Hi XG Community!
We've finished SFOS v17.0.6 MR6. This release is available from within your device for all SFOS v17.0 installations as of now.
Besides that, the release is available to all SFOS version via MySophos portal.
Notes
- On v16 to v17 update, SFOS does not set SHA2 truncation on custom IPSec policy. Please see https://community.sophos.com/kb/127867
-
Behavior change between SFOS v17.0 MR5 and v17.0 MR6 when IPsec connection using a hostname instead of an IP address. Please see https://community.sophos.com/kb/en-us/131814.
Issues Resolved
- NC-26520 [Base System] Logviewer exceeds allotted diskspace
- NC-26601 [Base System] validatePort didn't validate all used ports correctly
- NC-25574 [IPsec] Upgrade to v17 failed when a policy with name 'IKEv2' was created before upgrade
- NC-26694 [IPsec] High memory usage of charon
- NC-27001 [IPsec] Unable to enable the fail-over group for IPSec
- NC-27228 [IPsec] IPsec connection ref count sometimes wrong
- NC-27276 [IPsec] IKEv2 connection not retried when receiving AUTH_FAILED
- NC-27278 [IPsec] Display issue in IE11 for IPSec Connections - NAT
- NC-27283 [IPsec] HA: Hard reset failover takes too long
- NC-27333 [IPsec] HA: Connections not synced to aux when pushing connect button
- NC-27384 [IPsec] Race condition in charon when 60s retry timeout and IKE_INIT occur close together
- NC-27412 [IPsec] IPSec failover group shows 2 active connections
- NC-27510 [IPsec] IKEv1: cannot handle more than 2 concurrent Quick Mode exchanges per IKE_SA
- NC-27608 [IPsec] IPSec Profiles XML has no information for new added configuration
- NC-27734 [IPsec] Unable to recreate the config using the same connection name in Cisco VPN connection after reset
- NC-27916 [IPsec] CSC freezing sporadically & system goes unresponsive
- NC-28090 [IPsec] Follow Up - VPN connection can't be established if the PSK is very long
- NC-27240 [Mail Proxy] Unable to send emails due to auto routing to rcpt DNS in case of greylisting reply for MX
- NC-27382 [Network Services] DHCP Relay didn't work after upgrade to SF v17 MR3
- NC-26104 [Networking] Networkd dead in HA setup
- NC-27488 [WAF] Mod_url_hardening stack corruption
Downloads
You can find the firmware for your appliance from in MySophos portal.