Sophos UTM Up2Date 9.707 Released

Sophos has just soft-released 9.707 today, fixing theese issues, here is from release notes:

We’ve just released UTM 9.707. As usual, the release will be rolled out in phases:

  • In phase 1 you can download the update package from our download server.
  • During phase 2 we will make it available via our Up2Date servers in several stages.
  • In phase 3 we will make it available via our Up2Date servers to all remaining installations.

Up2date information


  • Maintenance release
  • Security release


  • System will be rebooted
  • Configuration will be upgraded

Issues resolved

  • NUTM-12550 [Access & Identity] Replace deprecated option in SSLVPN client config
  • NUTM-12310 [Email] SPF checks incorrectly occurring when multiple upstream hosts are configured in an availability group
  • NUTM-12672 [Logging] IPFIX does not switch source and destination ports between inbound and outbound side of flow
  • NUTM-12749 [Basesystem] Update bzip2 to address CVE-2019-12900
  • NUTM-12590 [Basesystem] Patch OpenSSL against CVE-2021-23840 & CVE-2021-23841


Remark, the “NUTM-12550 [Access & Identity] Replace deprecated option in SSLVPN client config” contains this change:

They replaced the deprecated command-line option --tls-remote with the update option --verify-x509-name in OpenVPN client config files.

This updated option has been supported in OpenVPN since version 2.5.3, released in 2013. Continuing to use the older option generates warnings during connection.


Source: (4) UTM Up2Date 9.707 Released – Release Notes & News – UTM Firewall – Sophos Community

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.