Hi XG Community!

We've finished SFOS v16.05.4 MR4. This release is available from within your device for all SFOS v16.05 installations as of now and will increase the group in a few days.

The release is available to all SFOS version via MySophos portal.

Issues Resolved

NC-12352 [Authentication] It should not possible to change the password of backend user
NC-16959 [Authentication] SATC client is not differentiating between users
NC-17300 [Base System, Certificates, License] During the first license sync sometimes the wrong certificate is stored
NC-17701 [Base System, License] License activation screen improvements
NC-14028 [Base System] RED site-to-site tunnel disconnects permanently when quick assist is used
NC-15911 [Base System] XG not listening on port 9922 used for SAA
NC-16164 [Base System] Garner dies due to memory corruption
NC-16742 [Base System] Installation not possible on HP DL380G5 / DL360G5
NC-16743 [Base System] Awarrenhttp, Awarrenmta, Warren services die after upgrade
NC-17035 [Base System] Migration from CR 10.06.4020 to SF 16.05 MR1 failed
NC-18049 [Base System] Not able to upgrade firmware from loader as 2 GB memory check fails
NC-17432 [Certificates] Certificate with ID email has wrong ID after import
NC-17246 [Clientless Access(HTTP/HTTPS)] URL rewrite inside HTML document not working
NC-15855 [Firewall] Adding a zone without any service fails
NC-16090 [Firewall] Source port changes to random over IPSec VPN
NC-16695 [Firewall] Protect > Intrusion Prevention - column name text wrapped several times in Japanese language
NC-16728 [Firewall] Display issues when editing firewall rules in Traditional and Simplified Chinese
NC-17068 [Firewall] XG not forwarding IPv6 echo request which has no next header (next header=59) in IPv6 header or in extension header
NC-17069 [Firewall] No ICMPv6 parameter problem sent when receiving unrecognized/unassigned next header in IPv6 header or in extension header
NC-17350 [Firewall] IP family wise network/host validation is not done while adding local ACL rule via API
NC-17459 [Firewall] App Filter (microapp enabled) causes port 443 traffic to be forwarded to proxy
NC-17463 [Firewall] Upgrade from SF 15.01 MR3 to SF 16.05 GA results in factory reset
NC-17519 [Firewall] Wrong country classification for IP address
NC-17730 [Firewall] "HTTP service" message displays even HTTP service not there after saving the zone
NC-17731 [Firewall] HTTPS service can be removed from zone, when accessing UI from bridge IP bound to same zone
NC-17732 [Firewall] Duplicate entry of members are seen, when editing the default zones if members are associated with it
NC-16712 [Framework part of Base] HA node in failsafe mode after software upgrade
NC-17259 [Framework part of Base] Unable to see live graph from WAN zone and interface info
NC-11687 [Framework(UI)] Changing system time requires relogin
NC-15270 [Framework(UI)] Not able to select start date and end date for wireless time-based access
NC-1701 [Framework(UI)] TAB focus is not visible in Chrome
NC-17488 [Framework(UI)] Tooltips behave strange and point to a wrong element
NC-18071 [Framework(UI)] Cannot filter for 'Rule Type' in Log Viewer
NC-3965 [Framework(UI)] Cookie not reset after auto logout in userportal
NC-16470 [Galileo Heartbeat] Traffic will be dropped due to Heartbeat if the client is connected to the same Network over LAN and Wifi at the same time
NC-16599 [Galileo Heartbeat] Crash of heartbeatd after "Broken Pipe"
NC-15319 [HA] IPsec VPN not connecting after HA fail over through monitoring port
NC-16832 [Hotspot] Minor UI inconsistency when trying to delete multiple hotspots
NC-17440 [Hotspot] Two mail notifications sent when using "Password of the day" in HA
NC-16639 [IDS + AppControl] Wrong risk level for Facebook Graph API and App is missing in "Very High Risk (Risk Level 5)" apps group
NC-17796 [IDS + AppControl] Not able to configure QoS policy to application category 'IM+ Android'
NC-13255 [IPS] Service stopped/unregistered state after disabling firewall-acceleration in HA mode
NC-15636 [IPS] Unable to start IPS service on SW/VM appliances
NC-15710 [IPS] DHCP option 67 is not working properly
NC-17245 [IPS] IPS engine is not getting reply packets in TAP mode
NC-18368 [IPS] WINGc categorization not working in TAP mode
NC-5474 [IPS] IRQs not set correctly with appropriate CPU for given port-affinity
NC-18197 [License] Administration part of the webadmin page is inaccessible
