UTM 9.404 Soft-Release

Hi all,

UTM 9.404 has been Soft-Released today and can be found on the FTP server as usual (ftp://ftp.astaro.de/UTM/v9/up2date/u2d-sys-9.403004-404005.tgz.gpg).

Here is the changelog:

News

• Maintenance Release

Remarks

• System will be rebooted

• Configuration will be upgraded

• Connected REDs will perform firmware upgrade

• Connected Wifi APs will perform firmware upgrade

Bugfixes

• NUTM-1775 [Access & Identity] 35668: DHCP Broadcast over all RED LAN ports causing wrong IP address assignment
• NUTM-1784 [Access & Identity] implement "TLS 1.2 only" switch for RED to UTM communication
• NUTM-2404 [Access & Identity] 36172: RED15 has loaded fallback network config
• NUTM-2841 [Access & Identity] 36224: WARNING: CPU: 1 PID: 0 at net/netfilter/nf_conntrack_expect.c:51 nf_ct_unlink_expect_report+0x5e/0xd1 [nf_conntrack]()
• NUTM-3415 [Access & Identity] PPTP VPN with an IP Pool 172.16.0.0/20 doesn't work correctly
• NUTM-3439 [Access & Identity] After upgrade to 9.4 and using SSL VPN the IPv4 traffic is not going over the full tunnel
• NUTM-3536 [Access & Identity] RED15 traffic not possible, red_server reports "Unable to get proc entry"
• NUTM-3719 [Access & Identity] mdw errors when configuring a RED device
• NUTM-3735 [Access & Identity] SSL VPN IP pool should not be usable without IPv4
• NUTM-3757 [Access & Identity] SSL VPN: don't push IPv6 interface address if no IPv6 route is pushed
• NUTM-3763 [Access & Identity] SSL VPN client cannot be downloaded from userportal with IE
• NUTM-3843 [Access & Identity] SSL VPN route injection into OSPF not working properly after update to 9.4
• NUTM-3867 [Access & Identity] SMC: WEP passwords are not pushed correctly
• NUTM-3924 [Access & Identity] PPTP and iOS with config from userportal doesn't work properly
• NUTM-3934 [Access & Identity] RED: CON_CLOSE provide information to UTM if peer is not stable enough
• NUTM-3962 [Access & Identity] IPsec doesn't work with SHA2
• NUTM-4173 [Access & Identity] Since Update to 9.4 IPsec site-to-site connections won't work after pppoe reconnect
• NUTM-3982 [Basesystem] Errors in Notifications Database
• NUTM-2677 [HA/Cluster] 36293: The Slave node in HA doesn't show any resource usage
• NUTM-2235 [Network] 35662: Additional adresses of a PPPoE interface are not reachable after takeover
• NUTM-3684 [Network] APN can't be changed if LTE is selected as network
• NUTM-3061 [Reporting] Remote Access filtering is not working correctly if the username contains a "\" sign
• NUTM-3662 [Reporting] wrong descriptions for CRIT-065 and INFO-007 in MIB file
• NUTM-3753 [Reporting] Remote Access Accounting not recording L2TP sessions
• NUTM-4306 [Reporting] postgres[xxxxx]: [x-x] STATEMENT: select src_ip, virt_ip, virt_ip6, logintime, service from vpn where status = 0 and logintime = logouttime LIMIT 1000
• NUTM-3689 [SUM] device agent claims SUM objects
• NUTM-3028 [Virtualization] HyperV interface handling (9.4)
• NUTM-3482 [WAF] form template unchanged with update from 9.355 to 9.4
• NUTM-3694 [WAF] Customized mod_security rule didn't work correctly
• NUTM-3748 [WAF] Content length and content get lost when using form-harding
• NUTM-4119 [WAF] SSL is not used to transfer sticky session cookies
• NUTM-3172 [WebAdmin] Support tools - PPPoE shows itfhw instead of vlantag
• NUTM-3113 [Web] Proxy freeze after Savi update
• NUTM-3118 [Web] "Remove embedded objects" / "Disable JavaScript" shows script code
• NUTM-3367 [Web] "Unblock URL" button is displayed even when "Users/Groups Allowed to Bypass Blocking" is empty
• NUTM-3485 [Web] HTTP Proxy profile matching doesn't work for DNS groups which contain IPv6 addresses
• NUTM-3550 [Web] frox segfaults/core dumps while uploading files
• NUTM-3554 [Web] Error returned from samba command on AD sync
• NUTM-3617 [Web] Sandstorm Database Error
• NUTM-3710 [Web] New exception regex for Chrome Update
• NUTM-3844 [Web] If using a ' character in file name, postgres is not able to insert this to the TransactionLog (Sandbox)
• NUTM-3920 [Web] Sandbox: cleaning up old data in TransactionLog on slave nodes raises postgres errors
• NUTM-4055 [Web] HTTP Proxy causing weird log entries in uma.log
• NUTM-3039 [WiFi] RADIUS authentication failover via Availability Group not working correctly
• NUTM-3072 [WiFi] Hotspot: race condition if multiple logins per MAC
• NUTM-3472 [WiFi] wireless.log - download_ca: CA fingerprint overwritten by TA / No trusted fingerprint found in certificate chain HUB.
• NUTM-3760 [WiFi] WIFI profile pushed to SMC using same name
• NUTM-4117 [WiFi] Mesh AP's all go down and do not come back up
• NUTM-4151 [WiFi] AP30 (possibly other models) not becoming active anymore after update to >= 9.400
• NUTM-4126 [[Backend/Devel] Confd] Clean up of duplicate Domain-Regex
• NUTM-4142 [[Backend/Devel] Confd] Remote Access Manager can't deactivate a VPN profile with groups
• NUTM-4158 [[Backend/Devel] Confd] confd[xxx]: parse_formats: unrecognized tag format: FUNC__XXX
• NUTM-4160 [[Backend/Devel] Confd] Accessing WebAdmin as non-superuser repeatedly raises "NODE_READ_DENIED" error on confd node "migration->tab_visibility"

Regards,

Benjamin