Support-Portal
· Maintenance Release

SFOS 16.05.5 MR5

Beschreibung

Bemerkungen

Betroffene Produktgruppen

Bugfixes

  • NC-14549: [API] Unable to delete a web policy
  • NC-16612: [API] Can not configure second WAN link on any physical interface
  • NC-17948 : [API] Getting different autogenerated password for same guest user in HA (Primary and Auxiliary device)
  • NC-17955: [API] Unable to ping facebook.com from ping tool in the diagnostics page
  • NC-18595: [API] Issues with char encoding using Sophos API
  • NC-16205: [Authentication] First user login not registered with firewall
  • NC-17493: [Authentication] Radius authentication doesn't work for Webadmin login
  • NC-17767: [Authentication] AD users cannot login to userportal with samAccount name plus domain information in login
  • NC-18282: [Authentication] Client based SSO doesn't work
  • NC-18630: [Authentication] AD users email addresses will be cut if the email address contains more than 64 characters
  • NC-18940: [Authentication] access_server crash when multiple users log in at the same time
  • NC-18733: [Base System, License] UTM9 to SF – Eval to full license migration fails in one of two possible user flows
  • NC-13297: [Base System] Appliance certificate is invalid after import .xml file.
  • NC-16623: [Base System] Firmware install message shows "undefined" string instead of firmware display version on GUI
  • NC-16660: [Base System] CCL details XML information not displaying for Sandbox Events on System Service > Log Settings
  • NC-17339: [Base System] Hotspot with voucher and full customization can't be created
  • NC-17393: [Base System] Eval registration from a SG appliance results in multiple registration requests
  • NC-17545: [Base System] Interface names are not correct for 4-Port 10G module with CR200iNG-XP/CR300iNG-XP appliances
  • NC-17753: [Base System] User not displayed in correct format in log-viewer in case of email sandbox
  • NC-18497: [Base System] XG Home subscription - RAM in some corner cases gets Limited to 4GB than 6GB
  • NC-18830: [Base System] Appliance certificate's issuer CA not present resulting in not able to download SSL client from user portal
  • NC-3719: [Base System] VPN IPSec connection name length increase from 50 to 100
  • NC-8998: [Base System] During memtest from SFLoader, units don't reboot by pressing ESC button
  • NC-18485: [CR-to-CN_Migration] Migration failed from CR 10.6.5-050 to SF 16.05.3-MR3
  • NC-17334: [Certificates] Certificate Authority can not be deleted in specific scenario
  • NC-13570: [Clientless Access(HTTP/HTTPS)] Clientless Web Access: Site access issue with 'Restrict Web Application ON' in policy
  • NC-18639: [DDNS] IP not getting updated in case of NATed IP address using Sophos DDNS
  • NC-15754: [Date/Time Zone] Time Zone changes for Russia
  • NC-13855: [Firewall] CCL link not displaying for device access from group level and device level
  • NC-16484: [Firewall] Kernel Panic on 'IPSET -L' when host have more than 600 IPs
  • NC-16819: [Firewall] Device becomes inaccessible after deleting Business Policy rule
  • NC-17042: [Firewall] "Log Firewall Traffic" is unchecked in firewall rule but visible in log viewer
  • NC-17420: [Firewall] Unable to set proxy port as 80
  • NC-18425: [Firewall] In WAN to LAN rule firewall drop and reject doesn't work for HTTP and HTTPS traffic
  • NC-18618: [Firewall] Update of custom zone shows error "Record does not exist" on zone page when "Any" interface not bound with zone
  • NC-18844: [Firewall] Local ACL exception rule export-import fails
  • NC-18880: [Firewall] Existing iptables traffic redirection chains not removed when web proxy listening port is updated
  • NC-18709: [HA] All timers disabled in primary appliance (HA A-A )
  • NC-17806: [Hotspot] Voucher creation fails if the description includes ' or " sign
