We've just released UTM version 9.7 MR15 (9.715). As usual, the release will be rolled out in phases:
- In phase 1 you can download the update package from our download server. Click the link and navigate to the folder UTM / v9 / up2date.
- Up2date package – 9.714 to 9.715 https://download.astaro.com/UTM/v9/up2date/u2d-sys-9.714004-715003.tgz.gpg
- Md5sum is 8f41c6e22f7a4422e61ee5daa1d3f883 https://download.astaro.com/UTM/v9/up2date/u2d-sys-9.714004-715003.tgz.gpg.md5
- During phase 2 we will make it available via our Up2Date servers in several stages.
- In phase 3 we will make it available via our Up2Date servers to all remaining installations.
Details of this release, along with previous releases, can be found on our official release notes page.
- Maintenance Release
- Security Release
- System will be rebooted
- Configuration will be upgraded
To help customers planning to migrate from SG UTM across to our next-generation XGS platform, we have made it easier to access the RED unlock code. This code is required when changing a RED device so that it managed by and connected through a different UTM or Firewall.
In 9.7 MR15, when you delete a RED device from the UTM WebAdmin console, WebAdmin will display the unlock code in a pop-up message confirming the delete action. It will also send an email notification containing the unlock code to the email addresses listed as “Notification Recipients” under Management > Notifications > Global.
- NUTM-14054, NUTM-14049 [AWS] PAYG license expires if you turn on IMDSv2
- NUTM-14015 [AWS] Unable to startup AWS HVM instance after reboot
- NUTM-13908 [Basesystem] IPsec doesn't reconnect on DHCP interface after firmware upgrade
- NUTM-13906 [Basesystem] Address DHCP vulnerabilities: CVE-2022-2928, CVE-2022-2929
- NUTM-13770 [Basesystem] Turn off the autocomplete attribute in the password field for RESTful API authentication
- NUTM-13490 [Basesystem] Address vulnerabilities in Zlib: CVE-2018-25032, CVE-2022-37434
- NUTM-13489 [Basesystem] Address bind vulnerabilities
- NUTM-13488 [Basesystem] Address vulnerability in GNU tar: CVE-2021-20193
- NUTM-12593 [Basesystem] Add backend configuration for IPS SMTP Memcap
- NUTM-14016 [RED] All RED connections drop and reconnect after RED server core dump
- NUTM-13656 [Sandstorm] Excessive Sandbox database error messages in system.log
- NUTM-13898 [Wireless] Address local WiFi driver vulnerabilities: CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722