This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM update 9.410-6 released

Up2Date 9.410006 package description:

Remarks:
System will be rebooted
Configuration will be upgraded
Connected REDs will perform firmware upgrade
Connected Wifi APs will perform firmware upgrade

News:
Maintenance Release

Bugfixes:
Fix [NUTM-534]: [AWS] Template update notification
Fix [NUTM-6178]: [AWS] pg_xlog directory filling up on AWS deployments
Fix [NUTM-6186]: [AWS] Make all UTM logs available in AWS CloudWatch
Fix [NUTM-6224]: [AWS] awslogs daemon init script: restart broken
Fix [NUTM-6296]: [AWS] REST API doesn't work in cluster mode
Fix [NUTM-6402]: [AWS] [RESTD] Session is not closed after token is deleted
Fix [NUTM-5846]: [Access & Identity] IPsec Remote Access use the IP address instead of the username in the log
Fix [NUTM-6174]: [Access & Identity] [RED] mobile_network config part not pushed to prov
Fix [NUTM-6218]: [Access & Identity] HTML5 VPN: Comma not working on Portuguese (Brazil) keyboard
Fix [NUTM-6374]: [Access & Identity] REDs with static WAN config are offline after update to v9.409
Fix [NUTM-6375]: [Access & Identity] Cisco VPN with iOS doesn't work after update to 9.409
Fix [NUTM-3152]: [Basesystem] libxml2 security update (CVE-2013-2877)
Fix [NUTM-5158]: [Basesystem] glibc security update
Fix [NUTM-5726]: [Basesystem] Follow up NUTM-5403 - Sometimes slave stuck in syncing indefinitely after failover
Fix [NUTM-5800]: [Basesystem] curl security update
Fix [NUTM-6127]: [Confd] Expired license loaded after reboot even if the valid license was imported already
Fix [NUTM-6396]: [Confd] Character ">" or "<" for password will change to "<"
Fix [NUTM-5447]: [Documentation] Japanese description has the wrong vocabulary of black list at "Sender Blacklist" in user portal
Fix [NUTM-3515]: [Email] [SPX] Using 'ß' and ',' as windows-1252 in form breaks utf-8 conversion
Fix [NUTM-4932]: [Email] Password protected file passes SMTP proxy
Fix [NUTM-6196]: [Email] E-Mail with Sandstorm supported and unsupported files will be moved into quarantine
Fix [NUTM-6256]: [Email] SPX inserts Backslashes into nicename of receipient address
Fix [NUTM-5656]: [Endpoint, Web] Sandstorm feature does not work if SEC managed endpoints with Full Web Control are used
Fix [NUTM-5756]: [Network] Remove empty log lines coming from the firewall subsystem
Fix [NUTM-6202]: [SUM] After update to v9.358 the "guid" was recreated
Fix [NUTM-5717]: [Sandboxd] Respect "file OK" error responses from get/score for SB Proxy API 1.2
Fix [NUTM-6165]: [WAF] Additional cookie from WAF is added without HttpOnly detail
Fix [NUTM-6356]: [WebAdmin] AD User Test fails after first creation of an authentication server
Fix [NUTM-4118]: [Web] Still coredumps from httpproxy since installation of rpms from NUTM-3119
Fix [NUTM-5399]: [Web] httpproxy[xxxx]: segfault at 4 ip 00000000080c2113 sp 00000000ea8aee90 error 6 in httpproxy
Fix [NUTM-5561]: [Web] URL category name "Potiental Unwanted Programs" spelling mistake
Fix [NUTM-5663]: [Web] HTTP proxy restarted with core dumps in 9.407
Fix [NUTM-5834]: [Web] 'Force caching for Sophos Endpoint updates' doesn't seem to force caching
Fix [NUTM-5956]: [Web] UTM breaks auto-update on SAV for Mac
Fix [NUTM-6310]: [Web] Corrected ownership and permission of sandboxd db files
Fix [NUTM-5366]: [WiFi] Wireless Protection Manager doesn't have sufficient rights to edit time definitions
Fix [NUTM-5567]: [WiFi] APs remain inactive after being accepted on UTM
Fix [NUTM-6125]: [WiFi] Customized login page displays invalid characters

