This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Up2Date 9.405005 available

Got an Up2Date Msg on our SG 230 just an hour ago:

Remarks:
System will be rebooted
Configuration will be upgraded
Connected REDs will perform firmware upgrade
Connected Wifi APs will perform firmware upgrade

News:
Maintenance Release

Bugfixes:
Fix [NUTM-2840]: [AWS] UTM ignores MTU sent by DHCP server
Fix [NUTM-3064]: [AWS] Confd info shows wrong instance_role for ha warm&as
Fix [NUTM-4426]: [AWS] Allow root login with SSH per default on AWS
Fix [NUTM-4516]: [AWS] factory reset doesn't clean up completly on AWS
Fix [NUTM-1775]: [Access & Identity] 35668: DHCP Broadcast over all RED LAN ports causing wrong IP address assignment
Fix [NUTM-4129]: [Access & Identity] Update OpenSSL in SSLVPN client
Fix [NUTM-4216]: [Access & Identity] STAS related argos coredumps in v9.403
Fix [NUTM-4258]: [Access & Identity] RED15/RED50 standard / split doesn't work if the RED initiates the connection over 3G
Fix [NUTM-4263]: [Access & Identity] [RED] DNS resolution stopped working for RED15 in transparent / split mode after updated to v9.4
Fix [NUTM-4332]: [Access & Identity] Vulnerabilities after deploying RED
Fix [NUTM-4336]: [Access & Identity] RED50 split DNS does not work properly in transparent split mode and static uplink
Fix [NUTM-4342]: [Access & Identity] Since update to 9.4 SSL VPN remote access not working with client with more than one TAP adapter
Fix [NUTM-4387]: [Access & Identity] WARN-070 notfication won't be send if "Drop packets from blocked hosts" is not used
Fix [NUTM-4390]: [Access & Identity] STAS: User network objects are not working as expected in several conditions due to AUA cache bug
Fix [NUTM-4424]: [Access & Identity] red_client fails to reconnect after HA takeover on server UTM
Fix [NUTM-4494]: [Access & Identity] red15: logread debug output on usb stick is circular
Fix [NUTM-4499]: [Access & Identity] [RED Provisioning] Disable RED if its not bound to UTM anymore to avoid push_config
Fix [NUTM-4527]: [Access & Identity] Disable TLS compression in IO::Socket::SSL
Fix [NUTM-4612]: [Access & Identity] Failover back from 3g fallback to WAN is not working
Fix [NUTM-4668]: [Access & Identity] IPv6 AUTO_INPUT table empty after update to 9.404
Fix [NUTM-3174]: [Basesystem, Network] It is not possible to start the webadmin GUI anymore
Fix [NUTM-1746]: [Basesystem] "Allowed networks for SNMP queries are missing" pop up after first time enabling SNMP
Fix [NUTM-3580]: [Basesystem] SNMPv2c traps contain wrong snmpTrapOID.0
Fix [NUTM-4576]: [Basesystem] SNMP MIB: change descriptors to be standard conformant, add NOTIFICATION-GROUPs
Fix [NUTM-4645]: [Confd, Email] character ">" or "<" for smarthost password will change to "&lt;"
Fix [NUTM-4159]: [Confd] name="FUNCTION_DENY (Zugriff verweigert beim Aufruf der Confd-Funktion 'trigger'.)
Fix [NUTM-3519]: [Email] S/MIME AES256 encrypted mails cannot be decrypted
Fix [NUTM-3856]: [Email] Update Sophos Outlook Add-in to 1.3.1
Fix [NUTM-3132]: [HA/Cluster] Additional address - Assigned to Node feature not working like expected
Fix [NUTM-4661]: [HA/Cluster] postgres database rebuild needs to trigger mdw and repctl
Fix [NUTM-1957]: [Network] 28457: Name resolution not working on HA Slave if BGP is configured
Fix [NUTM-1959]: [Network] 35541: IPFIX not working with SolarWinds
Fix [NUTM-3168]: [Network] IRQd not running - restarted (Value too large for defined data type)
Fix [NUTM-3169]: [Network] changing a bridge with enabled VLAN interface causes bridge to become disabled indefinitely
Fix [NUTM-3761]: [Network] Software UTM fails to complete booting process after updating to version 9.4
Fix [NUTM-4026]: [Network] MTU change on a VLAN interface leads to MTU change of the real interface
Fix [NUTM-3304]: [Release Management] nic-naming: Provide a fix for delayed 210r2 software support
Fix [NUTM-4660]: [Release Management] HyperV u2d hook for NUTM-3028 was not included in 9.404
Fix [NUTM-2059]: [WAF] Multi-threading race condition causes "AH01842: decrypt session failed, wrong passphrase?" errors
Fix [NUTM-4122]: [WAF] Issue with URL hardening
Fix [NUTM-4362]: [WAF] Creating AUTO_OUTPUT rules for all real webserver IPs in autoscaling group fails
Fix [NUTM-4385]: [WAF] Webserver Protection reporting doesn't work / no entries for WAF in reporting database
Fix [NUTM-4582]: [WebAdmin] Unable to select the WAN interface with the initial setup wizard of v9.4xx
Fix [NUTM-2418]: [Web] HTTP proxy core dump on confd
Fix [NUTM-3110]: [Web] Proceed button not working when authentication is set to browser for warn pages
Fix [NUTM-3404]: [Web] Unable to load YouTube when YouTube for schools is enabled
Fix [NUTM-3485]: [Web] HTTP Proxy profile matching doesn't work for DNS groups which contain IPv6 addresses
Fix [NUTM-3920]: [Web] Sandbox: cleaning up old data in TransactionLog on slave nodes raises postgres errors
Fix [NUTM-4053]: [Web] Unknown repeatingly log line: 2016:05:09-08:46:47 utm-1 [user:notice] "
Fix [NUTM-4141]: [Web] sandboxd should use upstream proxy
Fix [NUTM-4163]: [Web] Httpproxy EpollWorker segfault in strncmp () from /lib/libc.so.6
Fix [NUTM-4295]: [Web] STAS is not working as expected together with httproxy
Fix [NUTM-4381]: [Web] Malicious file with patience page does not give -3 message in http.log
Fix [NUTM-4412]: [Web] Policies tab under Web Procetion -> Web Filtering won't be displayed correctly
Fix [NUTM-4152]: [WiFi] RED15w not broadcasting TKIP networks
Fix [NUTM-4190]: [WiFi] SMC MAC filters aren't applied by local wifi
Fix [NUTM-4425]: [WiFi] awed unable to process connections timely
Fix [NUTM-4596]: [WiFi] Awed leak sockets leads to no more AP's are accepted

