Sophos UTM 9.314-013 Update released

This time a big update from Sophos 🙂
Up2Date 9.314013 package description:

System will be rebooted
Configuration will be upgraded
Connected Wifi APs will perform firmware upgrade

Maintenance Update

Fix [22437]: HTML5 RDP: swiss keyboard not working with ALT-Gr-letters using Chrome
Fix [23348]: Multipath for ftp over http isn’t working when control and data connection use different path
Fix [30224]: Parallel dns queries fail on identical source port
Fix [31261]: Support Japanese PDF version of Daily Executive Report
Fix [31910]: Request dns_host object info causes high system load due to large confd_objects table
Fix [32594]: WAF: Disable backend connection pooling
Fix [32862]: Traffic is included in statistics and executive reports although an exception exists
Fix [33666]: HTTP server (UserPortal/WebAdmin) has missing/wrong error handling for “CONNECT” method
Fix [33716]: Dashboard shows AntiSpam is active for protocols POP3 with Basic Guard License
Fix [33958]: IPFIX is mixing data streams in HA/Cluster mode
Fix [34210]: BGP Soft-reconfiguration not honoured
Fix [34234]: AFC problem with HTTPS in transparent mode
Fix [34333]: Webadmin backend connection failed ‘Shift + f5’-reload causes incorrect and premature failed login alert
Fix [34460]: IE 9/10 crashes when displaying 4xx/5xx error page
Fix [34495]: QoS: Disabling Download Equalizer breaks Downlink limit
Fix [34510]: NTLMSSP_AUTH not send from Windows 7 workstations
Fix [34533]: Browser-language should be used for keyboard layout in HTML5 portal RDP connections
Fix [34554]: Suppress snmpd logline “Wrong netlink message type 3”
Fix [34575]: AP10/AP30 – auto channel selection always selects channel 1
Fix [34612]: device-agent restarting constantly
Fix [34622]: History back traverse broken in chrome
Fix [34626]: Long path name in site path routing breaks WAF
Fix [34655]: Web Protection reporting will be not displayed correctly if you use a german webadmin
Fix [34666]: FTP Proxy: frox segfault in realloc
Fix [34684]: Wireless.log shows lots of messages like “rt305x-esw 10110000.esw: link changed”
Fix [34693]: HTML5 portal kicks users with configuration changed message on every aptp update
Fix [34695]: Kernel: Unable to handle kernel NULL pointer dereference at (null)
Fix [34724]: OBJECT_NAMESPACE collision when whitelist/blacklist with identical name is deployed via SUM
Fix [34788]: HTTP Proxy: segfault in tcmalloc::ThreadCache
Fix [34791]: HTML5 VPN: keyboard input not working on Android devices
Fix [34793]: E-mail graph missing in executive report
Fix [34812]: SPF check against IPv6 subnet does not work.
Fix [34824]: device-agent stucks when deployment is taking too long
Fix [34845]: Remote Access graphs shows wrong values
Fix [34853]: Mail Manager: perl runtime error when subject contains double byte charactes
Fix [34871]: IPsec Remote Access connection may fail to aquire an IP from pool of static IPs
Fix [34872]: Up2Date Cache setting not updated when changing SUM host
Fix [34882]: Imported SMIME cert fills up storage partition
Fix [34887]: Up2date not possible caused by DNS issue
Fix [34888]: True type file inspection should not be executed if MIME type blocking is disabled
Fix [34891]: ‘Show IP BGP Unicast’ button not working
Fix [34902]: outgoing spam is always quarantined even though (confirmed) spam action is “warn”.
Fix [34907]: HTTP Proxy: deflate zlib data according to RFC
Fix [34911]: Backend AD sync shows error messages in aua.log
Fix [34917]: Dashboard times out in case of many interfaces
Fix [34924]: SMIME signed invitations will loose the “meeting” features in outlook
Fix [34927]: Change default algorithm for creating CAs to sha256
Fix [34939]: WAF reverse auth Japanese characters garbled
Fix [34943]: afcd memleak in 9.310