RPM packages contained:
glibc-2.11.3-17.102.1.1569.g1acae51.rb6.i686.rpm
glibc-locale-2.11.3-17.102.1.1569.g1acae51.rb6.i686.rpm
libcurl4-7.19.7-1.64.1.1569.g5d136b5.rb10.i686.rpm
libsaviglue-9.40-6.g75ae555.rb5.i686.rpm
libsensors4-3.3.0-2.7.13.1879.g9bdb96e.rb2.i686.rpm
libxml2-2.7.6-0.50.1.1568.g1acae51.rb9.i686.rpm
cm-nextgen-agent-9.40-13.g5e13e9f.rb4.i686.rpm
curl-7.19.7-1.64.1.1569.g5d136b5.rb10.i686.rpm
firmwares-bamboo-9400-0.247933954.g233cdf1.rb5.i586.rpm
freerdp-1.0.2-6.g0ecd430.rb6.i686.rpm
modcookie-9.40-95.g8f24856.rb6.i686.rpm
navl-tools-4.3.0.35-0.247268873.ga345596.rb5.i686.rpm
perf-tools-3.12.58-0.247785862.g17c1041.rb7.i686.rpm
red-firmware2-5038-0.248960247.ge6f33ce.rb1.noarch.rpm
red15-firmware-5038-0.248960497.g001f267.rb5.noarch.rpm
ruby-2.2.6-0.247137817.g1cc0d1c.rb4.i686.rpm
ruby-common-2.0-3.1.1.1614.gc24aad5.rb4.noarch.rpm
ruby-devel-2.2.6-0.247137817.g1cc0d1c.rb4.i686.rpm
rubygem-addressable-2.5.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-aws-sdk-1.66.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-aws-sdk-v1-1.66.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-bundler-1.13.6-0.250018781.g4af754f.rb2.i686.rpm
rubygem-celluloid-0.17.3-0.250018781.g4af754f.rb2.i686.rpm
rubygem-celluloid-essentials-0.20.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-celluloid-extras-0.20.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-celluloid-fsm-0.20.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-celluloid-pool-0.20.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-celluloid-supervision-0.20.6-0.250018781.g4af754f.rb2.i686.rpm
rubygem-crack-0.4.3-0.250018781.g4af754f.rb2.i686.rpm
rubygem-diff-lcs-1.2.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-docile-1.1.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-gem2rpm-0.11.3-0.250018781.g4af754f.rb2.i686.rpm
rubygem-hashdiff-0.3.2-0.250018781.g4af754f.rb2.i686.rpm
rubygem-hitimes-1.2.4-0.250018781.g4af754f.rb2.i686.rpm
rubygem-json-1.8.3-0.250018781.g4af754f.rb2.i686.rpm
rubygem-little-plugger-1.1.4-0.250018781.g4af754f.rb2.i686.rpm
rubygem-logging-2.1.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-mini_portile2-2.0.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-multi_json-1.12.1-0.250018781.g4af754f.rb2.i686.rpm
rubygem-nokogiri-1.6.7.2-0.250018781.g4af754f.rb2.i686.rpm
rubygem-pg-0.19.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-pidfile-0.3.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-public_suffix-2.0.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-retries-0.0.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-rspec-3.5.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-rspec-core-3.5.4-0.250018781.g4af754f.rb2.i686.rpm
rubygem-rspec-expectations-3.5.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-rspec-mocks-3.5.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-rspec-support-3.5.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-safe_yaml-1.0.4-0.250018781.g4af754f.rb2.i686.rpm
rubygem-sequel-4.42.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-simplecov-0.12.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-simplecov-html-0.10.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-sophos-iaas-1.0.0-0.250769404.g60829c0.i686.rpm
rubygem-thor-0.19.4-0.250018781.g4af754f.rb2.i686.rpm
rubygem-timers-4.1.2-0.250018781.g4af754f.rb2.i686.rpm
rubygem-webmock-2.3.2-0.250018781.g4af754f.rb2.i686.rpm
rubygem-yard-0.9.5-0.250018781.g4af754f.rb2.i686.rpm
sensors-3.3.0-2.7.13.1879.g9bdb96e.rb2.i686.rpm
ep-reporting-9.40-34.gca719d9.rb5.i686.rpm
ep-reporting-resources-9.40-34.gca719d9.rb5.i686.rpm
ep-branding-ASG-afg-9.40-50.g1bcd426.noarch.rpm
ep-branding-ASG-ang-9.40-50.g1bcd426.noarch.rpm
ep-branding-ASG-asg-9.40-50.g1bcd426.noarch.rpm
ep-branding-ASG-atg-9.40-50.g1bcd426.noarch.rpm
ep-branding-ASG-aug-9.40-50.g1bcd426.noarch.rpm
ep-confd-9.40-930.g4eb9865.i686.rpm
ep-confd-tools-9.40-887.g340860a.rb11.i686.rpm
ep-cssd-9.40-27.gf72484e.rb3.i686.rpm
ep-ha-aws-9.40-375.g60829c0.noarch.rpm
ep-hardware-9.40-7.gaae91c6.rb4.i686.rpm
ep-hotspot-web-9.40-3.g05973ee.rb5.i686.rpm
ep-init-9.40-15.g16e98cd.rb4.noarch.rpm
ep-localization-afg-9.40-32.g5661e6c.rb5.i686.rpm
ep-localization-ang-9.40-32.g5661e6c.rb5.i686.rpm
ep-localization-asg-9.40-32.g5661e6c.rb5.i686.rpm
ep-localization-atg-9.40-32.g5661e6c.rb5.i686.rpm
ep-localization-aug-9.40-32.g5661e6c.rb5.i686.rpm
ep-mdw-9.40-530.g96292a8.rb10.i686.rpm
ep-repctl-0.1-0.247179648.g78524e5.rb6.i686.rpm
ep-restd-9.40-0.250015768.ge75b9db.rb2.i686.rpm
ep-sandboxd-9.40-0.249594584.gee03869.rb2.i686.rpm
ep-webadmin-9.40-794.g24b46b1.rb16.i686.rpm
ep-cloud-ec2-9.40-46.g5495907.rb3.i686.rpm
ep-chroot-smtp-9.40-121.g780e765.rb4.i686.rpm
chroot-ipsec-9.40-14.g5e2e541.rb3.i686.rpm
ep-httpproxy-9.40-392.gc2d236b.rb5.i686.rpm
kernel-smp-3.12.58-0.247785862.g17c1041.rb7.i686.rpm
kernel-smp64-3.12.58-0.247785862.g17c1041.rb7.x86_64.rpm
ep-release-9.410-6.noarch.rpm

