The Sophos Community will be offline for scheduled maintenance this Saturday, May 27th, at 13:00 UTC for approximately 1 hour. Apologies for any inconvenience caused.
"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
Hi XG Community!
We've finished SFOS v16.05.4 MR4. This release is available from within your device for all SFOS v16.05 installations as of now and will increase the group in a few days.
The release is available to all SFOS version via MySophos portal.
NC-12352 [Authentication] It should not possible to change the password of backend userNC-16959 [Authentication] SATC client is not differentiating between usersNC-17300 [Base System, Certificates, License] During the first license sync sometimes the wrong certificate is storedNC-17701 [Base System, License] License activation screen improvementsNC-14028 [Base System] RED site-to-site tunnel disconnects permanently when quick assist is usedNC-15911 [Base System] XG not listening on port 9922 used for SAANC-16164 [Base System] Garner dies due to memory corruptionNC-16742 [Base System] Installation not possible on HP DL380G5 / DL360G5NC-16743 [Base System] Awarrenhttp, Awarrenmta, Warren services die after upgradeNC-17035 [Base System] Migration from CR 10.06.4020 to SF 16.05 MR1 failedNC-18049 [Base System] Not able to upgrade firmware from loader as 2 GB memory check failsNC-17432 [Certificates] Certificate with ID email has wrong ID after importNC-17246 [Clientless Access(HTTP/HTTPS)] URL rewrite inside HTML document not workingNC-15855 [Firewall] Adding a zone without any service failsNC-16090 [Firewall] Source port changes to random over IPSec VPNNC-16695 [Firewall] Protect > Intrusion Prevention - column name text wrapped several times in Japanese languageNC-16728 [Firewall] Display issues when editing firewall rules in Traditional and Simplified ChineseNC-17068 [Firewall] XG not forwarding IPv6 echo request which has no next header (next header=59) in IPv6 header or in extension headerNC-17069 [Firewall] No ICMPv6 parameter problem sent when receiving unrecognized/unassigned next header in IPv6 header or in extension headerNC-17350 [Firewall] IP family wise network/host validation is not done while adding local ACL rule via APINC-17459 [Firewall] App Filter (microapp enabled) causes port 443 traffic to be forwarded to proxyNC-17463 [Firewall] Upgrade from SF 15.01 MR3 to SF 16.05 GA results in factory resetNC-17519 [Firewall] Wrong country classification for IP addressNC-17730 [Firewall] "HTTP service" message displays even HTTP service not there after saving the zoneNC-17731 [Firewall] HTTPS service can be removed from zone, when accessing UI from bridge IP bound to same zoneNC-17732 [Firewall] Duplicate entry of members are seen, when editing the default zones if members are associated with itNC-16712 [Framework part of Base] HA node in failsafe mode after software upgradeNC-17259 [Framework part of Base] Unable to see live graph from WAN zone and interface infoNC-11687 [Framework(UI)] Changing system time requires reloginNC-15270 [Framework(UI)] Not able to select start date and end date for wireless time-based accessNC-1701 [Framework(UI)] TAB focus is not visible in ChromeNC-17488 [Framework(UI)] Tooltips behave strange and point to a wrong elementNC-18071 [Framework(UI)] Cannot filter for 'Rule Type' in Log ViewerNC-3965 [Framework(UI)] Cookie not reset after auto logout in userportalNC-16470 [Galileo Heartbeat] Traffic will be dropped due to Heartbeat if the client is connected to the same Network over LAN and Wifi at the same timeNC-16599 [Galileo Heartbeat] Crash of heartbeatd after "Broken Pipe"NC-15319 [HA] IPsec VPN not connecting after HA fail over through monitoring portNC-16832 [Hotspot] Minor UI inconsistency when trying to delete multiple hotspotsNC-17440 [Hotspot] Two mail notifications sent when using "Password of the day" in HANC-16639 [IDS + AppControl] Wrong risk level for Facebook Graph API and App is missing in "Very High Risk (Risk Level 5)" apps groupNC-17796 [IDS + AppControl] Not able to configure QoS policy to application category 'IM+ Android'NC-13255 [IPS] Service stopped/unregistered state after disabling firewall-acceleration in HA modeNC-15636 [IPS] Unable to start IPS service on SW/VM appliancesNC-15710 [IPS] DHCP option 67 is not working properlyNC-17245 [IPS] IPS engine is not getting reply packets in TAP modeNC-18368 [IPS] WINGc categorization not working in TAP modeNC-5474 [IPS] IRQs not set correctly with appropriate CPU for given port-affinityNC-18197 [License] Administration part of the webadmin page is inaccessibleNC-13375 [Mail Proxy] Email Quarantine only shows first part of dayNC-17346 [Mail Proxy] SPX - after registering it takes time before first message is sentNC-17804 [Mail