Sophos UTM 9.710-1 update released

News

This update removes the end-of-life SSLVPN client. It is no longer available to download from the User Portal. For more information see this end-of-life notice and this vulnerability disclosure.

With the standalone IPSec client also reaching end-of-sale on 30 March 2022, we have refreshed the remote access page of the User Portal to better support Sophos Connect. Sophos Connect is the recommended alternative to the old SSLVPN and IPSec clients. Download links on the User Portal now direct users to the Sophos Connect section on our downloads page. Configuration links have been updated to provide certificate packages and settings that can be imported by Sophos Connect to get users up and running quickly.

Screenshot of updated user portal

 

Sophos Connect client should be able to work with any IPSec or SSLVPN configuration you already have set up. Here are some additional links to help understand how it works.

Other news

  • Maintenance release
  • Security release

Remarks

  • System will be rebooted
  • Configuration will be upgraded

Issues Resolved

  • NUTM-12592 [Basesystem] Use Only Secure Ciphers for UTM SSH Server
  • NUTM-12784 [Basesystem] Patch BIND vulnerabilities (CVE-2021-25214CVE-2021-25215CVE-2021-25219)
  • NUTM-13101 [Basesystem] Patch Strongswan Vulnerability (CVE-2021-41991)
  • NUTM-13119 [Basesystem] Patch Binutils Vulnerability (CVE-2021-3487)
  • NUTM-13144 [Basesystem] Remove SSLVPN client downloader from UTM
  • NUTM-13192 [Basesystem] Use Secure Key Exchange Algorithms for SSH
  • NUTM-13203 [Basesystem] snmpd high memory for snmpwalk v3
  • NUTM-12615 [Configuration Management] Root password hash exposed via confd*.log (CVE-2022-0652)
  • NUTM-13013 [Email] Upgrade Exim to v4.95
  • NUTM-13200 [Email] OAEP RSA padding mode still uses SHA-1 in S/MIME
  • NUTM-13267 [Email] SQLi in the Mail Manager (CVE-2022-0386)
  • NUTM-13071 [Logging] IPFIX reporting transferred data on wrong direction
  • NUTM-12885 [Network] IPS exceptions issue
  • NUTM-12987 [RED] Issue with RED tunnel on BO after disconnecting PPPoE
  • NUTM-12936 [Web] Add configuration for overriding warn page to proceed link protocol (Standard Mode SSO)

Download

https://ftp-astaro-com.s3-eu-west-1.amazonaws.com/UTM/v9/up2date/u2d-sys-9.709003-710001.tgz.gpg

6 thoughts on “Sophos UTM 9.710-1 update released”

  1. Good Morning,
    Thanks for your Post
    On my UTM with the latest Firmware, i always get the old SSL VPN Client linked in the UserPortal and not the new Sophos Connect Client.
    Do you have an idea why?
    Please excuse my bad English, I can only speak German

    Kindly Regards from Upper Austria

    Reply
    • Hallo Daniel,

      kann es sein, dass du noch die 9.709 hast? Weil auf meiner SG nur noch ein Link zum Connect Client vorhanden ist.
      Auch bei allen Kundensystemen die ich betreue, ist nach dem Update der SSL-VPN Client weg.

      Viele Grüße

      Phillip

      Reply
  2. Hello Networkguy

    Thanks for your work.
    So do SSLVPN clients that have already been rolled out still work or has the feature been removed altogether on the UTM side?

    Thanks and greetings,
    Simon

    Reply
    • Hello Simon,

      the SSL VPN client is still running without any problems. It can only no longer be downloaded in the user portal and webadmin and it is also no longer updated by Sophos.

      Many greetings

      Phillip

      Reply
  3. Thank you for the information.

    I wish you continued success with your blog, I’m glad you have the blog and maintain.

    Reply

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.