Important Notes

The initial UTM 9.703 release was pulled back and replaced with a new build (9.703-3), where the code change for "NUTM-11173 [Basesystem] IPsec doesn't re-connect on DHCP interface after firmware upgrade" is reverted. More information and RCA can be found in the KBA at:

The new version of UTM 9.703 is available at our download server.

There are two update packages available:

  • One for customers, who are still on UTM 9.702 (u2d-sys-9.702001-703003.tgz.gpg) and
  • One for customers, who have already updated to 9.703-2 (u2d-sys-9.703002-703003.tgz.gpg).

Both update will be available via our Up2Date server later.


Up2Date Information


  • Maintenance Release
  • Add Support for new SD-RED 20 and SD-RED 60 devices


  • System will be rebooted
  • Configuration will be upgraded
  • Connected REDs will perform firmware upgrade
  • Connected Wifi APs will perform firmware upgrade

Issues Resolved

  • NUTM-9381 [Access & Identity] WebAdmin user getting an error while browsing 'Sophos Transparent Authentication Status' tab
  • NUTM-11258 [Access & Identity] [SAA] Wrong version of SAA displayed in Windows with MSI installer
  • NUTM-11578 [Access & Identity] Patch strongSwan (CVE-2019-10155)
  • NUTM-11589 [Access & Identity] [SAA] Add TLS 1.2 support for Windows client
  • NUTM-11590 [Access & Identity] [SAA] Add TLS 1.2 support for macOS client
  • NUTM-11675 [Access & Identity] Patch PPTP and L2TP pppd (CVE-2020-8597)
  • NUTM-11109 [Basesystem] Status lights blinking green constantly on SG 1xx and XG 1xx series
  • NUTM-11255 [Basesystem] Fix "Internet IPv6" binding in case of multiple IPv6 uplinks
  • NUTM-11417 [Basesystem] SG115rev3 HA eth3 interface flapping after update to 9.7
  • NUTM-11645 [Basesystem] Patch libxml2 (CVE-2019-19956, CVE-2020-7595)
  • NUTM-11561 [Configuration Management] Unable to load certificate list in WebAdmin when large number of certificates present
  • NUTM-10803 [Email] S/MIME signed mails have an invalid signature if 3rd party CA is used
  • NUTM-11240 [Email] Recipient verification fails due to incomplete LDAP search query
  • NUTM-11662 [Email] Bad request for release mails out of the quarantine report after update to 9.7 MR1
  • NUTM-11485 [Kernel] Patch Linux Kernel (CVE-2019-18198)
  • NUTM-11288 [Localization] AWS Current Stack link is incorrect
  • NUTM-11081 [Network] Up-link balancing not clearing conntracks when interface goes down
  • NUTM-11218 [Network] ulogd restarting/core-dumps
  • NUTM-11614 [Network] Increase GARP buffer
  • NUTM-11676 [Network] Patch pppd (CVE-2020-8597)
  • NUTM-11573 [RED] RED interface doesn't obtain IP after UTM reboot
  • NUTM-11467 [RED_Firmware] RED15w WPA/WPA2 enterprise cannot connect
  • NUTM-11822 [RED_Firmware] RED15 firmware update might fail if flash has bad blocks
  • NUTM-11378 [Reporting] Top5 Malware won't be displayed in Executive Reports if those are sent as PDF
  • NUTM-11220 [Sandstorm] When opening Sandstorm activity which contains Korean characters for example, you get this error "cannot decode string with wide characters at line 174"
  • NUTM-10202 [UI Framework] [SAA] Live user table doesn't scale with very long names
  • NUTM-11084 [UI Framework] Webadmin Information popup not visible
  • NUTM-11191 [UI Framework] Can't download certificate in WebAdmin when name contains apostrophe
  • NUTM-11584 [UI Framework] Replace FTP Up2date download link in WebAdmin with HTTPs
  • NUTM-11598 [UI Framework] Internal Server Error alert thrown with initial Webadmin request after installation
  • NUTM-11725 [UI Framework] Update prototype
  • NUTM-11130 [Web] Add configuration for savi_scan_timeout
  • NUTM-11346 [Web] Warn page proceed fails due to missing parameters
  • NUTM-10269 [Wireless] SSID stops broadcasting
  • NUTM-11581 [Wireless] User with "Wireless Protection Manager" rights is unable to change wireless settings if mesh is configured