Hello Everyone,

 

I'm pleased to announce Sophos Connect 2.2 has been released. this is primarily a security and quality update that addresses a number of issues in the libraries used by Sophos Connect, and addresses a number of issues in the client. The client is available for download, and has been distributed to SFOS firewalls via pattern updates. 

 

Security Updates

  • NCL-1635 - Security fix for CVE-2022-0778
  • NCL-1585 - Security fix for CVE-2021-27406 in OpenVPN binary
  • NCL-1490 - Security fix for CVE-2021-3606 in OpenVPN
  • NCL-1667 - Security hygiene cleanup for CVE-2020-1967 

Issues Resolved

  • NCL-1622 - Fix GCM Cipher parsing error
  • NCL-1399 - Fix rare issue with random SSL authentication failure
  • NCL-1616 - Fix connection issues with special characters in password
  • NCL-1372 - Fix connection issues with special characters in password
  • NCL-1319 - Fix provisioning issues with special characters in password
  • NCL-1256 - Fix provisioning issues with special characters in password
  • NCL-1261 - Fix SSL authentication with multiple spaces in username
  • NCL-569 - Fix provisioning issues with special characters in username 

Download Links

Related Links

Parents
  • Would be really good to know. Also - the mentioned deployment method over GPOs would not roll out updated versions. So it's seems, we need to push updates via a dedicated management system.


    In cases, where devices are not joined to a central management system - are we able to look out for outdated clients on the appliance o in Sophos Central? (If not, thats fine - Im just curious, whether there is something planned for the future.)

  • It's really annoying that the installer doesn't update existing versions, that seems like quite an oversight to me.  We don't have anything like SCCM so have just finished manually installing 2.1 on 100 laptops.  Now we need to start again (a real challenge with everyone working remotely and not having admin credentials).

    Maybe I could write a script to uninstall the old version first, then install the new one...

    A number of users have issues with connectivity using 2.1; they authenticate fine, and can ping their VPN IP, but various applications just don't work until they disconnect and reconnect a few times.  Hopefully 2.2 will fix that.

Comment
  • It's really annoying that the installer doesn't update existing versions, that seems like quite an oversight to me.  We don't have anything like SCCM so have just finished manually installing 2.1 on 100 laptops.  Now we need to start again (a real challenge with everyone working remotely and not having admin credentials).

    Maybe I could write a script to uninstall the old version first, then install the new one...

    A number of users have issues with connectivity using 2.1; they authenticate fine, and can ping their VPN IP, but various applications just don't work until they disconnect and reconnect a few times.  Hopefully 2.2 will fix that.

Children
No Data