Hi Community! We have released RED firmware pattern update version 3.0.007. The firmware is immediately available for download and update. This is a maintenance release with several important security updates. A number of RED firmware components were updated, that collectively address a large number of open CVEs relevant to those components, though not all of the CVEs result in vulnerabilities on RED devices.
News:Maintenance Release
Security fixes:
Bugfixes:
Install Instructions
*only SD-RED devices (SD-RED 60 and SD-RED 20) or it will also update RED-50, RED-15.. devices?
Hi Alan. If I ran pattern update 3.0.007 from UTM, will it update on SD-RED devices (SD-RED 60 and SD-RED 20) or it will also update RED-50, RED-15.. devices?
Keep an Eye on the Release Notes Section of UTM. As UTM need a new firmware release, it generally speaking takes longer to develop this for UTM. SFOS can use a own channel for RED/AP Firmware.
we've had a HA Failure shortly after this event oun our XG.
Somewhere in the same time, I uploaded a Firmware via GUI.
But this looks unhealthy. 12:14 we've had the HA failure
BUG Oct 12 11:58:19 [31046]: Received releasenotes : https://d3tusa5dvomhzy.cloudfront.net/CHANGELOG/18.5.1.326.releasenotes DEBUG Oct 12 11:58:19 [31046]: Received message : Sophos Firewall MR Release DEBUG Oct 12 11:58:19 [31046]: Received releasedate : 2021-08-09 DEBUG Oct 12 11:58:19 [31046]: Received name : redfw_2.00_3.0.007.tar.gz.gpg DEBUG Oct 12 11:58:19 [31046]: Received location : https://d30ncyzaneb4q0.cloudfront.net/redfw_2.00_3.0.007.tar.gz.gpg DEBUG Oct 12 11:58:19 [31046]: Received version : 3.0.007 DEBUG Oct 12 11:58:19 [31046]: Received size : 69390245 DEBUG Oct 12 11:58:19 [31046]: Received md5sum : 25c1a5899ffbab1ce2f1a1e00e2ff17b DEBUG Oct 12 11:58:19 [31046]: Received module : redfw DEBUG Oct 12 11:58:19 [31046]: Received cv : 2.00 DEBUG Oct 12 11:58:19 [31046]: Received type : full WARNING Oct 12 11:58:19 [31046]: A new update is available for redfw but we are ignoring it as download for a previous update is in progress. DEBUG Oct 12 12:01:17 [9067]: --serial = xxxxx DEBUG Oct 12 12:01:17 [9067]: --deviceid = xxxxx DEBUG Oct 12 12:01:17 [9067]: --fwversion = 18.0.5.586 DEBUG Oct 12 12:01:17 [9067]: --productcode = CN DEBUG Oct 12 12:01:17 [9067]: --model = XG430 DEBUG Oct 12 12:01:17 [9067]: --vendor = WP02 DEBUG Oct 12 12:01:17 [9067]: --pkg_sysupdate_version = 4 DEBUG Oct 12 12:01:17 [9067]: Added new server : Host - eu-west-1.u2d.sophos.com., Port - 443 DEBUG Oct 12 12:01:17 [9067]: Added new server : Host - ap-northeast-1.u2d.sophos.com., Port - 443 DEBUG Oct 12 12:01:17 [9067]: Added new server : Host - us-west-2.u2d.sophos.com., Port - 443 DEBUG Oct 12 12:01:17 [9067]: --u2d_proto = 1.50 DEBUG Oct 12 12:01:17 [9067]: Final query string is : ?&serialkey=xxxxx&deviceid=xxxxx&fwversion=18.0.5.586&productcode=CN&appmodel=XG430&appvendor=WP02&useragent=SF&oem=&pkg_sysupdate_version=4&u2d_proto=1.50 DEBUG Oct 12 12:01:19 [9067]: Response code : 503 DEBUG Oct 12 12:01:19 [9067]: Response body : <?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>503 Service Unavailable</title> </head> <body> <h1>503 Service Unavailable</h1> </body> </html> DEBUG Oct 12 12:01:19 [9067]: Response length : 361 ERROR Oct 12 12:01:19 [9067]: Received invalid top level tag html, expecting Up2Date ERROR Oct 12 12:01:19 [9067]: FATAL : Error in parsing response, exiting. Tue Oct 12 12:16:27 2021 init: Current up2date schema 18 for module atp present in public.tblup2dateinfo, updating... Tue Oct 12 12:16:27 2021 init: Previous versions for atp were cv=1.00, version=1.0.0381 Tue Oct 12 12:16:27 2021 init: Succesfully updated atp details for up2date schema 18 in public.tblup2dateinfo. Tue Oct 12 12:16:27 2021 init: /content/atp is already pointing to correct /content/atp_1.00/1.0.0381
When will the update for the UTM be made available ?