Hi Everyone,

We've just released 9.408 to the Up2Date servers. This is a full GA release, meaning that all firewall running will be offered the automatic update.

News

  • Maintenance Release

Remarks

  • System will be rebooted
  • Configuration will be upgraded
  • Connected REDs will perform firmware upgrade

Bugfixes

  • NUTM-5349 [AWS] Restore fails if UTM is created with backup file in user data
  • NUTM-5466 [AWS] ssh disabled - No connection to stack instances
  • NUTM-5546 [AWS] UTM Cloud Update does not work in GovCloud
  • NUTM-5654 [AWS] Conversion should not be visible for HA and AS
  • NUTM-3203 [Access & Identity] [RED] If creation of RED device fails, certificates are not deleted
  • NUTM-4948 [Access & Identity] [RED] Enabling wireless on RED15w causes 'link down'
  • NUTM-5068 [Access & Identity] [RED] TCP Vulnerability (CVE-2016-5696)
  • NUTM-5173 [Basesystem] Memory (swap) leak in RAID monitor
  • NUTM-5407 [Basesystem] OpenSSL security update (1.0.1u)
  • NUTM-5461 [Basesystem] BIND Security update (CVE-2016-2776)
  • NUTM-5714 [Basesystem] CVE-2016-5195 - Linux Kernel - Dirty Cow
  • NUTM-3042 [Configuration Management] Advanced Threat Protection page error when login as Network Protection Auditor
  • NUTM-4215 [Documentation, Email] POP3 Proxy reporting source IP of 0.0.0.0
  • NUTM-4840 [Email] Email is automatically released after timeout from Sandstorm
  • NUTM-5285 [Email] SMTP file extension filter is case sensitive
  • NUTM-5599 [Email] Mails with the same recipient set twice lead to corrupt mail queue
  • NUTM-4938 [Endpoint] Customers who expand their EP license do not get EP Protection enabled
  • NUTM-5049 [Endpoint] Liveconnect Connectivity Issue
  • NUTM-4400 [HA/Cluster] pg_ctl: PID file "/var/storage/pgsql92/data/postmaster.pid" does not exist
  • NUTM-3158 [Kernel] Kernel freeze when running Web Proxy in full transparent mode
  • NUTM-3490 [Network] Ethernet Bridge with dynamic IP looses connectivity after IP renewal
  • NUTM-4592 [Network] OSPF: SSL VPN route injection still not working in 9.404
  • NUTM-5147 [Network] Kernel panic on several SG135 - Kernel Fixes
  • NUTM-5542 [SUM] Availability Group is unresolved after it was re-deployed without a real change
  • NUTM-5207 [Sandboxd] Sandbox error when downloading a file with an umlaut in file name
  • NUTM-5209 [Sandboxd] sandboxd is unable to open database file due to wrong ownership
  • NUTM-4816 [Up2Date] Up2Date downloader logs errors in uplink balancing setups
  • NUTM-488 [Virtualization] Fix unstable NIC ordering on VMWare
  • NUTM-5334 [WebAdmin] Authenticated users might gain access to stored passwords (CVE-2016-7397, CVE-2016-7442)
  • NUTM-4167 [Web] Web Protection Reporting filtered by departments doesn't provide all data
  • NUTM-4806 [Web] sandboxd is unable to insert into TransactionLog on HA setup
  • NUTM-4876 [Web] URL request to parent proxy seems to be send as http request instead of https
  • NUTM-5136 [Web] Web proxy in transparent mode removes authentication header
  • NUTM-5082 [WiFi] IPSec traffic is not routed properly if the client is connected over Hotspot
  • NUTM-5303 [WiFi] Characters in Hotspot terms of use not encoded correctly

Firmware Update:

From 9.407:

DL: ftp://ftp.astaro.de/UTM/v9/up2date/u2d-sys-9.407003-408004.tgz.gpg

Size: ~97M

MD5: 29c7c7f2c5892a8ee929e7474978700c

Parents
  • TobiasKratz: We are on UTM Version 9.408-4 and do not have any problems with SSO or Remote SSL VPN.

    Her the original answer from sophos support to our support case about the "Authentication Server Bind DN Password" issue with UTM Version 9.408-4:

    <snip>

    1: This was reported to us in version 9.408-4 which is why we are just discovering this now.

    2: It is only a problem with the testing functionality and the actual authentication service is not affected

    <snip>

Comment
  • TobiasKratz: We are on UTM Version 9.408-4 and do not have any problems with SSO or Remote SSL VPN.

    Her the original answer from sophos support to our support case about the "Authentication Server Bind DN Password" issue with UTM Version 9.408-4:

    <snip>

    1: This was reported to us in version 9.408-4 which is why we are just discovering this now.

    2: It is only a problem with the testing functionality and the actual authentication service is not affected

    <snip>

Children
No Data