Related
Recommended
RichBaldry

We've just released UTM 9.707. As usual, the release will be rolled out in phases:

  • In phase 1 you can download the update package from our download server.
  • During phase 2 we will make it available via our Up2Date servers in several stages.
  • In phase 3 we will make it available via our Up2Date servers to all remaining installations.

Up2date information

News

  • Maintenance release
  • Security release

Remarks

  • System will be rebooted
  • Configuration will be upgraded

Issues resolved

  • NUTM-12550 [Access & Identity] Replace deprecated option in SSLVPN client config
  • NUTM-12310 [Email] SPF checks incorrectly occurring when multiple upstream hosts are configured in an availability group
  • NUTM-12672 [Logging] IPFIX does not switch source and destination ports between inbound and outbound side of flow
  • NUTM-12749 [Basesystem] Update bzip2 to address CVE-2019-12900
  • NUTM-12590 [Basesystem] Patch OpenSSL against CVE-2021-23840 & CVE-2021-23841

  • Hi,

    I just had an odd experience with by SG 115W and Up2Dateand want to see if I should be concerned and if anyone else has seen this. A couple of weeks ago (mid August 2021) I update the firmware to what I believed at teh time was current. Then today when checking the system, it says I need to update the firmware for both versions 9.706, and and 9.707, which I though I had already done. Started by updating them singly (9.706-9), and it hung up in the Post-stop phase. I logged back into the system, and now it says it is up to date with version 9.706. So:

    1) Is it on version 9.707 or 9.706?

    2) if it is 9.706, did I just roll it back?

    3) how do I fix it?

    4) Can I trust the version that was installed?

    5) other comments ....

    Thanks,

  • Hi, since i installed the update, the swap usage on my SG135 is constantly on 100% - could anyone tell me, what to to?

  • After the firmware update from 9.705, the SOPHOS RED 15 in our remote branch was not able to get provisioned, entering an infinite loop of failed reconnections.  The way to force provisioning was to tweak the tunnel configuration in the "advanced" options under the "Client Configuration" tab, RED Management menu, and then switching the client config On and Off some times, as suggested here: https://community.sophos.com/utm-firewall/f/remote-ethernet-device-red/110908/solved-red15w-does-not-update-it-s-firmware-after-update-the-utm-to-9-601-5

  • in reply to Magy

    IPFIX is a way of outputting log information about network flows seen by the UTM. TCP connections are two-way flows - a client-server flow and a server-client flow. IPFIX data shows the two halves of the flow separately.

    Each half of the flow is identified by source IP address & port, and destination IP address & port.

    For a connection from client 192.168.7.5 port 54345 to server 10.10.10.10 port 443, the two half-flows should be labelled as follows:

    • Client to server
      • Source IP:port - 192.168.7.5:54345
      • Destination IP:port - 10.10.10.10:443
    • Server to client
      • Source IP:port - 10.10.10.10:443
      • Destination IP:port - 192.168.7.5:54345

    In this issue, it was noticed that sometimes the IPFIX data showed the ports on the server-client flow were the wrong way round, so you would get:

    • Client to server
      • Source IP:port - 192.168.7.5:54345
      • Destination IP:port - 10.10.10.10:443
    • Server to client
      • 10.10.10.10:54345
      • 192.168.7.5:443

    After installing 9.707, this issue should no longer be observed in IPFIX output.

  • NUTM-12672 [Logging] IPFIX does not switch source and destination ports between inbound and outbound side of flow

    Can u explain this please

Unfiltered HTML