Sophos released this new update, and it’s already GA:
Release notes:
Up2Date 9.719003 package description:
Remarks:
System will be rebooted
Configuration will be upgraded
News:
Maintenance Release
Bugfixes:
Fix [NUTM-14447]: [AWS, Network] VPC Route Propagation not working for added/Deleted Networks while connected.
Fix [NUTM-12916]: [Basesystem] Curl vulnerabilities – CVE-2021-22924, CVE-2023-28321, CVE-2023-28322 and others
Fix [NUTM-13857]: [Basesystem] Tinyproxy vulnerability (ha_proxy) – CVE-2022-40468
Fix [NUTM-14381]: [Basesystem] Ulogd coredump
Fix [NUTM-14452]: [Basesystem] OpenVPN config files are not compatible with OpenVPN 3 clients
Fix [NUTM-14464]: [Basesystem] Add Sophos wildcard URL to default HTTPS scanning exceptions
Fix [NUTM-14319]: [Configuration Management, Security] Strengthen backup encryption
Fix [NUTM-14102]: [Email] Upgrade Exim to 4.97.1
Fix [NUTM-14364]: [Email] S/MIME: WARNING – Encrypted, but cannot verify signature – on reply emails
Fix [NUTM-14465]: [HA/Cluster] Firewall misconfiguration could lead to ha_proxy acting as open proxy
Fix [NUTM-14442]: [UI Framework] Arbitrary Host Header Manipulation in User Portal
Fix [NUTM-14456]: [UI Framework] Wifi – Add a banner to remind admins that EOL Access Points are in use
Fix [NUTM-14487]: [UI Framework] POST to WebAdmin with no Content-Type header causes worker crash
Fix [NUTM-14486]: [WAF] WAF Segmentation fault with coredump
Fix [NUTM-12897]: [Web] Open redirection issue in login page
RPM packages contained:
libaviraglue-9.70-17.g7d138af.rb3.i686.rpm
libaviraglue-64-9.70-17.g7d138af.rb3.x86_64.rpm
libcurl4-7.37.0-70.66.2.0.gfe830c0f.rb10.i686.rpm
libcurl4-64-7.37.0-70.66.2.0.gfe830c0f.rb6.x86_64.rpm
libnl-3.2.24-1.9.g604a493.rb4.i686.rpm
libsaviglue-9.70-50.g9145257.rb5.i686.rpm
libsaviglue-64-9.70-50.g9145257.rb5.x86_64.rpm
client-openvpn-9.70-7.gcb1c73f.rb3.noarch.rpm
curl-7.37.0-70.66.2.0.gfe830c0f.rb10.i686.rpm
modauthnzaua-9.70-397.g6005c2a.rb2.i686.rpm
modauthzblacklist-9.70-397.g6005c2a.rb2.i686.rpm
modavscan-9.70-397.g6005c2a.rb2.i686.rpm
modcookie-9.70-397.g6005c2a.rb2.i686.rpm
modcustomblockpage-9.70-398.g47dde87.rb2.i686.rpm
modfirehose-2.5_SVNr1309567-1204.g47dde87.rb2.i686.rpm
modreverseauth-9.70-397.g6005c2a.rb2.i686.rpm
modsessionserver-9.70-397.g6005c2a.rb2.i686.rpm
modurlhardening-9.70-398.g47dde87.rb2.i686.rpm
perl-Crypt-PBKDF2-0.150900-10.462399161.g0d39723.rb12.noarch.rpm
perl-Digest-SHA3-1.05-10.462399161.g0d39723.rb6.i686.rpm
perl-namespace-autoclean-0.12-1.0.ga42d46e.noarch.rpm
rubygem-sophos-iaas-1.0.0-1.0.452022639.g58158f7b.rb2.i686.rpm
smcroute-2.5.6-0.465517281.ge5a61eb.rb3.i686.rpm
ep-confd-9.70-1042.gd79b5c4ef.rb1.i686.rpm
ep-confd-tools-9.70-984.g34e3f0589.rb25.i686.rpm
ep-ha-aws-9.70-19.g58158f7b.rb2.noarch.rpm
ep-init-9.70-31.gfaad963.rb4.noarch.rpm
ep-localization-afg-9.70-46.g544e26e.rb3.i686.rpm
ep-localization-ang-9.70-46.g544e26e.rb3.i686.rpm
ep-localization-asg-9.70-46.g544e26e.rb3.i686.rpm
ep-localization-atg-9.70-46.g544e26e.rb3.i686.rpm
ep-localization-aug-9.70-46.g544e26e.rb3.i686.rpm
ep-mdw-9.70-947.gfa164075.rb7.i686.rpm
ep-webadmin-9.70-877.g616b59132.rb7.i686.rpm
ep-cloud-ec2-9.70-12.g3cb38fa.rb2.i686.rpm
ep-chroot-ha_proxy-9.70-2.g57bd5ec.rb2.i686.rpm
ep-chroot-httpd-9.70-40.ge626ad8.rb4.noarch.rpm
ep-chroot-smtp-9.70-113.g1d07dcf.rb5.i686.rpm
chroot-ha_proxy-1.8.1-14.g57bd5ec.rb2.i686.rpm
chroot-ipsec-9.70-91.g89fe472.rb11.i686.rpm
chroot-smtp-9.70-79.gca7bc761.rb4.i686.rpm
ep-httpproxy-9.70-398.g8b30f34d.rb5.i686.rpm
ep-httpproxy-64-9.70-398.g8b30f34d.rb5.x86_64.rpm
ep-httpproxy-perl-helpers-9.70-398.g8b30f34d.rb5.i686.rpm
ep-httpproxy-user-account-9.70-398.g8b30f34d.rb5.noarch.rpm
ep-release-9.719-3.noarch.rpm