UTM Up2date 9.7 MR20 (9.720) released

We've just released UTM version 9.7 MR20 (9.720). As this is a regular maintenance update it will be released in three phases:

• In phase 1 you can download the update package from our download server. Click the link and navigate to the folder UTM / v9 / up2date.
  • Up2date package – 9.719 to 9.720 https://download.astaro.com/UTM/v9/up2date/u2d-sys-9.719003-720005.tgz.gpg 
  • Md5sum is 7a11f9769a701aecf9229252e0fd5a99 https://download.astaro.com/UTM/v9/up2date/u2d-sys-9.719003-720005.tgz.gpg.md5 
• During phase 2 we will make it available via our Up2Date servers in several stages.
• In phase 3 we will make it available via our Up2Date servers to all remaining installations.

Details of this release, along with previous releases, can be found on our official release notes page.

On 5 June 2024, the owners of the SORBS RBL service shut it down so that it is no longer available. SORBS was used by SG UTM's Webserver Protection (WAF) in addition to the data provided by Sophos via SXL for WAF Profiles that include "Block clients with bad reputation". We have removed references to SORBS from the product and documentation.

Other news

• Maintenance Release
• Security Release

Remarks

• System will be rebooted
• Configuration will be upgraded

Issues resolved

• NUTM-14610 [Access & Identity] Strongswan Vulnerability Fixes (CVE-2017-9022 and CVE-2017-9023)
• NUTM-14563 [Basesystem] FATAL: role "epp" does not exist in system logs
• NUTM-14595 [Basesystem] REST API - Upgrade Swagger UI to address vulnerabilities
• NUTM-14705 [Basesystem] Latest mobile OpenVPN clients can't connect with compression disabled
• NUTM-14664 [Configuration Management] Printable Configuration fails - output is blank.
• NUTM-14365 [Logging] SSL VPN Remote Access reporting has gaps
• NUTM-10212 [Network] Remove DTDNS and DNSPARK options from Dynamic DNS page
• NUTM-14676 [Network] Latest OpenVPN clients require data-ciphers to be specified
• NUTM-14739 [UI Framework] WebAdmin - Upgrade Apache to 2.4.62
• NUTM-14741 [Up2Date] Pattern updates can't be installed if RPM database is corrupted
• NUTM-14663 [WAF] WAF - Upgrade Apache to 2.4.62
• NUTM-14694 [WAF] Setting Cache-Control to no-cache, no-store for WAF login forms and themes
• NUTM-14712 [WAF] Private TLS key material can appear in logs with debug mode enabled
• NUTM-14345 [Web] AWS Endpoint Transport errors AD SSO
• NUTM-14589 [Web] Standard proxy does not show certificate verification blocks in logs
• NUTM-14606 [Web] No matching filteraction found