DO NOT INSTALL - THE UPDATES ARE FAULTY (Read this thread through!)
· Security UpdateRemarks
· System will be rebootedBugfixes
36115 WebAdmin reflective XSS Vulnerability36126 OpenSSL security update 1.0.1q
Sascha RudolphSenior Software Engineer, NSG
I'm experiencing the same issue. This particular tool is key to me troubleshooting network bandwidth issues. I'm in the process of deploying a set of appliances at 4 locations that are supposed to go live this week. All 4 of the appliances were updated with the new firmware last night. Any idea when "future version" might be? Are we talking hours, days, weeks? I may need to hold off until this is resolved. Thanks
Edit: Firmware Version 9.352-6
Hi, Rob, and welcome to the UTM Community! The configurations should have been backed up before the Up2Dates. It should take about 10 minutes per box to download a config backup corresponding to the version you want to install, put it in the root directory of a USB memory stick, re-image the UTM from ISO and reboot with the USB key in place to restore. Unless you have hardware that requires the 9.35x branch, I would go with V9.31. From what I see here, 9.318 does not have this issue. I also don't see the crash on either of the two lab units I've Up2Dated to 9.318.
EDIT a few minutes later: I HAVE THE SAME PROBLEM WITH 9.318! Cheers - Bob
Thanks for the instructions Bob. I'll give that a try. That could help me keep my live date with customer. Thanks you very much. I did not see the issue with 9.351-3 (version from yesterday. I'll try rolling one back to that and see what the results are.
Edit 12/16 -
I was able to use a backup config and install 9.351-3. I can confirm that I am not seeing an issue with accessing the flow monitor. It did take about 40 minutes of down time.
With three more to do (at remote locations), it's going to cost my company several hundred dollars of lost time (can't be billed to customer) and the lost productivity due to network down time. So while it isn't the end of the world, it has turned out to be a costly bug for us.
I also noticed I'm still being offered the 9.352-6 update. I would have thought it would be pulled due to issues to save someone who doesn't visit these boards the trouble and cost.