New Sophos Support Phone Numbers in Effect July 1st, 2023

Hi Community!

We have released RED firmware pattern update version 3.0.008. The firmware is immediately available for download and update. This is a maintenance release with several important security updates. Multiple RED firmware components were updated, that collectively address a number of open CVEs relevant to those components, though not all of the CVEs resulted in vulnerabilities on (SD-)RED devices 

News

Maintenance Release 

Security Fixes

  • NRF-594 - RED/SD-RED: Address OpenSSL Vulnerability - CVE-2022-0778
  • NRF-532 – Upgrade libcurl to 7.79.0 to address CVE-2021-22947 CVE-2021-22946 CVE-2021-22945
  • NRF-572 – Address glib2 CVE-2021-3800
  • NRF-533 - SD-RED 20/60: Address Kernel CVE-2020-25705
  • NRF-534 – RED 15/50: Upgrade jq to address CVE-2015-8863, CVE-2016-4074
  • NRF-535 – RED 15/50: Upgrade libxml2 to 2.9.9 to address CVE-2017-16931, CVE-2016-4658, CVE-2016-4448, CVE-2016-5131, CVE-2016-5130, CVE-2017-9050, CVE-2017-9049, CVE-2017-9047
  • NRF-537 – RED 15/50: Upgrade libnl to 3.5.0 to address CVE-2017-0553
  • NRF-540 – RED 50: Address the following CVEs on Linux Kernel Version 3.18.43: CVE-2016-10229, CVE-2017-13715, CVE-2017-5970, CVE-2017-8890, CVE-2020-25705, CVE-2017-6214

Bug Fixes

  • NRF-65 - aweclient tries to connect to the old IP after the RED15w IP & DHCP range are changed
  • NRF-574 - RED60: LTE Module is not working on SD-RED with Verizon MI-FI SIM card
  • NRF-566 - Red50 crashes/tunnel gets randomly disconnected

Install Instructions

  • On Sophos Firewall web UI, navigate to Backup & Firmware > Pattern Updates.
  • If the RED Firmware version is older than this release, click Update Pattern Now
  • When ready to deploy new firmware to connected SD-RED devices, click Install. 
  • (SD-)RED devices will be rebooted during the firmware installation process

Supported Platforms

  • SFOS v17.5 MR12+
  • SFOS v18.0 MR3+
  • SFOS v18.5 GA+
  • SFOS v19.0 EAP0+