Sophos have today relaed this update to all UTM’s:
Up2Date 9.710001 package description:
Remarks:
System will be rebooted
Configuration will be upgraded
News:
Maintenance Release
Bugfixes:
Fix [NUTM-12592]: [Basesystem] Use Only Secure Ciphers for UTM SSH Server
Fix [NUTM-12784]: [Basesystem] Patch BIND vulnerabilities (CVE-2021-25214, CVE-2021-25215, CVE-2021-25219)
Fix [NUTM-13101]: [Basesystem] Patch Strongswan Vulnerability (CVE-2021-41991)
Fix [NUTM-13119]: [Basesystem] Patch Binutils Vulnerability (CVE-2021-3487)
Fix [NUTM-13144]: [Basesystem] Remove SSLVPN client downloader from UTM
Fix [NUTM-13192]: [Basesystem] Use Secure Key Exchange Algorithms for SSH
Fix [NUTM-13203]: [Basesystem] snmpd high memory for snmpwalk v3
Fix [NUTM-12615]: [Configuration Management] Root password hash exposed via confd*.log (CVE-2022-0652)
Fix [NUTM-13013]: [Email] Upgrade Exim to v4.95
Fix [NUTM-13200]: [Email] OAEP RSA padding mode still uses SHA-1 in S/MIME
Fix [NUTM-13267]: [Email] Nest – SQLi in the Mail Manager (CVE-2022-0386)
Fix [NUTM-13071]: [Logging] IPFIX reporting transferred data on wrong direction
Fix [NUTM-12885]: [Network] IPS exceptions issue
Fix [NUTM-12987]: [RED] Issue with RED tunnel on BO after disconnecting PPPoE
Fix [NUTM-12936]: [Web] Add configuration for overriding warn page proceed link protocol (Standard Mode SSO)
RPM packages contained:
AstaroPerl-5.10.1-1008.57.gdaafca1.rb3.i686.rpm
app-accuracy-client-9.70-1.gd08e3e4.rb2.noarch.rpm
binutils-2.25.0-5.5.2018.gcc020198.rb3.i686.rpm
client-openvpn-9.70-4.g5143b91.rb2.noarch.rpm
cm-nextgen-agent-9.70-7.g8eb321a.rb3.i686.rpm
cpio-2.9-75.80.1.1947.g452029e0.rb3.i686.rpm
ipv6-hurricane-9.70-1.gc66dbf0.rb2.i686.rpm
macset-9.70-1.g1bc5be2.rb3.i686.rpm
perl-Net-MAC-Vendor-1.18-1.994.g51dec3d.rb3.noarch.rpm
sophos-wifi-0.1-1.0.407505236.g97f3d0747.rb1.i686.rpm
ulogd-2.1.0-141.g0c56ed8.rb3.i686.rpm
uma-9.70-3.gcb96601.rb2.i686.rpm
ep-reporting-9.70-42.g3bebde3.rb3.i686.rpm
ep-reporting-resources-9.70-42.g3bebde3.rb3.i686.rpm
ep-aua-9.70-25.g0f77948.rb3.i686.rpm
ep-awed-9.70-40.g5e7389b.rb4.i686.rpm
ep-awetools-9.70-1.gcf2c4ac.rb2.i686.rpm
ep-confd-9.70-900.gb08e1bfcf.rb8.i686.rpm
ep-confd-tools-9.70-890.g259cddf70.rb8.i686.rpm
ep-confd-turksat-xml-rpc-proxy-9.70-1.g0916652.rb2.i686.rpm
ep-ctmon-9.70-1.ged02c90.rb2.i686.rpm
ep-epsecd-9.70-1.g72334a1.rb2.i686.rpm
ep-ha-confd-9.70-1.g03e453a.rb2.i686.rpm
ep-hotspot-web-9.70-1.g1bc5be2.rb5.i686.rpm
ep-hotspotd-9.70-1.g1bc5be2.rb3.i686.rpm
ep-init-9.70-23.g4e18831.rb3.noarch.rpm
ep-ipsfb-9.70-1.g320b01e.rb2.i686.rpm
ep-license-tools-9.70-34.g872c949.rb3.i686.rpm
ep-logging-9.70-17.g9cd028e.rb3.i686.rpm
ep-mdw-9.70-861.g9a93a413.rb6.i686.rpm
ep-migration-agent-9.70-3.g90aab21.rb2.i686.rpm
ep-notifier-9.70-1.g45423be.rb2.i686.rpm
ep-raidtools-9.70-3.g03051d2.rb2.i686.rpm
ep-red-9.70-62.g12a281e.rb4.i686.rpm
ep-restd-9.70-15.g53585f2.rb3.i686.rpm
ep-sandboxd-9.70-64.ge1a2d13.rb3.i686.rpm
ep-screenmgr-9.70-4.g45070e0.rb4.i686.rpm
ep-selfmon-9.70-3.gbdffbfa.rb2.i686.rpm
ep-sms-client-9.70-1.g093414d.rb2.i686.rpm
ep-spx-auth-9.70-1.g7215482.rb2.i686.rpm
ep-tools-9.70-34.g872c949.rb3.i686.rpm
ep-tools-cpld-9.70-34.g872c949.rb3.i686.rpm
ep-u2d-download-9.70-1.g408cca4.rb2.i686.rpm
ep-up2date-9.70-37.g43f686c.rb4.i686.rpm
ep-up2date-downloader-9.70-37.g43f686c.rb4.i686.rpm
ep-up2date-pattern-install-9.70-37.g43f686c.rb4.i686.rpm
ep-up2date-system-install-9.70-37.g43f686c.rb4.i686.rpm
ep-webadmin-9.70-836.g48cd074fe.rb6.i686.rpm
ep-webadmin-contentmanager-9.70-63.g6280375.rb5.i686.rpm
ep-webadmin-spx-9.70-6.gfd2711b.rb3.i686.rpm
ep-chroot-ntp-9.70-6.gef1063f.rb3.noarch.rpm
ep-chroot-smtp-9.70-92.gbc63ae8.rb4.i686.rpm
chroot-bind-9.11.3-0.403647303.g5123c2a.rb3.i686.rpm
chroot-ipsec-9.70-88.g65f41bd.rb2.i686.rpm
chroot-smtp-9.70-65.gcae74a42.rb3.i686.rpm
ep-httpproxy-9.70-288.g5085a26a.rb4.i686.rpm
net-snmp-chroot-5.7.3-791.g81d5fde4.rb3.i686.rpm
quagga-chroot-0.99.24-467.g2499c5e8.rb3.i686.rpm
ep-release-9.710-1.noarch.rpm