This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

9.712 not bundelt with new RED and APX Firmware?

Hi folks, just curios because there is nothing mention in the realese notes for 9.712:

There were new releases for APX firmware (https://community.sophos.com/sophoswireless/b/blog/posts/release-note-for-apx120-update-ap-fw-11-0-020) and for RED firmware (https://community.sophos.com/sophos-xg-firewall/b/blog/posts/sd-red-firmware-3-0-008-pattern-update-released) in the meantime.

Are these not bundelt with the new UTM update?
In the notes for the new APX firmware it is mention that 9.712 is required for accesspoints with new firmware to be recognized.
However, are already deployed APX getting a firmware update with the new UTM release?

In the notes for new RED firmware it is stated, that this only applies for SFOS.
So UTM REDs don't get those vulnerabilities patched?



This thread was automatically locked due to age.
Parents
  • The firmware is more narrowed down for specific lines within the APX APs, so it's not going to apply to every model, and hence does not belong in a UTM Up2Date version where it can, and most likely will, brick APs that should not receive pushed firmware by UTM.

    There are already complaints about it bricking APs, and we don't have to worry about any vulnerabilities with the firmware.

    As far as the RED goes, it may apply only to XG because those vulnerabilities only affect XG and not UTM.  There are multiple instances of this taking place in the past - XG affected and not UTM, and vice versa.

    Just because one line gets a firmware push doesn't mean we all get the same push of updates, because they could even do more harm than good in some instances, or simply do not apply.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Reply
  • The firmware is more narrowed down for specific lines within the APX APs, so it's not going to apply to every model, and hence does not belong in a UTM Up2Date version where it can, and most likely will, brick APs that should not receive pushed firmware by UTM.

    There are already complaints about it bricking APs, and we don't have to worry about any vulnerabilities with the firmware.

    As far as the RED goes, it may apply only to XG because those vulnerabilities only affect XG and not UTM.  There are multiple instances of this taking place in the past - XG affected and not UTM, and vice versa.

    Just because one line gets a firmware push doesn't mean we all get the same push of updates, because they could even do more harm than good in some instances, or simply do not apply.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Children
No Data