This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM Version 9.352-6 and 9.318-5 released (Do not install!!)

DO NOT INSTALL - THE UPDATES ARE FAULTY (Read this thread through!)

News

· Security Update
Remarks

· System will be rebooted
Bugfixes

36115 WebAdmin reflective XSS Vulnerability
36126 OpenSSL security update 1.0.1q



This thread was automatically locked due to age.
Parents
  • Hi all:

    First of all, many thanks for pointing our attention to this issue.

    We had been able to reproduce and identify the source of the issue in the so-called Flow Monitor and will provide a fix in a future version.

    Cheers,
    Sascha Rudolph
    Senior Software Engineer

    Cheers,

    Sascha Rudolph
    Senior Software Engineer, NSG

  • eremit said:
    We had been able to reproduce and identify the source of the issue in the so-called Flow Monitor

    So called Flow Monitor??? This is the product you are selling... and it is called flow monitor... What do you mean so called flow monitor. All you guys did was apply an SSL patch and fixed a vulnerability that specifically affected webadmin. All you had to do was QA the daemons that are affected by SSL connections and webadmin itself. Anyone using the UTM can tell you what to test without even knowing all the other dependencies.  

    1. Test webadmin.

    2. Test WAF.

    3. Test SMTP.

    4. Any other dependencies.

    You guys didn't even test webadmin??? Is anybody doing QA or someone downloaded the binary and changed it to an rpm and hoped it will work. Two separate trees same problem??? Now a casual contact your reseller/ don't know when it will be fixed??? Really strange what is going on at sophos [:^)]

Reply
  • eremit said:
    We had been able to reproduce and identify the source of the issue in the so-called Flow Monitor

    So called Flow Monitor??? This is the product you are selling... and it is called flow monitor... What do you mean so called flow monitor. All you guys did was apply an SSL patch and fixed a vulnerability that specifically affected webadmin. All you had to do was QA the daemons that are affected by SSL connections and webadmin itself. Anyone using the UTM can tell you what to test without even knowing all the other dependencies.  

    1. Test webadmin.

    2. Test WAF.

    3. Test SMTP.

    4. Any other dependencies.

    You guys didn't even test webadmin??? Is anybody doing QA or someone downloaded the binary and changed it to an rpm and hoped it will work. Two separate trees same problem??? Now a casual contact your reseller/ don't know when it will be fixed??? Really strange what is going on at sophos [:^)]

Children
  • "You guys didn't even test webadmin???"... My thoughts exactly Billybob.

    Sascha indicates he saw no problems with FRESH install. And this helps probably 99% of us how?

    I'm gonna go ahead and throw this out there, maybe QA an UPDATE install too. Ya think?

     “Stay paranoid, my friends.”

  • Hi GetParanoid,

    with fresh installations i get the same issues for the actual firmware....

    Cheers Andreas

     

    UTM SCE/SCA | Endpoint SCE

  • By so-called Flow Monitor I mean the live view of your network flow which can be accessed by the Dashboard.

    We tested WebAdmin of course, but obviously this feature slipped our attention.

    Just to make that clear - the issue that got reported regarding the Executive Report has nothing to do with this update and is still under investigation. I could reproduce the same behavior with the prior update, but in a non-deterministic way.

    Cheers,

    Sascha Rudolph
    Senior Software Engineer, NSG

  • issue with execute report must have something to do with the update. i have a standalone machine with 9.351-3 which runs fine and generate execute reports with the graphs in it.. my updated cluster (on 9.351-3 before) which updatet to 9.352-6 has the problems after the update.

    dont search excuses.. do your job support your customers which pay much money for your licenses!!!

    greets

    zaphod
    ___________________________________________

    Home: Zotac CI321 (8GB RAM / 120GB SSD)  with latest Sophos UTM
    Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...

  • I have to disagree on this. I ran multiple tests yesterday and after performing the up2date I had installations with and without the images. Thus for the moment, I don't think that this is really related to the update itself. Unfortunately I haven't an explanation either at the moment.

    Cheers,

    Sascha Rudolph
    Senior Software Engineer, NSG