Hi XG Community!

We've finished SFOS v16.05.7 MR7. This release is available from within your device for all SFOS v16.05 installations as of now and will increase the group in a few days.

The release is available to all SFOS version via MySophos portal.

Issues Resolved

• NC-19720 [API] SQL Injection: Application filter add type
• NC-19721 [API] SQL Injection: Proxy port config
• NC-19775 [API] SQL Injection: User add/edit
• NC-20840 [Authentication] SATC: users logged in and logged out continuously
• NC-19420 [Base System] "Don't register yet " link is not shown in Chinese language
• NC-19520 [Base System] Hotfix applied multiple times in SF device
• NC-19558 [Base System] Add kernel patch for 'Stack Clash'
• NC-19920 [Base System] Several vulnerabilitiy patches for Dropbear (CVE-2016-7409, CVE-2016-7408, CVE-2016-7407, CVE-2016-7406)
• NC-20753 [Base System] Changing of "admin" password in SFM does not replicate to the XG device and device is inaccessible due to password missmatch
• NC-21237 [Base System] Linux Kernel vulnerability "Dirty Cow" (CVE-2016-5195)
• NC-19330 [Firewall] XG live logs show packets out of time order
• NC-19659 [Firewall] Invalid IP Host import fails but leaves invalid db entries causing system framework failure
• NC-19674 [Firewall] Unidentified user usage from identity based rule
• NC-20343 [Firewall] Wrong GeoIP classification for some IP addresses
• NC-19745 [Hotspot] Hotspot custom voucher is changed to default upon hotspot update
• NC-19956 [Localization] XG translation error on the firewall policies page for Brazilian (PT-BR) language
• NC-19300 [Mail Proxy] Unable to parse or decode the contents of the email when the banner contains bare LF
• NC-19354 [Mail Proxy] Quarantined Emails are not visible in Webadmin
• NC-19829 [Mail Proxy] Email are bounced with SMTP/s scanning and RBL enabled
• NC-19873 [Mail Proxy] XG inconsistent NDR notification behaviour
• NC-19901 [Mail Proxy] Attachment name causing awarrentmta to stop
• NC-20490 [Mail Proxy] SMTP Quarantine data doesn't load in User Portal for all users
• NC-20784 [Mail Proxy] SMTP Quarantine data is not loading
• NC-19621 [Network Services] nslookup / dnslookup commands not using specified server
• NC-19136 [Networking] Incorrect information in System Graphs for bandwidth usage
• NC-19598 [Networking] Gateway failover not working
• NC-19750 [Networking] IPv6 Policy Route not removed from system when gateway is deleted
• NC-19716 [UI] SQL Injection: Current Activities
• NC-19753 [UI] SQL Injection: filter function
• NC-19540 [WAF] WAF - Fix CVE-2017-7679: mod_mime buffer overread
• NC-19717 [WAF] SQL injection: IPS backend server add
• NC-19718 [Web] SQL Injection: Proxy file type add
• NC-20787 [Web] Proxying is allowed through port 8090
• NC-19719 [Wireless] Blind code execution: Access point edit

Downloads

You can find the firmware for your appliance from in MySophos portal.