NC-13375 [Mail Proxy] Email Quarantine only shows first part of day
NC-17346 [Mail Proxy] SPX - after registering it takes time before first message is sent
NC-17804 [Mail Proxy] Incorrect total utilization value shown in SMTP quarantine
NC-17920 [Mail Proxy] Network can also be selected in host list while creating SMTP policy in MTA mode
NC-18044 [Mail Proxy] SMTP service restarts sometimes on high load
NC-18296 [Mail Proxy] Email address is truncated in notifications if sender address contains special chars
NC-4480 [Mail Proxy] MIME filter,SMTP/S: Attachment name with i18n character is not proper in mail body
NC-16898 [Network Services] Unable to add FQDN host using double dash (--)
NC-17276 [Network Services] IPv6 SLAAC does not work according to RFCs
NC-17699 [Network Services] Unable to delete bridge interface when bridge host used in SSL VPN Remote Access
NC-16275 [Networking] IPSec S2S - DHCP reply packet is not forwarded to LAN when PPPOE is enabled on WAN interface
NC-16837 [Networking] WWAN name should be updated to cellular WAN
NC-6943 [Networking] PIM - Interface update from DHCP to PPPoE sets Candidate RP IP to undefined
NC-17375 [RED] DHCP server settings will be reset to default if you change anything in the RED interface
NC-17515 [RED] Monitoring Avaibility->Display wrong colour code and tooltip status for RED status
NC-18017 [RED] RED Tunnel unstable via PPPOE
NC-16690 [Reporting] Double byte caracters in PDF are corrupt
NC-16729 [Reporting] Junk character in report PDF in Traditional Chinese language
NC-16992 [Reporting] Sandstorm records disappear after some time
NC-17330 [Reporting] Unable generate custom report with around 50000 records
NC-17360 [Reporting] Daily report scheduling doesn't work correctly with "Send email at 24 Hours"
NC-17433 [Reporting] Long title runs off at the end of the PDF page for custom reports
NC-17765 [Reporting] VPN traffic in executive repoprt shows no data
NC-16257 [Routing] OSPF multicast group limit reached
NC-17847 [SSLVPN] Wrong info message when saving global SSL VPN settings
NC-6580 [SSLVPN] Disconnecting SSL VPN connections has to take remote port into account
NC-17469 [SupportAccess] Service warning on deactivated SupportAccess
NC-11118 [UI] Improve browser console for long syntax
NC-17965 [UI] Language Selection on login doesn't change the labels in the login mask
NC-15815 [VPN] Incorrect IPSec configuration pushed by SFM
NC-17260 [VPN] Import of configuration files not working
NC-17768 [VPN] Cannot enable Cisco VPN if last remaining user stated on VPN screen is removed from the user's screen
NC-17863 [WAF] XG85 /tmp Partition is filling up
NC-18010 [WAF] Fix segmentation fault in mod_xml2enc for multi-byte charsets
NC-18047 [WAF] Special characters are encoded when HTML rewrite is enabled
NC-13221 [Web] Extra parameters pushed from SFM to SFOS for web settings
NC-13909 [Web] HTTPS traffic is proxied but Web Proxy is turned off
NC-13960 [Web] SFOS breaks auto-update on SAV for Mac
NC-16693 [Web] Protect > Web some strings are cut off
NC-16730 [Web] No captive portal redirection for new requested URL configured in exception with "Skip Policy Checks" action
NC-17398 [Web] Unauthenticated user is able to access the Whatsapp/Facebook application
NC-17481 [Web] Captive Portal redirecting to empty IP address
NC-17740 [Wireless] Rogue AP scan failed in log viewer
NC-18006 [Wireless] LocalWiFi - failed to configure IP address on WiFi interface
NC-18025 [Wireless] Rogue AP Scan failed when click on "Scan Now"

Downloads

You can find the firmware for your appliance from in MySophos portal.

Parents
  • Looking forward to testing these items, as I had all three:

    NC-17740 [Wireless] Rogue AP scan failed in log viewer (in MR1 I had this turned off)

    NC-18006 [Wireless] LocalWiFi - failed to configure IP address on WiFi interface (in MR 1 I had to restart the device)

    NC-18025 [Wireless] Rogue AP Scan failed when click on "Scan Now" (as above)

    Looks good so far.....  :-)

Comment
  • Looking forward to testing these items, as I had all three:

    NC-17740 [Wireless] Rogue AP scan failed in log viewer (in MR1 I had this turned off)

    NC-18006 [Wireless] LocalWiFi - failed to configure IP address on WiFi interface (in MR 1 I had to restart the device)

    NC-18025 [Wireless] Rogue AP Scan failed when click on "Scan Now" (as above)

    Looks good so far.....  :-)

Children
No Data