Sophos UTM Update 9.210-20 released!

Last week Sophos made a soft-release (this time a maintenance release) of the 9.210-20 update. It also solved our own company bug with local VPN groups containing AD users (users could connect via VPN but didn’t have the availability to download the client in the UserPortal). The update also contains new firmware for Sophos access points. Here is the bugfix-list:

27257 RED50 frequently reconnecting because configuring an Additional Address as UTM-Hostname is not supported
27588 Unable to fetch POP3 accounts on iOS devices via POP3 Proxy
27647 aua does not work with facility http while installing basic guard license
27905 [BETA] log the mac addresses human readable with leading zeros in the packetfilter log
28056 it’s not possible to view or download large log files in the webadmin because root partition is too small
28400 Syslog not started after ipsbundle pattern installation
28842 HA takeover if master reboots takes too much time
28966 exceptions for Common Threat Filters do not work individually
29412 Wireless Security Manager Role can’t accept new AP’s
30800 [BETA] Some double byte characters aren’t filtered by DLP custom rule and AntiSpam Expressions filter.
31083 Remote SSL VPN view is empty in printable configuration
31340 rsyncd not started after switching to master mode (slave node hangs in syncing state)
31387 ad-sid-sync.pl is executed even if AD sync is disabled
31534 Wrong date in executive report
31581 Up2date pattern rpm’s fails to install if hostname contains ‘/’ character.
31859 Make http proxy handle uncompressed DNS responses
32034 Full transparent AD SSO redirect URL request gets dropped by packetfilter
32079 UMTS modem device hanging
32097 High load after pattern installation [9.2]
32190 Policy tester always returns “allowed” if warn page is proceeded once
32391 UMTS interface doesn’t come up again after the speed changed from 4G to 3G
32433 Not possible to delete VPN tunnel managed by SUM after use “cleanup object”
32537 Guest login fails in transparent browser auth mode if “terms of use” confirmation is required
32552 Quarantined mail will be quarantine again after release with the same reason
32588 Can’t restore backup beacause of an undefined value
32602 Web control policy not applying to endpoints
32604 Special characters like umlauts didn’t work in passwords with reverse authentication for the WAF
32607 Not possible to use virtual mac on lag interfaces
32683 Can’t send a VPN Profile to the SMC if the Organization Name includes a umlaut
32690 It’s not possible to use Subfolders for Remote Log File Archives over SMB on CIFS share
32696 Hotspot: only one login possible per username for backend authentication hotspot
32703 Multicast traffic problems after upgrading to SG430 and 9.204
32711 Mail preview should display kyrilic or chinese chars too.
32713 Console keyboard doesn’t work
32726 Dashboard does not show Antivirus active protocols for HTTP/S
32794 vpn-reporter.pl segfault in get_amazonvpc
32805 NETDEV WATCHDOG: eth0 (tg3): transmit queue 0 timed out
32832 Remote Syslog Server IPv6 support
32837 vpn-reporter.pl segfaults, error 4 in libc-2.11.3.so
32851 Device auth reports wrong client information
32852 Any SSL traffic through HTTP proxy gets classified as “Sophos Portal” if a “Sophos Portal” AppCtrl rule exists
32870 ad-sid-sync.pl fails to lookup trusted domains groups
32940 SG550: Licensing does not work if module is relocated after installation
32950 Configuring a whitelist in webfilter filter action appears in blacklist on UTM
32957 winbindd died in kernel_vsyscall
32969 Coredumps from reverseproxy after update to v9.206
32972 IPS exception does not work for SID 18575
32980 Remove RC4 from TLS ciphers in Exim
33019 After upgrading to iOS 8 UTM does not recognize iOS anymore (Device-specific Authentication)
33111 Group matching incorrect if user belongs to static and backend groups
33277 [9.2] Add support for passthrough NTLM connection
33307 Not possible to change TLS certificate
33323 Using @ in hostname results in corrupt /etc/syslog-ng.conf
33382 Config changes in IPsec remote access sometime causing a drop of established connections
33429 AP100: Unable to authenticate with an SSID using a PSK with a dollar character
33515 SMTP Vulnerability in SSL v3.0
33516 POP3 Vulnerability in SSL v3.0
33613 OS X HTTPS traffic identified as iOS

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.