Up2Date 9.706008
Zitat von mpca am 3. Mai 2021, 13:01 UhrNews:
Maintenance Releasehttps://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-706-released
Bugfixes:
Fix [NUTM-12050]: [Access & Identity] IPv6 auto-firewall rules missing with IPsec S2S respond only
Fix [NUTM-12062]: [Access & Identity] AD Group object not updated when user with an Umlaut in the username logs in
Fix [NUTM-12188]: [Access & Identity] openl2tp service is dead and unable to start
Fix [NUTM-12198]: [Basesystem, UI Framework] Webadmin host injection reported
Fix [NUTM-11753]: [Basesystem] SG450 RAID status not alerting
Fix [NUTM-11988]: [Basesystem] Interface goes down after re-assigning the hardware of an interface
Fix [NUTM-11989]: [Basesystem] BGP issue causes long delay in UTM startup
Fix [NUTM-12064]: [Basesystem] Perl - Vulnerabilities
Fix [NUTM-12112]: [Basesystem] Libc Vulnerabilities
Fix [NUTM-12122]: [Basesystem] net-snmp Vulnerability CVE-2019-20892
Fix [NUTM-12354]: [Basesystem] Patch BIND (CVE-2020-8620 CVE-2020-8621 CVE-2020-8622 CVE-2020-8623 CVE-2020-8624)
Fix [NUTM-12471]: [Basesystem] OpenSSL: CVE-2020-1971 - DoS
Fix [NUTM-11941]: [Email] unnecessary SMTP restarts due to a SSL VPN login
Fix [NUTM-12286]: [Email] ECC Ciphers ECDH-ECDSA not supported by Exim SMTP
Fix [NUTM-12317]: [Email] Stored XSS in quarantined email detail view leads to full compromise
Fix [NUTM-12542]: [Email] Arbitrary Config Object Deletion via User Portal
Fix [NUTM-12578]: [Email] Pre-auth RCE via Untrusted Deserialization in QM/SPX
Fix [NUTM-12289]: [Kernel] "Pryde" FW evasion issues affecting UTM
Fix [NUTM-11915]: [Network] Ipsec routes will be removed if a wifi network will be added and the ipsec local networks overlap with an existing wifi network
Fix [NUTM-12045]: [Network] INFO-122 Dhcpd not running
Fix [NUTM-12280]: [RED] RED site-to-site tunnels reconnecting at random intervals (utm to tum)
Fix [NUTM-12253]: [RED_Firmware] Split DNS doesn't work with SD-RED
Fix [NUTM-12379]: [RED_Firmware] RED doesn't reboot after reconnect doesn't work properly
Fix [NUTM-12098]: [UI Framework] Remote crash of User Portal index.plx
Fix [NUTM-12710]: [Up2Date] Up2Date caching feature is broken after UTM 9.706
Fix [NUTM-11950]: [WAF] AH00051 child pid XXXX exit signal Segmentation fault (11), possible coredump in /tmp
Fix [NUTM-12148]: [WAF] WAF not always sending SNI to backend
Fix [NUTM-12029]: [Web] AWS https scanning connect timeout on some sites with chrome
Fix [NUTM-12204]: [Web] High CPU with http proxy coredumps .
Fix [NUTM-12032]: [Wireless] "&" sign in PSK cause issues after config change
Fix [NUTM-12127]: [Wireless] wireless client list empty
Fix [NUTM-12254]: [Wireless] Website not loading for wireless user due to large packets whose size is larger than the MTU of the link
Fix [NUTM-12362]: [Wireless] AP55/55C/100X/320X : Communication issue for Clients which are connected to the same SSID but at different APs
Fix [NUTM-12383]: [Wireless] All SSIDs disappears from AP and disconnects all connected clients
News:
Maintenance Release
https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-706-released
Bugfixes:
Fix [NUTM-12050]: [Access & Identity] IPv6 auto-firewall rules missing with IPsec S2S respond only
Fix [NUTM-12062]: [Access & Identity] AD Group object not updated when user with an Umlaut in the username logs in
Fix [NUTM-12188]: [Access & Identity] openl2tp service is dead and unable to start
Fix [NUTM-12198]: [Basesystem, UI Framework] Webadmin host injection reported
Fix [NUTM-11753]: [Basesystem] SG450 RAID status not alerting
Fix [NUTM-11988]: [Basesystem] Interface goes down after re-assigning the hardware of an interface
Fix [NUTM-11989]: [Basesystem] BGP issue causes long delay in UTM startup
Fix [NUTM-12064]: [Basesystem] Perl - Vulnerabilities
Fix [NUTM-12112]: [Basesystem] Libc Vulnerabilities
Fix [NUTM-12122]: [Basesystem] net-snmp Vulnerability CVE-2019-20892
Fix [NUTM-12354]: [Basesystem] Patch BIND (CVE-2020-8620 CVE-2020-8621 CVE-2020-8622 CVE-2020-8623 CVE-2020-8624)
Fix [NUTM-12471]: [Basesystem] OpenSSL: CVE-2020-1971 - DoS
Fix [NUTM-11941]: [Email] unnecessary SMTP restarts due to a SSL VPN login
Fix [NUTM-12286]: [Email] ECC Ciphers ECDH-ECDSA not supported by Exim SMTP
Fix [NUTM-12317]: [Email] Stored XSS in quarantined email detail view leads to full compromise
Fix [NUTM-12542]: [Email] Arbitrary Config Object Deletion via User Portal
Fix [NUTM-12578]: [Email] Pre-auth RCE via Untrusted Deserialization in QM/SPX
Fix [NUTM-12289]: [Kernel] "Pryde" FW evasion issues affecting UTM
Fix [NUTM-11915]: [Network] Ipsec routes will be removed if a wifi network will be added and the ipsec local networks overlap with an existing wifi network
Fix [NUTM-12045]: [Network] INFO-122 Dhcpd not running
Fix [NUTM-12280]: [RED] RED site-to-site tunnels reconnecting at random intervals (utm to tum)
Fix [NUTM-12253]: [RED_Firmware] Split DNS doesn't work with SD-RED
Fix [NUTM-12379]: [RED_Firmware] RED doesn't reboot after reconnect doesn't work properly
Fix [NUTM-12098]: [UI Framework] Remote crash of User Portal index.plx
Fix [NUTM-12710]: [Up2Date] Up2Date caching feature is broken after UTM 9.706
Fix [NUTM-11950]: [WAF] AH00051 child pid XXXX exit signal Segmentation fault (11), possible coredump in /tmp
Fix [NUTM-12148]: [WAF] WAF not always sending SNI to backend
Fix [NUTM-12029]: [Web] AWS https scanning connect timeout on some sites with chrome
Fix [NUTM-12204]: [Web] High CPU with http proxy coredumps .
Fix [NUTM-12032]: [Wireless] "&" sign in PSK cause issues after config change
Fix [NUTM-12127]: [Wireless] wireless client list empty
Fix [NUTM-12254]: [Wireless] Website not loading for wireless user due to large packets whose size is larger than the MTU of the link
Fix [NUTM-12362]: [Wireless] AP55/55C/100X/320X : Communication issue for Clients which are connected to the same SSID but at different APs
Fix [NUTM-12383]: [Wireless] All SSIDs disappears from AP and disconnects all connected clients