This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM Version 9.352-6 and 9.318-5 released (Do not install!!)

DO NOT INSTALL - THE UPDATES ARE FAULTY (Read this thread through!)

News

· Security Update
Remarks

· System will be rebooted
Bugfixes

36115 WebAdmin reflective XSS Vulnerability
36126 OpenSSL security update 1.0.1q



This thread was automatically locked due to age.
  • Hi all:

    First of all, many thanks for pointing our attention to this issue.

    We had been able to reproduce and identify the source of the issue in the so-called Flow Monitor and will provide a fix in a future version.

    Cheers,
    Sascha Rudolph
    Senior Software Engineer

    Cheers,

    Sascha Rudolph
    Senior Software Engineer, NSG

  • There is also another issue in the Daily Executive Report that gets emailed. All the graphs are just red X's. I just noticed it this morning as it is my first report since upgrading.
  • We have the same issue with Flow Monitor after the Update
  • Hi Guys,

    I'm also having no graphs on the Daily Executive Report since this last update.
  • Another one release to be skipped...:)
  • I'm experiencing the same issue.

    This particular tool is key to me troubleshooting network bandwidth issues. I'm in the process of deploying a set of appliances at 4 locations that are supposed to go live this week. All 4 of the appliances were updated with the new firmware last night.

    Any idea when "future version" might be? Are we talking hours, days, weeks?

    I may need to hold off until this is resolved.

    Thanks

    Edit: Firmware Version 9.352-6

  • Sophos people:

    Even though it might be important to install these updates, I suspect many now won't install them until the bug fixes are available. So please, give us some kind of SWAG ETA for the fixes?

    Still running 9.351.  Waiting until they fix 9.352.

  • Would each of you PLEASE edit your comment and note the version you're using. It's still not clear if this ONLY affects 9.352. TiA!

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Add me to the bug list with 9.352-6 :-(
  • Hi, Rob, and welcome to the UTM Community!

    The configurations should have been backed up before the Up2Dates. It should take about 10 minutes per box to download a config backup corresponding to the version you want to install, put it in the root directory of a USB memory stick, re-image the UTM from ISO and reboot with the USB key in place to restore.

    Unless you have hardware that requires the 9.35x branch, I would go with V9.31. From what I see here, 9.318 does not have this issue. I also don't see the crash on either of the two lab units I've Up2Dated to 9.318.

    EDIT a few minutes later: I HAVE THE SAME PROBLEM WITH 9.318!
     
    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA