UTM Up2Date 9.605 Released

24 Jul 2019

Today we've released UTM 9.605. The release will be rolled out in phases.

In phase 1 you can download the update package from our download server, in phase 2 we will spread it via our Up2Date servers.

Up2Date Information

News

Maintenance Release

Remarks

System will be rebooted
Connected APs will perform firmware upgrade
Connected REDs will perform firmware upgrade

Issues Resolved

NUTM-10885 [Basesystem] Fallback log flooded since update to 9.6
NUTM-10667 [Email] Emails are not being processed, have "Stale ID in DB" in debug log
NUTM-10870 [Email] UTM not rejecting emails with dot at the end of the local part address
NUTM-10809 [RED] Offline provisioned RED15 loses their config in case of UTM reboot
NUTM-10812 [RED] RED can't connect to UTM if it is configured in transparent/split mode and a DNS name as UTM hostname
NUTM-10903 [RED] Transparent/split: DNS does not work if the gateway and DNS server are different but in the same network
NUTM-10962 [RED] Fix for RED50 does not start up after firmware update for most scenarios
NUTM-10636 [Reporting] Executive report not accurate - missing SSL VPN sessions
NUTM-10877 [Sandstorm] Sandbox Activity in Webadmin does not show all activities since 9.6
NUTM-10822 [WAF] Privilege escalation from modules' scripts (CVE-2019-0211)
NUTM-10823 [WAF] URL normalization inconsistency (CVE-2019-0220)
NUTM-10886 [WAF] All HTTP requests are forwarded to HTTPS
NUTM-10978 [WAF] reverseproxy.log does not show requested domain
NUTM-10986 [WAF] HTML rewriting in large embedded CSS leaks memory
NUTM-10705 [WebAdmin] Potential User Portal session cookie hijacking
NUTM-10862 [WebAdmin] After updating to 9.6 read only admins cannot see advanced tabs
NUTM-10941 [WebAdmin] Webadmin not accessible when user prefetch is running
NUTM-10952 [WebAdmin] HTTPS pages sporadically no longer work with transparent proxy since 9.602
NUTM-10748 [Web] Proxy restarted httpproxy.DeferredExpire
NUTM-10792 [Web] Follow up: New Web Templates for content warn does not work in 9.6
NUTM-10802 [Web] HTTPS websites are not accessible through http proxy if you follow the BSI recommendation regarding TLS
NUTM-10816 [Web] Blockpage font rendered incorrectly in Firefox
NUTM-10876 [Web] Web Proxy blocks range requests since 9.6
NUTM-10895 [Web] Video from NEST CAM constantly loading
NUTM-10985 [Web] HTTP proxy is getting crashed with segfault and core dump

Tania Palacios over 2 years ago

Greetings,

Could you please suggest the latest stable version?
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
Niel Zanfardino over 2 years ago

I have been working with Sophos for over two weeks. The Cloud Formation template update fails. Still have no resolution.

Its unbelievable how little oversight goes into QA for these firmware updates. This marks the third major issue we have had updating UTM firmware.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
dlohnier over 2 years ago

since this udpate out RED 15 is not connecting anmore to the UTM in the office.

Looks like updating the UTM with a connected RED is very dangerous nowadays, too bad.

I hope the Support does not need weeks like last time, we need the connection, its not a game machine!
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
FlorianWulf over 2 years ago

NUTM-10812 [RED] RED can't connect to UTM if it is configured in transparent/split mode and a DNS name as UTM hostname

Dieser Fehler ist noch nicht behoben.. ich habe jetzt das Update eingespielt und mir dadurch diesen Fehler eingehandelt... Mit dem Umweg über die öffentliche IP Adresse ging es dann... aber ich hätte doch gerne den UTM Hostname wieder funktionstüchtig.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
mollet over 2 years ago

Just updated a SG115 on the weekend and ETH0 is missing now. I know how to fix it but its sad that they always reimplement problems they already solved with updates in the past...
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel