gb28c908.rb4.i686.rpm              
 ep-awed-9.40-57.g38b1e1e.rb6.i686.rpm             
 ep-confd-9.40-1047.g10e7f95.rb9.i686.rpm          
 ep-cssd-9.40-31.g6d49dc9.rb3.i686.rpm             
 ep-ha-aws-9.40-452.g062b817.rb3.noarch.rpm        
 ep-init-9.40-18.g8f5b664.rb5.noarch.rpm           
 ep-libs-9.40-32.gec3964b.rb4.i686.rpm             
 ep-logging-9.40-10.g53bc615.rb3.i686.rpm          
 ep-mdw-9.40-629.g5e9ce4f.rb9.i686.rpm             
 ep-notifier-9.40-12.gbdc4d92.rb3.i686.rpm         
 ep-postgresql92-9.40-72.gb9e9e79.rb4.i686.rpm     
 ep-restd-9.40-0.258123434.g77e71da.i686.rpm       
 ep-sandboxd-9.40-0.255720458.g1651d76.rb2.i686.rpm
 ep-screenmgr-9.40-3.g07035cc.rb12.i686.rpm        
 ep-service-monitor-1.0-47.gba07d2e.rb5.i686.rpm   
 ep-up2date-9.40-22.ga2267a9.rb4.i686.rpm          
 ep-up2date-downloader-9.40-22.ga2267a9.rb4.i686.rpm
 ep-up2date-pattern-install-9.40-22.ga2267a9.rb4.i686.rpm
 ep-up2date-system-install-9.40-22.ga2267a9.rb4.i686.rpm
 ep-utm-watchdog-9.40-59.g5545460.rb5.i686.rpm     
 ep-webadmin-9.40-889.g32b7a44.rb9.i686.rpm        
 ep-webadmin-contentmanager-9.40-53.g1feba9f.rb2.i686.rpm
 ep-webadmin-spx-9.40-3.g459bf94.rb6.i686.rpm      
 u2d-ipsbundle2-9-70.i686.rpm                      
 ep-cloud-ec2-9.40-70.g4015b27.rb6.i686.rpm        
 ep-chroot-httpd-9.40-25.g5858fbe.rb5.noarch.rpm   
 ep-chroot-ipsec-9.40-6.gd4695e2.rb6.noarch.rpm    
 ep-chroot-smtp-9.40-150.gacdc2a1.rb2.i686.rpm     
 chroot-bind-9.10.4_P8-0.258574549.g00918f3.rb3.i686.rpm
 chroot-clientlessvpn-9.40-1.g975c7e9.rb3.i686.rpm
 chroot-ftp-9.40-6.g6cca7ba.rb8.i686.rpm           
 chroot-ntp-4.2.8p10-0.ge44e0f0.rb2.i686.rpm       
 chroot-openvpn-9.40-28.g67a99ed.rb2.i686.rpm      
 chroot-reverseproxy-2.4.10-257.g75cd21d.rb2.i686.rpm
 chroot-smtp-9.40-17.g30651a7.rb2.i686.rpm         
 ep-chroot-pop3-9.40-18.gda2541b.rb2.i686.rpm      
 ep-httpproxy-9.40-426.gf7cedd9.rb5.i686.rpm       
 kernel-smp-3.12.58-78.g225d710.rb5.i686.rpm       
 kernel-smp64-3.12.58-78.g225d710.rb5.x86_64.rpm   
 ep-release-9.414-2.noarch.rpm                    



This thread was automatically locked due to age.