UTM Up2date 9.716 released

We've just released UTM version 9.7 MR16 (9.716). As usual, the release will be rolled out in phases:

• In phase 1 you can download the update package from our download server. Click the link and navigate to the folder UTM / v9 / up2date.
  • Up2date package – 9.715 to 9.716 https://download.astaro.com/UTM/v9/up2date/u2d-sys-9.715004-716002.tgz.gpg
  • Md5sum is fd6fc0ca5900abdcc77fddb5627821bd https://download.astaro.com/UTM/v9/up2date/u2d-sys-9.715004-716002.tgz.gpg.md5
• During phase 2 we will make it available via our Up2Date servers in several stages.
• In phase 3 we will make it available via our Up2Date servers to all remaining installations.

Details of this release, along with previous releases, can be found on our official release notes page.

Other news

• Maintenance Release
• Security Release

Remarks

• System will be rebooted
• Configuration will be upgraded

Sophos UTM no longer supports CFFS for web categorization

With this release, all online web categorizations will use Sophos XL Categorisation (SXL). This has been the default method since version 9.3 - released nearly 10 years ago - so this change will impact very few devices.

We recommend you upgrade to this release to benefit from this change.

For more information, see Decommissioning of obsolete URL categorization services (CFFS) on 1 September 2023.

Issues Resolved

• NUTM-14139 [Basesystem] Mexico time zone still switches to DST
• NUTM-14089 [Basesystem] High CPU usage by rrdtool due to DST
• NUTM-14051 [Basesystem] Upgrade Postgres to 9.2.24 to address numerous vulnerabilities
• NUTM-14038 [Basesystem] Address OpenSSL vulnerabilities: CVE-2023-0286, CVE-2023-0215
• NUTM-13689 [Basesystem] Upgrade Apache to 2.4.56 to address numerous vulnerabilities
  
• NUTM-13537 [Basesystem] VLAN interfaces on a RED interface are deactivated if you turn off and then turn on the RED interface
• NUTM-14172 [Email] Potential denial of service vulnerability in SPX portal and Webadmin: CVE-2002-20001, CVE-2022-40735
• NUTM-14107 [Email] SPX announcement email without message ID header
• NUTM-14039 [Email] Potential denial of service vulnerability in email service: CVE-2002-20001, CVE-2022-40735
• NUTM-13882 [Email] Downloading emails from Mail Manager fails
• NUTM-14217 [UI framework] WebAdmin post-auth command injection: CVE-2023-3367
• NUTM-14134 [WAF] Potential denial of service vulnerability in webserver protection: CVE-2002-20001, CVE-2022-40735