Hi Community! We have released RED firmware pattern update version 3.0.007. The firmware is immediately available for download and update. This is a maintenance release with several important security updates. A number of RED firmware components were updated, that collectively address a large number of open CVEs relevant to those components, though not all of the CVEs result in vulnerabilities on RED devices.
- NRF-513 Address Frag Attack vulnerabilities in RED devices (CVE-2020-24586, CVE-2020-24587, CVE-2020-24588, CVE-2020-26139, CVE-2020-26140, CVE-2020-26141, CVE-2020-26142, CVE-2020-26143, CVE-2020-26144, CVE-2020-26145, CVE-2020-26146, CVE-2020-26147)
- NRF-514 Address open CVEs in openssl (CVE-2020-1971, CVE-2021-23840, CVE-2021-23841)
- NRF-515 Upgrade libcurl version to 7.76.1 to address open CVEs (CVE-2021-22898, CVE-2021-22924, CVE-2021-22925)
- NRF-510 Upgrade dnsmasq to v2.85 (CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673,CVE-2021-29155, CVE-2021-3501)
- NRF-516 Address open CVEs in binutils utility
- NRF-509 Fix issue where AP was not registering over RED15w tunnel
- NRF-517 Fix issue where SD-RED60 LAN switch VLAN configuration was lost after some time
- On Sophos Firewall web UI, navigate to Backup & Firmware > Pattern Updates.
- If RED Firmware version is older than this release, click Update Pattern Now
- When ready to deploy new firmware to connected SD-RED devices, click Install.
- RED devices will be rebooted during firmware installation process