Sophos UTM: Up2Date 9.601 Released

Today they released UTM 9.601. The release will be rolled out in phases.

In phase 1 you can download the update package from their FTP server, in phase 2they will spread it via theirĀ Up2Date servers.

Download here:

Up2Date Information


  • Maintenance Release


  • System will be rebooted
  • Configuration will be upgraded
  • Connected REDs will perform firmware upgrade

Issues Resolved

  • NUTM-10492 [AWS] UTM on AWS Auto-scaling: Sync log setting to worker nodes
  • NUTM-9746 [AWS] Standby UTM on AWS sending un-encrypted daily backups
  • NUTM-9846 [AWS] IAM policy missing permission which causes conversion to fail
  • NUTM-9675 [Access & Identity] Bypass Users doesn’t work for AD backend group with users
  • NUTM-9838 [Access & Identity] SSL VPN connection through Webproxy not possible
  • NUTM-10018 [Basesystem] MiddleWare starting up time takes long when having lots of multipath routes
  • NUTM-10164 [Basesystem] Delay in accessing internal services after users connect to the remote access SSL VPN
  • NUTM-10183 [Basesystem] Patch OpenSSL (CVE-2018-0732)
  • NUTM-10280 [Basesystem] cURL: NTLM Authentication Code Buffer Overrun Vulnerability (CVE-2018-14618)
  • NUTM-10306 [Basesystem] syslog-ng requiring huge amounts of memory over time
  • NUTM-9660 [Basesystem] DHCP vulnerability (CVE-2018-5732 and CVE-2018-5733)
  • NUTM-9976 [Basesystem] SG115 rev3 HA eth3 interface flapping
  • NUTM-9648 [Documentation] Static route not applying when configuring Bind tunnel to local interface on IPsec connection
  • NUTM-9712 [Documentation] ATP exception doesn’t work as expected
  • NUTM-9872 [Documentation] Incorrect documentation for ReportAuditor rights
  • NUTM-10078 [Email] Help text in quarantine mail truncated in Outlook
  • NUTM-10112 [Email] User portal users still able to put senders on Whitelist even if Whitelist is disabled
  • NUTM-10186 [Email] S/MIME signed mails have an invalid signature if 3rd party CA is used
  • NUTM-10266 [Email] Wrong URL for Antispam IP reputation-check
  • NUTM-10346 [Email] High CPU usage from smtp due to deadlock/timeout
  • NUTM-10400 [Email] Coredump of SMTPD.BIN
  • NUTM-10440 [Email] SPX encryption doesn’t work in case the sender address contains a “/”
  • NUTM-9787 [Email] SMTPD core dumps with signal SIGABRT
  • NUTM-10250 [Network] DNS Group Objects filling up with old IP addresses
  • NUTM-10592 [Network] PPPoE connection fails after HA upgraded to 9.6
  • NUTM-10168 [RED] REDs are displayed as “offline” even though the tunnel is working
  • NUTM-10470 [RED] No traffic goes through RED Tunnel when compression is enabled
  • NUTM-10325 [WAF] 500 Internal Server Error if max scan size limit is disabled
  • NUTM-10419 [WAF] “Web Application Protection Auditor” permission is not sufficient to load Advanced Certificates tab
  • NUTM-10133 [WebAdmin] Ping over interface does not work on VDSL PPPoE interface
  • NUTM-10273 [WebAdmin] Webadmin session will be interrupted with pop-up “Backend connection failed”
  • NUTM-9569 [WebAdmin] If an interface is deleted which is used in a policy route, it can cause a network outage
  • NUTM-10244 [Web] AFC skip user/group specific rule if the user surfs through the HTTP Proxy although the ipset exist
  • NUTM-10285 [Web] urid service restarting intermittently
  • NUTM-10390 [Web] Huge HTTP logs because of “epoll_read_until: Transport endpoint is not connected”
  • NUTM-10409 [Web] HTTP Proxy segfaults, coredumps
  • NUTM-10500 [Web] HTTP “epoll_read_until: Transport endpoint is not connected” logs still growing after patch
  • NUTM-4256 [Web] Sandboxd selfmon check sends wrong notification
  • NUTM-9968 [Web] AD SSO Transparent Proxy redirects websites to User Portal



Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.