Advisory: Support Portal Maintenance. Login is currently unavailable, more info available here.

Hi Everyone,

Today we've released UTM 9.503. The release will be rolled out in phases. In phase 1 you can download the update package from our FTP server, in phase 2 we will spread it via our Up2Date servers.

Update 2017-08-25: Unfortunately the update package has an issue with a missing config file for Samba and we needed to pull the update package down from the FTP server. We are working on a replacement urgently.

Update 2017-08-31: New update files with the fix for the missing Samba config (NUTM-8702) are available on our FTP server. There are two update files available now:

Update 2017-09-07: Update is available for all via Up2Date servers.

 

Up2Date Information

News

  • Maintenance Release
  • Configuration will be upgraded
  • Connected REDs will perform firmware upgrade
  • Connected Wifi APs will perform firmware upgrade

Remarks

  • System will be rebooted

Bugfixes

  • NUTM-7891 [AWS] awslogsd.log is beeing flooded with logmessages
  • NUTM-3196 [Access & Identity] Overlapping backend user prefetches may not be executed
  • NUTM-7943 [Basesystem] Ntpd permanently restarting on slave node
  • NUTM-8130 [Basesystem] Linux vulnerability ‘The Stack Clash’
  • NUTM-8442 [Basesystem] Network Monitor heavily logs “Writing static route to” in fallback log
  • NUTM-8431 [Configuration Management] Privilege escalation via insecure directory permissions
  • NUTM-8167 [Configuration Management] Stored XSS in UTM
  • NUTM-8229 [Configuration Management] Expiring certificate check still send notifications even after CA is regenerated
  • NUTM-8300 [Configuration Management] Expiring certificate check error fails for incomplete date in certificate
  • NUTM-8160 [Email] \N in Password of bind request causes account log out
  • NUTM-8173 [Email] UTM fails to apply DKIM signature to outbound mail with reason RC -102
  • NUTM-8339 [Email] Avira scanner in single or dual scan still results in SMTP proxy AV scanner unreachable errors on 9.414/9.501
  • NUTM-8364 [Email] S/MIME encryption - automatic certificate extraction causing high load
  • NUTM-8464 [Email] worker_do_get_file req content parsing error or missing parameters when mime header “From” in blank  
  • NUTM-8455 [Hardware] Fix hardware detection for SG230nc
  • NUTM-6981 [Network] No multicast packets visible on bridge with 10 Gbit interfaces
  • NUTM-7187 [Network] Prefix Delegation does not work correctly during a PPPoE reconnect
  • NUTM-7502 [Network] Wireless client hostname not displayed/updated
  • NUTM-7749 [Network] Filter list with hosts didn’t work in BGP and should not be possible to configure
  • NUTM-7754 [Network] WAF permanently restarts on slave node
  • NUTM-8556 [Network] SNMP - Error allocating more space for arpcache
  • NUTM-8017 [REST API] REST API not returning expected objects from API Explorer
  • NUTM-8137 [WAF] URL hardening prevents login to succeed as side effect of “Redirect to requested URL” feature
  • NUTM-8174 [WAF] Increase LimitRequestLine
  • NUTM-8169 [WebAdmin] Certain WebAdmin search fields not usable after upgrade to 9.414/9.5
  • NUTM-5797 [Web] Winbindd: Exceeding 16000 client connections
  • NUTM-7070 [Web] In Advanced Protection statistics, email count number for “Awaiting result” displayed in web field
  • NUTM-8102 [Web] Standard SSO AD issue after updating to 9.5 - IE/Chrome failing/slow to load sites
  • NUTM-8191 [Web] SSL exception matched for a specific website but didn’t work
  • NUTM-8352 [Web] Add patch for CVE-2017-11103 “Orpheus’ Lyre”
  • NUTM-8353 [Web] HTTP proxy AD-SSO authentication failing on 9.502 with more than 5,000 users or groups in AD
  • NUTM-8387 [Web] UTM registering all of it’s IPs in DNS when joining a domain
  • NUTM-8702 [Web] After 9.503-3 Update: net: error while loading shared libraries
  • NUTM-8105 [Wireless] Wireless network connected issue with Bridge to AP LAN
  • I just updated it on my utm with built in wireless and now my wifi isn't working.. this happened before but now I can't seem to get working again

  • Hi Guys, just wondering how stable is the latest 9.503 release. Waiting to get some solid recommendations before going on the bumpy update journey :) Still hanging out on the 9.413-4 !

  • OK latest updates  killed our UTM 9 Device

    Restored from backup and contacted support for help

    advised to update to latest version  9.503, only to have the same result

    symptoms before update

    the web filter was not operating correctly " blocking allowed sites

    re joining UTM to domain fixed this issue for a couple of hours

    c

  • After patching, the clients in LAN aren't able to ping our ISPs Default Gateway.

    Running a traceroute shows it listed.

    ICMP settings are enabled. External I can ping the GW, also with support tools in the UTM I can ping directly from the UTMs External interface to the GW.

    But with selecting a client on internal interface it's not possible.

    Before patching we had 9.501 no issuses there, same config.

    Any ideas?

    Btw we use the ping to default gateway with our monitoring software ....

  • Still haven't fixed the long boot times with entry level UTMs. Case ID: [#7432293] - Please fix!