Hi XG Community!
We've released SFOS v17.5.7 MR7 for the Sophos XG Firewall. Initially, the firmware will be available by manual download from your MySophos account. We then make the firmware available via auto-update to a number of customers, which will increase over time.
Please visit the following link for more information regarding the upgrade process: Sophos XG Firewall: How to upgrade the firmware.
NC-41262 [Authentication] Users randomly getting disconnected with CAA
NC-46466 [CaptivePortal] Connection security configuration options for Captive Portal and HTTP Proxy
NC-46787 [CM (Zero Touch)] Some USB pen drives fails to mount
NC-46750 [Dynamic Routing (PIM)] Camera recordings are missing at NVR
NC-46707 [Email] Exception for IP reputation and RBL works incorrectly
NC-43902 [Firewall] API export of service objects has the incorrect order
NC-45322 [Firewall] NMI backtraces
NC-45603 [Firewall] Legacy Mode SMTP rule with IPlist not working
NC-47632 [Firewall] TCP SACK PANIC - Kernel vulnerabilities
NC-45720 [Firmware Management] Device rebooting continuously while boot with SFOS firmware version after migration from CROS
NC-46658 [RED] Typo in Popup message after RED creation in German language setting
NC-43414 [Authentication, SSLVPN] Login restriction feature on user accounts for SSL VPN not working correctly
NC-45258 [SSLVPN] Wrong route is added while using static virtual IP address in SSL-VPN Site-to-Site tunnel
NC-46579 [Web] Unable to add sub-domain when sub-domain contains single value
NC-47906 [Wireless] TCP SACK PANIC - Kernel vulnerabilities on XG managed AP
To manually install the upgrade, you can download the firmware from the MySophos portal. Please refer to Sophos XG Firewall: How to upgrade the firmware.
Was it 6 or was it 7 :-)
MR7 is not avail for download yet...
Probably you have to correct article content and replace MR6 with MR7
you wrote in your advisory, that Sophos AP's was not affected with TCP SACK PANIC, was it vulnerable anyway?
Thanks for the hint. Corrected to MR7 ;)
Do I see anything related to DHCP bugs and logs not updating bugs ?
This release caused again that DHCP Clients were no longer served with a DefaultGateway... Had to apply the DHCP Settings again to get this work. This issue happened allready on a previous MR release in my environment... So this issue seems to be specific to my environment for any unknown reason...
Thanks for letting us know, I had this issue too with the last release. Also had to apply a backup file to get it fixed the fastest way. I will not run this MR. talex is this recurring issue being looked at?
talex also I found this in my download list SW-17.5.7_MR-7.SFW-511. What version is this? As this is not the regular update.