Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM 9.408-4 released


Up2Date 9.408004 package description:

Remarks:
System will be rebooted
Configuration will be upgraded
Connected REDs will perform firmware upgrade

News:
Maintenance Release

Bugfixes:
Fix [NUTM-5349]: [AWS] Restore fails if UTM is created with backup file in user data
Fix [NUTM-5466]: [AWS] ssh disabled - No connection to stack instances
Fix [NUTM-5546]: [AWS] UTM Cloud Update does not work in GovCloud
Fix [NUTM-5654]: [AWS] Conversion should not be visible for HA and AS
Fix [NUTM-3203]: [Access & Identity] [RED] If creation of RED device fails, certificates are not deleted
Fix [NUTM-4948]: [Access & Identity] [RED] Enabling wireless on RED15w causes 'link down'
Fix [NUTM-5068]: [Access & Identity] [RED] TCP Vulnerability (CVE-2016-5696)
Fix [NUTM-5173]: [Basesystem] Memory (swap) leak in RAID monitor
Fix [NUTM-5407]: [Basesystem] OpenSSL security update (1.0.1u)
Fix [NUTM-5461]: [Basesystem] BIND Security update (CVE-2016-2776)
Fix [NUTM-5714]: [Basesystem] CVE-2016-5195 - Linux Kernel - Dirty Cow
Fix [NUTM-3042]: [Configuration Management] Advanced Threat Protection page error when login as Network Protection Auditor
Fix [NUTM-4215]: [Documentation, Email] POP3 Proxy reporting source IP of 0.0.0.0
Fix [NUTM-4840]: [Email] Email is automatically released after timeout from Sandstorm
Fix [NUTM-5285]: [Email] SMTP file extension filter is case sensitive
Fix [NUTM-5599]: [Email] Mails with the same recipient set twice lead to corrupt mail queue
Fix [NUTM-4938]: [Endpoint] Customers who expand their EP license do not get EP Protection enabled
Fix [NUTM-5049]: [Endpoint] Liveconnect Connectivity Issue
Fix [NUTM-4400]: [HA/Cluster] pg_ctl: PID file "/var/storage/pgsql92/data/postmaster.pid" does not exist
Fix [NUTM-3158]: [Kernel] Kernel freeze when running Web Proxy in full transparent mode
Fix [NUTM-3490]: [Network] Ethernet Bridge with dynamic IP looses connectivity after IP renewal
Fix [NUTM-4592]: [Network] OSPF: SSL VPN route injection still not working in 9.404
Fix [NUTM-5147]: [Network] Kernel panic on several SG135 - Kernel Fixes
Fix [NUTM-5542]: [SUM] Availability Group is unresolved after it was re-deployed without a real change
Fix [NUTM-5207]: [Sandboxd] Sandbox error when downloading a file with an umlaut in file name
Fix [NUTM-5209]: [Sandboxd] sandboxd is unable to open database file due to wrong ownership
Fix [NUTM-4816]: [Up2Date] Up2Date downloader logs errors in uplink balancing setups
Fix [NUTM-488]: [Virtualization] Fix unstable NIC ordering on VMWare
Fix [NUTM-5334]: [WebAdmin] Authenticated users might gain access to stored passwords (CVE-2016-7397, CVE-2016-7442)
Fix [NUTM-4167]: [Web] Web Protection Reporting filtered by departments doesn't provide all data
Fix [NUTM-4806]: [Web] sandboxd is unable to insert into TransactionLog on HA setup
Fix [NUTM-4876]: [Web] URL request to parent proxy seems to be send as http request instead of https
Fix [NUTM-5136]: [Web] Web proxy in transparent mode removes authentication header
Fix [NUTM-5082]: [WiFi] IPSec traffic is not routed properly if the client is connected over Hotspot
Fix [NUTM-5303]: [WiFi] Characters in Hotspot terms of use not encoded correctly

