Hi Community!
We have released RED firmware pattern update version 3.0.008. The firmware is immediately available for download and update. This is a maintenance release with several important security updates. Multiple RED firmware components were updated, that collectively address a number of open CVEs relevant to those components, though not all of the CVEs resulted in vulnerabilities on (SD-)RED devices
News
Maintenance Release
Security Fixes
- NRF-594 - RED/SD-RED: Address OpenSSL Vulnerability - CVE-2022-0778
- NRF-532 – Upgrade libcurl to 7.79.0 to address CVE-2021-22947 CVE-2021-22946 CVE-2021-22945
- NRF-572 – Address glib2 CVE-2021-3800
- NRF-533 - SD-RED 20/60: Address Kernel CVE-2020-25705
- NRF-534 – RED 15/50: Upgrade jq to address CVE-2015-8863, CVE-2016-4074
- NRF-535 – RED 15/50: Upgrade libxml2 to 2.9.9 to address CVE-2017-16931, CVE-2016-4658, CVE-2016-4448, CVE-2016-5131, CVE-2016-5130, CVE-2017-9050, CVE-2017-9049, CVE-2017-9047
- NRF-537 – RED 15/50: Upgrade libnl to 3.5.0 to address CVE-2017-0553
- NRF-540 – RED 50: Address the following CVEs on Linux Kernel Version 3.18.43: CVE-2016-10229, CVE-2017-13715, CVE-2017-5970, CVE-2017-8890, CVE-2020-25705, CVE-2017-6214
Bug Fixes
- NRF-65 - aweclient tries to connect to the old IP after the RED15w IP & DHCP range are changed
- NRF-574 - RED60: LTE Module is not working on SD-RED with Verizon MI-FI SIM card
- NRF-566 - Red50 crashes/tunnel gets randomly disconnected
Install Instructions
- On Sophos Firewall web UI, navigate to Backup & Firmware > Pattern Updates.
- If the RED Firmware version is older than this release, click Update Pattern Now
- When ready to deploy new firmware to connected SD-RED devices, click Install.
- (SD-)RED devices will be rebooted during the firmware installation process
Supported Platforms
- SFOS v17.5 MR12+
- SFOS v18.0 MR3+
- SFOS v18.5 GA+
- SFOS v19.0 EAP0+