RPM packages contained:
client-openvpn-9.40-14.gada5e18.rb2.noarch.rpm
firmware-wifi-9400-0.230200226.g80f1105.rb8.i586.rpm
firmware-wifi-stable-9400-0.234966053.ge8e6d3b.rb4.i586.rpm
irqd-0.7.0-1.0.228416290.g7ef8e7e.rb4.i686.rpm
modauthnzaua-9.40-79.ge1b2593.rb2.i686.rpm
modsecurity2-2.7.4-277.gb6f5bdf.rb5.i686.rpm
perf-tools-3.12.48-0.233766410.gba768e5.rb4.i686.rpm
perl-IO-Socket-SSL-1.953-1.659.g2559319.rb8.noarch.rpm
red-firmware2-5031-0.235131781.g7987f42.rb1.noarch.rpm
red15-firmware-5031-0.235131857.g877fd69.rb3.noarch.rpm
sophos-wifi-0.1-1.0.230200323.gb9ecf2f.rb1.i686.rpm
ulogd-2.1.0-132.g5c62b7f.rb8.i686.rpm
ep-aua-9.40-28.gbdc3665.rb5.i686.rpm
ep-awed-9.40-51.g7997621.rb2.i686.rpm
ep-branding-ASG-afg-9.40-40.g8d42bae.rb4.noarch.rpm
ep-branding-ASG-ang-9.40-40.g8d42bae.rb4.noarch.rpm
ep-branding-ASG-asg-9.40-40.g8d42bae.rb4.noarch.rpm
ep-branding-ASG-atg-9.40-40.g8d42bae.rb4.noarch.rpm
ep-branding-ASG-aug-9.40-40.g8d42bae.rb4.noarch.rpm
ep-confd-9.40-693.g02eb320.i686.rpm
ep-confd-tools-9.40-651.g9244f52.rb11.i686.rpm
ep-endpoint-0.5-0.231441348.g608e799.rb4.i686.rpm
ep-ha-9.40-11.g2b0cc80.rb4.i686.rpm
ep-mdw-9.40-430.g6c953e6.rb9.i686.rpm
ep-notifier-9.40-11.ga2aa9a0.rb2.i686.rpm
ep-postgresql92-9.40-39.g8fd6d3f.rb2.i686.rpm
ep-red-9.40-14.gcc09a45.rb2.i686.rpm
ep-repctl-0.1-0.234283635.g8de5bc3.rb2.i686.rpm
ep-sandboxd-9.40-0.230949944.g3f3aef2.rb4.i686.rpm
ep-tools-9.40-1.gde2fb4c.rb2.i686.rpm
ep-utm-watchdog-9.40-5.g8e7d9f6.rb1.i686.rpm
ep-webadmin-9.40-632.g5c65d26.rb9.i686.rpm
ep-webadmin-contentmanager-9.40-39.gf509182.rb4.i686.rpm
ep-cloud-ec2-9.40-14.g764066d.rb2.i686.rpm
ep-chroot-dhcpc-9.40-2.gbc69780.rb7.noarch.rpm
ep-chroot-quagga-9.40-0.200137106.g6b2c195.rb9.noarch.rpm
ep-chroot-smtp-9.40-94.gd009606.rb2.i686.rpm
chroot-httpd-2.4.18-0.gaf88f5f.rb6.i686.rpm
chroot-reverseproxy-2.4.10-229.g9a46f65.rb2.i686.rpm
ep-httpproxy-9.40-343.g821fcb5.rb7.i686.rpm
quagga-chroot-0.99.23-336.gaff9cd8.rb9.i686.rpm
kernel-smp-3.12.48-0.233766410.gba768e5.rb6.i686.rpm
kernel-smp64-3.12.48-0.233766410.gba768e5.rb6.x86_64.rpm
ep-release-9.405-5.noarch.rpm



This thread was automatically locked due to age.
Parents Reply Children
  • PaulHolt said:

    Issues with firewall access to HTTP/HTTPS ports, other ports seem to work (Lotus Notes and Sametime at least).  HTTP Proxy access works fine.  Rebooted a couple of times... still no go.

    When you say firewall access, do you mean services traversing ports 80/443, or accessing the firewall, itself, via those ports?

  • Going through ports 80/443... and it seems 993/465 (IMAP/SMTP).  There is some other chatter around the forum that it is related to the AV engine.... which seems to make sense since it is only affecting the web and email ports.  My Lotus Notes and Sametime Client (ports 1352 and 1533) work fine.

  • PaulHolt said:

    Going through ports 80/443... and it seems 993/465 (IMAP/SMTP).  There is some other chatter around the forum that it is related to the AV engine.... which seems to make sense since it is only affecting the web and email ports.  My Lotus Notes and Sametime Client (ports 1352 and 1533) work fine.

    Got it. Thanks for the heads-up. I am now 3 updates out and waiting for a 4th to fix the other 3.