  • NC-17878: [Hotspot] Remove TLS v1.0 and DES/3DES/RC4 cipher algorithm from Hotspot login page
  • NC-16862: [IPS] Default CA blank because of company name more than chars(50)
  • NC-17561: [IPS] AWS Upload consumes 100% CPU and goes down only when IPS is disabled
  • NC-18617: [IPS] IPS restarting (sometimes) while enabling ATP or on ATP policy change
  • NC-18208: [License] License does not update in Auxiliary appliance in case of standalone in HA Active-Passive mode
  • NC-18521: [License] Unable to increase virtual cores after license upgrade
  • NC-11596: [Mail Proxy] Vulnerability fix for CVE-2011-1473
  • NC-17072: [Mail Proxy] SMTP DOS max Recipients exceeds limit
  • NC-17311: [Mail Proxy] File filter is not working if file name is very large (i.e. 1k)
  • NC-17738: [Mail Proxy] SPX encrypted PDF doesn't render properly in case of very long sender address
  • NC-17875 : [Mail Proxy] SMTP service doesn't in MTA mode after switching back and forth between MTA and Legacy Mode multiple times
  • NC-18353 : [Mail Proxy] Image file within compressed files not being allowed with white listing
  • NC-18493: [Mail Proxy] SMTP service (MTA mode) doesn't deliver mails when receiving and forwarding n/w are on different IP family (ipv4/ipv6)
  • NC-18548: [Mail Proxy] Sender notification not send when DPP action set as accept with SPX and SPX type as specified by recipient
  • NC-18869: [Mail Proxy] SF failing PCI compliance on port 25 due to MTA mode responding to RC4 ciphers
  • NC-18958: [Mail Proxy] System files are accessible to authenticated non-admin users
  • NC-17781: [Network Services] Static Mac-IP binding
  • NC-18696: [Network Services] 4G dongle(D-Link DWM-222) not detected
  • NC-12852: [Networking] DHCP Relay flood customer network
  • NC-18828: [RED] RED15 tunnel disconnect and data traffic is higher before disconnect
  • NC-17846: [Reporting] Not able to get reports in case of long email sender (>256)
  • NC-18769: [Reporting] Records for more than 256 character for sender/receiver should be properly displayed in PDF export
  • NC-17978: [SSLVPN] Unable to delete bridge interface when bridge host is used in SSL VPN Site to Site
  • NC-18424: [SSLVPN] SSLVPN Client fails to connect if certificate character has "ã" in the certificate attributes
  • NC-18885: [SSLVPN] Openvpn Denial of Service due to Exhaustion of Packet-ID counter (CVE-2017-7479)
  • NC-18265: [Sandstorm] SFM CCL: XML API changes missing for Sandstorm activity in System > Profiles > Device Access
  • NC-17391: [SupportAccess] SupportAccess: UMA sometimes sends "ApuPort 0" in WebadminResponse
  • NC-11775: [VPN] Import for selective configuration with "include dependent entity" failed
  • NC-18039: [VPN] IPSec services is restarting continuously
  • NC-17862: [WAF] Remote users accessing the site for the web server forwarded with WAF intermittently lose access to the site
  • NC-18923: [WAF] Segfault for HTTP1.0 requests when cookie rewriting is enabled
  • NC-18395: [Web] Not getting website category in custom message for unauthenticated blocks
  • NC-18620: [Wireless] Unable to change the encryption to TKIP or TKIP&AES, settings are reverted back to AES after saving
  • NC-18623: [Wireless] Wireless clients not able to authenticate after patches applied from NC-13982
  • NC-18628: [Wireless] Unable to change channel_width for an AP(5GHz) from cli
  • NC-18698: [Wireless] Internal AP in "W" models are broadcasting the incorrect case for country code
  • NC-18750: [Wireless] SSIDs are suddenly not broadcasted and connections are getting dropped
  • NC-18792: [Wireless] LocalWiFi - failed to configure IP address on Bridge to LAN interface if configuration is done immediately
  • NC-18960: [Wireless] Wireless network stops broadcasting on in-built Wifi Appliance models