We've just released UTM version 9.7 MR18 (9.718). As this is a regular maintenance update it will be released in three phases:
- In phase 1 you can download the update package from our download server. Click the link and navigate to the folder UTM / v9 / up2date.
- Up2date package – 9.717 to 9.718 https://download.astaro.com/UTM/v9/up2date/u2d-sys-9.717003-718005.tgz.gpg
- Md5sum is 61ab2c8f45baa2aace8dfa80446c7caa https://download.astaro.com/UTM/v9/up2date/u2d-sys-9.717003-718005.tgz.gpg.md5
- During phase 2 we will make it available via our Up2Date servers in several stages.
- In phase 3 we will make it available via our Up2Date servers to all remaining installations.
Details of this release, along with previous releases, can be found on our official release notes page.
Other news
- Maintenance Release
- Security Release
Remarks
- System will be rebooted
- Configuration will be upgraded
Issues resolved
- NUTM-14068 [Basesystem] Tar Vulnerability - CVE-2022-48303
- NUTM-14219 [Basesystem] Remove support for weak TLS signature algorithms in Web Admin and User Portal
- NUTM-14237 [Basesystem] Remove deprecated XSS protection header from Web Admin and User Portal
- NUTM-14285 [Basesystem] Disable session tickets on Web Admin and User Portal
- NUTM-14288 [Basesystem] Samba Vulnerability - CVE-2022-2127
- NUTM-14197 [Email] Email stuck in queue with scanner timeout
- NUTM-14289 [Endpoint] Remove Endpoint Protection from WebAdmin and system backend
- NUTM-14305 [Logging] Failed logins for SSL VPN Remote Access are not displayed in reports
- NUTM-14218 [RED] Disable DHE ciphers support for RED in UTM
- NUTM-14339 [WAF] Daily WAF Coredumps: Segmentation fault (11)
- NUTM-13182 [Web] Reflected XSS in Web Proxy - CVE-2021-4429
- NUTM-13988 [Web] Improve performance and error handling for AD SSO