This thread was automatically locked due to age.

Parents

sachingurung over 7 years ago

Hi All,

Use Avira as AV Scanner. If Dual Scan is used, then switch off Dual scan and activate single scan with Avira. This is the workaround for this issue as of now. We are working on the fix.

Thanks for the patience.

Sachin Gurung
Team Lead | Sophos Technical Support
Knowledge Base | @SophosSupport | Video tutorials
Remember to like a post. If a post (on a question thread) solves your question use the 'This helped me' link.
Cancel
Vote Up 0 Vote Down

Cancel
logan517 over 7 years ago in reply to sachingurung

sachingurung said:
[...]We are working on the fix.[...]

Do you have a release Data? - We got the same Problem -.-
Cancel
Vote Up 0 Vote Down

Cancel
talex over 7 years ago in reply to logan517

Hi,

no there is no release date yet as we do not have a fix. The team is working with highest priority on understanding the issue and preparing a fix. Once that's done we will look for a release date.

Additionally for each bug, there will be a root cause analysis, to see why this issue happened and slipped through automated and manual testing.

/talex

- 21 is only half of the truth
Cancel
Vote Up 0 Vote Down

Cancel
logan517 over 7 years ago in reply to talex

We have another Problem.

In the filesystem the partition / and /tmp running full and the interface etc. stop working - the whole cluster, not one node!

eg:
df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda6 5.2G 5.2G 0G 100% /
udev 24G 76K 24G 1% /dev
tmpfs 24G 0 24G 0% /dev/shm
/dev/sda1 331M 16M 295M 5% /boot
/dev/sda5 172G 8.9G 154G 6% /var/storage
/dev/sda7 225G 12G 202G 6% /var/log
/dev/sda8 9.0G 9.0G 0G 100% /tmp

There are a lot of files like:

-rw------- 1 root root 233M Feb 1 09:50 AV-malware-names-1094-VLagrl
-rw------- 1 root root 233M Feb 1 09:51 AV-malware-names-1788-fzDYVK
-rw------- 1 root root 233M Feb 1 09:52 AV-malware-names-2366-d4l4yC
-rw------- 1 root root 233M Feb 1 09:48 AV-malware-names-37493-0P6vCD
-rw------- 1 root root 233M Feb 1 09:50 AV-malware-names-378-2iZHcO
-rw------- 1 root root 233M Feb 1 09:48 AV-malware-names-39966-GzykEb
-rw------- 1 root root 233M Feb 1 09:49 AV-malware-names-40819-orvGsl
-rw------- 1 root root 233M Feb 1 09:52 AV-malware-names-4382-UzSqnv
-rw------- 1 root root 233M Feb 1 09:53 AV-malware-names-5222-EKtCOO
-rw------- 1 root root 233M Feb 1 09:54 AV-malware-names-6236-KfUFp6
-rw------- 1 root root 233M Feb 1 09:55 AV-malware-names-6745-Iw3p7y
-rw-r--r-- 1 root root 497M Feb 1 11:07 cssd.2266
-rw-r--r-- 1 root root 672M Feb 1 11:02 cssd.34726
-rw-r--r-- 1 root root 685M Feb 1 11:04 cssd.36323
-rw-r--r-- 1 root root 673M Feb 1 11:04 cssd.37969
-rw-r--r-- 1 root root 663M Feb 1 11:05 cssd.804

We have to login via console and delete these file.

Has someone such a problem?

I've already set the workaround
Cancel
Vote Up 0 Vote Down

Cancel
Billybob over 7 years ago in reply to logan517

See this thread https://community.sophos.com/products/unified-threat-management/f/general-discussion/86580/after-update-to-9-410-6-i-get-core-dumps-of-cssd/320556 .
Cancel
Vote Up 0 Vote Down

Cancel

Reply

Billybob over 7 years ago in reply to logan517

See this thread https://community.sophos.com/products/unified-threat-management/f/general-discussion/86580/after-update-to-9-410-6-i-get-core-dumps-of-cssd/320556 .
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data