SFOS 16.01.2 Released

Hi XG Community!

We've updated XG v16.01, with a new maintenance release. This release is available to all v16 users via our update servers. Customers still running v15 have to either install it manually or update to SF 16.01.1 first.

Issues Resolved

  • NC-6508 [API] CCL logs not generated when resetting Cisco VPN client
  • NC-7435 [API] CCL Policies>>User Application Policy: CCL xml details page always showing policy position is Bottom
  • NC-13416 [AVD] Up2Date client downloads signatures in loop if AV is not subscribed
  • NC-13530 [Authentication] Adding and updating a radius server fails if NAS-Port-Type is empty
  • NC-13561 [Authentication] Radius: 'NAS-Port-Type' set when adding a server but blank when editing
  • NC-13546 [Backup-Restore] CR to SF backup restore failes on CR1500iNG-XP appliance
  • NC-13510 [Base System] Password with space is not accepted after upgrade from SF 15 to SF 16 (Beta4)
  • NC-11681 [Certificates] Revoke certificate option shown again after export/import of revoked certificate
  • NC-11762 [Certificates] Improve column spacing on CA page
  • NC-11101 [Firewall] TCP based health check of gateway host is not working over VLAN interface
  • NC-12351 [Firewall] ICAP log component is shown in Log viewer after CR to SF migration
  • NC-12968 [Firewall] Anonymization icon is not removed from log viewer after disabling anonymization
  • NC-13315 [Firewall] ICMP error messages are not shown in firewall log in TAP mode configured appliance
  • NC-13000 [Galileo Heartbeat] Wizard run & HA disable failed after configure Missing Heartbeat Zones in security heartbeat
  • NC-13480 [Galileo Heartbeat] Heartbeat using 100% CPU
  • NC-13538 [Galileo Heartbeat] Improve Control Center page for IE
  • NC-13333 [Hotspot] Remove country and country group from walled garden list
  • NC-13531 [Hotspot] XG stops sending password of the day for hotspot
  • NC-11307 [Mail Proxy] Administrator profile with read only permission is not allowed to see configuration
  • NC-11412 [Mail Proxy] MTA keeps retrying to send mails with no MX record for outbound relay mails
  • NC-13285 [Mail Proxy] Add warning when trying to download infected mails through user portal
  • NC-13300 [Mail Proxy] Memory usage increases gradually of AVD for outbound mails when DPP is enabled
  • NC-13313 [Mail Proxy] MTA should show failed reason instead of marking mails as unscannable when AV scanning failed
  • NC-13373 [Mail Proxy] MTA: syntax error if a number is used as first character in domain name
  • NC-13430 [Mail Proxy] Color coding entries in Mail Spool and Mail Logs
  • NC-13498 [Mail Proxy] Mail Logs page freezes
  • NC-13849 [Mail Proxy] Failing assertion in SMTP service when applying RBL scanning
  • NC-13935 [Mail Proxy] Awarrenmta dies due to attachment name with 'unsupported encoded' containing whitespace characters
  • NC-13955 [Mail Proxy] "Antivirus Action" check box text should be aligned with border
  • NC-13973 [Mail Proxy] Unable to release quarantine mail while selecting "External Email Server" option in notification settings
  • NC-13393 [Networking] Support Logical/Virtual interface in ethtool CLI
  • NC-13536 [Networking] IP Tunnel: in-line creation of IPv6 static route not possible
  • NC-13552 [Networking] Gateway host page is not shown in SFM
  • NC-10510 [RED] Fix incorrect error handling in _get_fw_version()
  • NC-13322 [RED] Improve HA for RED
  • NC-13591 [Routing] Policy based route status is red if no interface is selected
  • NC-12367 [Up2date Client] Pattern update status is not synced in HA active-passive setup
  • NC-6551 [Up2date Client] AP firmware version number misalignment on update status page
  • NC-13938 [WAF] Service stops due to memory leaks with message "[crit] Memory allocation failed, aborting"
  • NC-12687 [Web] Teamviewer isn't blocked properly by App Control
  • NC-13854 [Web] Awarrenhttp segfaults multiple times a day

Known Issues

  • NC-14137 [Firewall]  Customers migrating to SFOSv16 MR1 from SFOSv15 or CR OS will not be able to load the "Internet Scheme" Page at Protect--> Web --> Internet Scheme.
  • NC-14231 [IPS]  If any customer has only purchased Web Protection license and not Network Protection license then internet traffic will be dropped on enabling application classification or applying any IPS policy on rule.
  • NC-14093 [Mail Proxy]  Emails may stuck in queue if in MTA mode IP reputation is enabled and emails are getting rejected due to that, to make it work again need to disable IP reputation and restart mta service from advance shell (service awarrenmta:restart -ds nosync).

Downloads

You can find the firmware for your appliance from in MySophos portal.