Hello Everyone,

 

I'm pleased to announce Sophos Connect 2.2 has been released. this is primarily a security and quality update that addresses a number of issues in the libraries used by Sophos Connect, and addresses a number of issues in the client. The client is available for download, and has been distributed to SFOS firewalls via pattern updates. 

 

Security Updates

  • NCL-1635 - Security fix for CVE-2022-0778
  • NCL-1585 - Security fix for CVE-2021-27406 in OpenVPN binary
  • NCL-1490 - Security fix for CVE-2021-3606 in OpenVPN
  • NCL-1667 - Security hygiene cleanup for CVE-2020-1967 

Issues Resolved

  • NCL-1622 - Fix GCM Cipher parsing error
  • NCL-1399 - Fix rare issue with random SSL authentication failure
  • NCL-1616 - Fix connection issues with special characters in password
  • NCL-1372 - Fix connection issues with special characters in password
  • NCL-1319 - Fix provisioning issues with special characters in password
  • NCL-1256 - Fix provisioning issues with special characters in password
  • NCL-1261 - Fix SSL authentication with multiple spaces in username
  • NCL-569 - Fix provisioning issues with special characters in username 

Download Links

Related Links

Parents Comment Children
  • Maybe it does. I just went to update mine and see that it is already at 2.2 and looks to have installed on 6/29. I don't recall that I did that.

    A bigger issue for me is that this client disconnects me every 1:25. The old SSLVPN client didn't have this issue using exactly the same firewall and login. I opened a ticket, but no response yet.

  • Would be really good to know. Also - the mentioned deployment method over GPOs would not roll out updated versions. So it's seems, we need to push updates via a dedicated management system.


    In cases, where devices are not joined to a central management system - are we able to look out for outdated clients on the appliance o in Sophos Central? (If not, thats fine - Im just curious, whether there is something planned for the future.)

  • Hey Joe, can you help me with the Firewall version you're trying to connect to. Also the config file extension would help. 

  • Joe, I have a customer having somewhat similar issues.  8 hours on the dot after they connect for the first time, they get disconnected.  It will show they were logged off in the firewall, but I have the AD/SSO setting set for 10 hours and VPN timeouts to unlimited.  Also, makes me wonder if this is a MFA timeout as well.

  • This only happens with the new vpn client. The old client is continuing to work just fine. We have 12 hour key lifetime on the ssl vpn. I have no idea where this 1:25 interval is coming from, but looking at the client log was very consistent.

    Our firewall is running 19.0.0 GA-Build317