Proxy] Incorrect total utilization value shown in SMTP quarantineNC-17920 [Mail Proxy] Network can also be selected in host list while creating SMTP policy in MTA modeNC-18044 [Mail Proxy] SMTP service restarts sometimes on high loadNC-18296 [Mail Proxy] Email address is truncated in notifications if sender address contains special charsNC-4480 [Mail Proxy] MIME filter,SMTP/S: Attachment name with i18n character is not proper in mail bodyNC-16898 [Network Services] Unable to add FQDN host using double dash (--)NC-17276 [Network Services] IPv6 SLAAC does not work according to RFCsNC-17699 [Network Services] Unable to delete bridge interface when bridge host used in SSL VPN Remote AccessNC-16275 [Networking] IPSec S2S - DHCP reply packet is not forwarded to LAN when PPPOE is enabled on WAN interfaceNC-16837 [Networking] WWAN name should be updated to cellular WANNC-6943 [Networking] PIM - Interface update from DHCP to PPPoE sets Candidate RP IP to undefinedNC-17375 [RED] DHCP server settings will be reset to default if you change anything in the RED interfaceNC-17515 [RED] Monitoring Avaibility->Display wrong colour code and tooltip status for RED statusNC-18017 [RED] RED Tunnel unstable via PPPOENC-16690 [Reporting] Double byte caracters in PDF are corruptNC-16729 [Reporting] Junk character in report PDF in Traditional Chinese languageNC-16992 [Reporting] Sandstorm records disappear after some timeNC-17330 [Reporting] Unable generate custom report with around 50000 recordsNC-17360 [Reporting] Daily report scheduling doesn't work correctly with "Send email at 24 Hours"NC-17433 [Reporting] Long title runs off at the end of the PDF page for custom reportsNC-17765 [Reporting] VPN traffic in executive repoprt shows no dataNC-16257 [Routing] OSPF multicast group limit reachedNC-17847 [SSLVPN] Wrong info message when saving global SSL VPN settingsNC-6580 [SSLVPN] Disconnecting SSL VPN connections has to take remote port into accountNC-17469 [SupportAccess] Service warning on deactivated SupportAccessNC-11118 [UI] Improve browser console for long syntaxNC-17965 [UI] Language Selection on login doesn't change the labels in the login maskNC-15815 [VPN] Incorrect IPSec configuration pushed by SFMNC-17260 [VPN] Import of configuration files not workingNC-17768 [VPN] Cannot enable Cisco VPN if last remaining user stated on VPN screen is removed from the user's screenNC-17863 [WAF] XG85 /tmp Partition is filling upNC-18010 [WAF] Fix segmentation fault in mod_xml2enc for multi-byte charsetsNC-18047 [WAF] Special characters are encoded when HTML rewrite is enabledNC-13221 [Web] Extra parameters pushed from SFM to SFOS for web settingsNC-13909 [Web] HTTPS traffic is proxied but Web Proxy is turned offNC-13960 [Web] SFOS breaks auto-update on SAV for MacNC-16693 [Web] Protect > Web some strings are cut offNC-16730 [Web] No captive portal redirection for new requested URL configured in exception with "Skip Policy Checks" actionNC-17398 [Web] Unauthenticated user is able to access the Whatsapp/Facebook applicationNC-17481 [Web] Captive Portal redirecting to empty IP addressNC-17740 [Wireless] Rogue AP scan failed in log viewerNC-18006 [Wireless] LocalWiFi - failed to configure IP address on WiFi interfaceNC-18025 [Wireless] Rogue AP Scan failed when click on "Scan Now"
You can find the firmware for your appliance from in MySophos portal.
For me every new release the manual excpetions that I have added inside Web \ Exceptions \ Microsoft Windows Update are deleted.
Are you modifying the built-in 'Microsoft Windows Update' exception, or adding a new exception completely? If you're modifying the existing built-in exception, how are you modifying it?
This isn't something I have heard reported before, so I want to better understanding what the issue is.
When I access the IPS signature selection screen the process postgres is starting to use one CPU at 100% for some minutes. The signatures won't be displayed at all.
Update: The problems seems to occur with custom selections in Platforms. After a reboot the list will be displayed after some minutes of waiting while postgres is running at 100%.
Update 2 after 1 day: The IPS upate2date package 3.13.55 solved the issue for me.
Basically I had the same problem as described here: community.sophos.com/.../ips-policy-slow-after-update-to-mr2
is the Subject Alternative Name fixed in this MR? Nothing is reported about it in the RN.
Looking forward to testing these items, as I had all three:
NC-17740 [Wireless] Rogue AP scan failed in log viewer (in MR1 I had this turned off)
NC-18006 [Wireless] LocalWiFi - failed to configure IP address on WiFi interface (in MR 1 I had to restart the device)
NC-18025 [Wireless] Rogue AP Scan failed when click on "Scan Now" (as above)
Looks good so far..... :-)