Sophos released UTM Update 9.404-5

Sophos released a new maintenance release for the UTM. REDs and Wifi APs will perform firmware upgrade
Fixes:

NUTM-1775 [Access & Identity] 35668: DHCP Broadcast over all RED LAN ports causing wrong IP address assignment
NUTM-1784 [Access & Identity] implement “TLS 1.2 only” switch for RED to UTM communication
NUTM-2404 [Access & Identity] 36172: RED15 has loaded fallback network config
NUTM-2841 [Access & Identity] 36224: WARNING: CPU: 1 PID: 0 at net/netfilter/nf_conntrack_expect.c:51 nf_ct_unlink_expect_report+0x5e/0xd1 [nf_conntrack]()
NUTM-3415 [Access & Identity] PPTP VPN with an IP Pool 172.16.0.0/20 doesn’t work correctly
NUTM-3439 [Access & Identity] After upgrade to 9.4 and using SSL VPN the IPv4 traffic is not going over the full tunnel
NUTM-3536 [Access & Identity] RED15 traffic not possible, red_server reports “Unable to get proc entry”
NUTM-3719 [Access & Identity] mdw errors when configuring a RED device
NUTM-3735 [Access & Identity] SSL VPN IP pool should not be usable without IPv4
NUTM-3757 [Access & Identity] SSL VPN: don’t push IPv6 interface address if no IPv6 route is pushed
NUTM-3763 [Access & Identity] SSL VPN client cannot be downloaded from userportal with IE
NUTM-3843 [Access & Identity] SSL VPN route injection into OSPF not working properly after update to 9.4
NUTM-3867 [Access & Identity] SMC: WEP passwords are not pushed correctly
NUTM-3924 [Access & Identity] PPTP and iOS with config from userportal doesn’t work properly
NUTM-3934 [Access & Identity] RED: CON_CLOSE provide information to UTM if peer is not stable enough
NUTM-3962 [Access & Identity] IPsec doesn’t work with SHA2
NUTM-4173 [Access & Identity] Since Update to 9.4 IPsec site-to-site connections won’t work after pppoe reconnect
NUTM-3982 [Basesystem] Errors in Notifications Database
NUTM-2677 [HA/Cluster] 36293: The Slave node in HA doesn’t show any resource usage
NUTM-2235 [Network] 35662: Additional adresses of a PPPoE interface are not reachable after takeover
NUTM-3684 [Network] APN can’t be changed if LTE is selected as network
NUTM-3061 [Reporting] Remote Access filtering is not working correctly if the username contains a “\” sign
NUTM-3662 [Reporting] wrong descriptions for CRIT-065 and INFO-007 in MIB file
NUTM-3753 [Reporting] Remote Access Accounting not recording L2TP sessions
NUTM-4306 [Reporting] postgres[xxxxx]: [x-x] STATEMENT: select src_ip, virt_ip, virt_ip6, logintime, service from vpn where status = 0 and logintime = logouttime LIMIT 1000
NUTM-3689 [SUM] device agent claims SUM objects
NUTM-3028 [Virtualization] HyperV interface handling (9.4)
NUTM-3482 [WAF] form template unchanged with update from 9.355 to 9.4
NUTM-3694 [WAF] Customized mod_security rule didn’t work correctly
NUTM-3748 [WAF] Content length and content get lost when using form-harding
NUTM-4119 [WAF] SSL is not used to transfer sticky session cookies
NUTM-3172 [WebAdmin] Support tools – PPPoE shows itfhw instead of vlantag
NUTM-3113 [Web] Proxy freeze after Savi update
NUTM-3118 [Web] “Remove embedded objects” / “Disable JavaScript” shows script code
NUTM-3367 [Web] “Unblock URL” button is displayed even when “Users/Groups Allowed to Bypass Blocking” is empty
NUTM-3485 [Web] HTTP Proxy profile matching doesn’t work for DNS groups which contain IPv6 addresses
NUTM-3550 [Web] frox segfaults/core dumps while uploading files
NUTM-3554 [Web] Error returned from samba command on AD sync
NUTM-3617 [Web] Sandstorm Database Error
NUTM-3710 [Web] New exception regex for Chrome Update
NUTM-3844 [Web] If using a ‘ character in file name, postgres is not able to insert this to the TransactionLog (Sandbox)
NUTM-3920 [Web] Sandbox: cleaning up old data in TransactionLog on slave nodes raises postgres errors
NUTM-4055 [Web] HTTP Proxy causing weird log entries in uma.log
NUTM-3039 [WiFi] RADIUS authentication failover via Availability Group not working correctly
NUTM-3072 [WiFi] Hotspot: race condition if multiple logins per MAC
NUTM-3472 [WiFi] wireless.log – download_ca: CA fingerprint overwritten by TA / No trusted fingerprint found in certificate chain HUB.
NUTM-3760 [WiFi] WIFI profile pushed to SMC using same name
NUTM-4117 [WiFi] Mesh AP’s all go down and do not come back up
NUTM-4151 [WiFi] AP30 (possibly other models) not becoming active anymore after update to >= 9.400
NUTM-4126 [[Backend/Devel] Confd] Clean up of duplicate Domain-Regex
NUTM-4142 [[Backend/Devel] Confd] Remote Access Manager can’t deactivate a VPN profile with groups
NUTM-4158 [[Backend/Devel] Confd] confd[xxx]: parse_formats: unrecognized tag format: FUNC__XXX
NUTM-4160 [[Backend/Devel] Confd] Accessing WebAdmin as non-superuser repeatedly raises “NODE_READ_DENIED” error on confd node “migration->tab_visibility”

 

Download (FTP): u2d-sys-9.403004-404005.tgz.gpg

Download (HTTP): u2d-sys-9.403004-404005.tgz.gpg

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.