RPM packages contained:
libopenssl1_0_0-1.0.1k-377.g141d7d0.rb6.i686.rpm
libopenssl1_0_0_httpproxy-1.0.1k-377.g141d7d0.rb6.i686.rpm
libudev0-147-0.84.1.1627.ge0459ac.rb3.i686.rpm
awslogs-agent-1.3-0.239376395.g5d4adea.rb3.noarch.rpm
cm-nextgen-agent-9.40-12.gb09699e.rb2.i686.rpm
openssl-1.0.1k-377.g141d7d0.rb6.i686.rpm
perf-tools-3.12.58-0.242991202.g6d80412.i686.rpm
red-firmware2-5035-0.239114881.gbf961ff.rb1.noarch.rpm
red15-firmware-5035-0.242907480.g0c31ce4.noarch.rpm
udev-147-0.84.1.1627.ge0459ac.rb3.i686.rpm
vmware-tools-10.0.5.3227872-4.ga4d6c51.rb4.i686.rpm
ep-aua-9.40-37.g1ed9537.rb4.i686.rpm
ep-branding-ASG-afg-9.40-48.g7e7ac40.rb4.noarch.rpm
ep-branding-ASG-ang-9.40-48.g7e7ac40.rb4.noarch.rpm
ep-branding-ASG-asg-9.40-48.g7e7ac40.rb4.noarch.rpm
ep-branding-ASG-atg-9.40-48.g7e7ac40.rb4.noarch.rpm
ep-branding-ASG-aug-9.40-48.g7e7ac40.rb4.noarch.rpm
ep-confd-9.40-813.g1f7ad66.rb1.i686.rpm
ep-confd-tools-9.40-759.g324aec8.rb10.i686.rpm
ep-ha-aws-9.40-217.g381995a.rb2.noarch.rpm
ep-logging-9.40-3.gc1acc31.rb2.i686.rpm
ep-mdw-9.40-504.g56eb6d4.i686.rpm
ep-raidtools-9.40-1.gc070d91.rb3.i686.rpm
ep-repctl-0.1-0.239828293.gcd71515.rb3.i686.rpm
ep-restd-9.40-0.243093672.gaf004a9.rb1.i686.rpm
ep-sandboxd-9.40-0.239754530.g04924b1.rb2.i686.rpm
ep-up2date-9.40-15.gacd1c39.rb5.i686.rpm
ep-up2date-downloader-9.40-15.gacd1c39.rb5.i686.rpm
ep-up2date-pattern-install-9.40-15.gacd1c39.rb5.i686.rpm
ep-up2date-system-install-9.40-15.gacd1c39.rb5.i686.rpm
ep-webadmin-9.40-674.gc39ecfa.rb6.i686.rpm
ep-cloud-ec2-9.40-35.ga95c9eb.rb2.i686.rpm
ep-chroot-httpd-9.40-20.g92cce9f.rb4.noarch.rpm
ep-chroot-smtp-9.40-116.g9971304.rb2.i686.rpm
chroot-bind-9.10.4_P3-0.240528799.g5a47ed3.rb5.i686.rpm
chroot-httpd-2.4.18-1.g2b998a8.rb6.i686.rpm
chroot-openvpn-9.40-27.g2d31a41.rb3.i686.rpm
ep-chroot-pop3-9.40-11.g1291cd5.rb2.i686.rpm
ep-httpproxy-9.40-357.g7e74ab8.rb5.i686.rpm
kernel-smp-3.12.58-0.242991202.g6d80412.i686.rpm
kernel-smp64-3.12.58-0.242991202.g6d80412.x86_64.rpm
ep-release-9.408-4.noarch.rpm



This thread was automatically locked due to age.
Parents Reply
  • think you need to fix it with ssh as described.. no gui option do it for you atm...

    greets

    zaphod
    ___________________________________________

    Home: Zotac CI321 (8GB RAM / 120GB SSD)  with latest Sophos UTM
    Work: 2 SG430 Cluster / many other models like SG105/SG115/SG135/SG135w/...

Children
No Data