Fix [34945]: Network monitor daemon segfault / coredump
Fix [34950]: Can’t enable Cisco VPN anymore after the last user was deleted
Fix [34954]: HTTP filter action still shows the old category name after the name was changed
Fix [34968]: AP55C not becoming active
Fix [34970]: AP100C/AP55C: IFUP_ERROR
Fix [34972]: memtest does not work on SG series
Fix [34974]: BGP with IPv6 is broken
Fix [34975]: HTTP Proxy: core dump kernel_vsyscall
Fix [34978]: RED50 doesn’t work with some big packets
Fix [34984]: Can’t use string (“0”) as a HASH ref while “strict refs” in use at /wfe/asg/modules/ line 3714
Fix [34988]: RED50 ignores list of allowed VLAN tags in ‘Tagged’ VLAN port operation
Fix [34993]: Dashboard does not display traffic data for ethernet vlan interface types
Fix [35003]: Untrusted issuer warnings for trusted CAs
Fix [35005]: It is not possible to create a second convert bridge
Fix [35006]: syslog-ng reaching max connections due to hotspot traffic
Fix [35013]: DPD not set in case remote device is sending DPD vendor payload not in the first main mode message
Fix [35017]: Websec-reporter creates coredumps
Fix [35018]: HTTP Proxy: EpollWorker segfault in kernel_vsyscall
Fix [35025]: SPX: no NDR is sent out if recipient does not register
Fix [35026]: HTTP Proxy: Country blocking exceptions for destination not working
Fix [35028]: Timezone update 2015c
Fix [35034]: DLP emails are not visible in Mail Manager SMTP Log if DLP action is “Allow”
Fix [35040]: HTTP Proxy: POST request fails with “broken pipe”
Fix [35042]: Error output while executing repctl -m command
Fix [35057]: Internal Wifi adapter is active on slave node in HA
Fix [35070]: SSL VPN: change default DH key size to 2048 and add key size 3072/4096
Fix [35073]: SafeSearch does not block all provocative images
Fix [35107]: Can not display “Endpoint Protection” summary page when there is an Endpoint without group
Fix [35108]: Day in Dashboard date sometimes off by one
Fix [35128]: User portal fallback language is not set to what it suppose to be set
Fix [35133]: SPX: Reply portal shows wrested email recipient and sender addresses in original message
Fix [35137]: Endpoint – USB exemptions configured on the UTM do not work for some USB sticks
Fix [35141]: WIFI-Client can’t get an IP if static and dynamic VLAN is same
Fix [35161]: Hotspot login page is looping if the interface for the hotspot is a RED vlan interface and QoS is enabled on the interface
Fix [35165]: Problem displaying quarantined emails in case several addresses are in cc
Fix [35176]: IPTables will not update if you add a host to a network group which is used in a packetfilter rule
Fix [35177]: SPX encryption does not work if From header is invalid
Fix [35183]: HTML5 VPN: mobile keyboard not working on iOS devices in Safari
Fix [35185]: SPX: Password registration form (PW specified by recipient) does not work due disabled reply portal
Fix [35199]: Mail Manager: “\” in Sender/Rcpt/Subject substring causes a perl error
Fix [35200]: SSID and PSK disappear from Voucher
Fix [35225]: Background channel switching doesn’t work on AP55C/AP100C
Fix [35226]: Mail Manager: perl runtime error while trying to view an email without mail body
Fix [35228]: handle nvme devices during installation
Fix [35229]: Access control: Mail Protection Manager can not create any exceptions
Fix [35240]: Web Proxy duplicates headers in XSS request
Fix [35245]: Raid monitor not running
Fix [35256]: Middleware logs error for uninitialized value during regex operation
Fix [35257]: Not possible to add Network group object as “Network Protection Manager”
Fix [35266]: Uncategorized websites show up in reports as Categorization Failed
Fix [35272]: Mail Manager: incorrect pagination when removing entries


Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.