Beschreibung
Bemerkungen
Das Update ist von allen SFOS 16.05 Installationen aus verfügbar.
Das Update ist von allen SFOS Versionen über das MySophos Portal verfügbar.
Betroffene Produktgruppen
Bugfixes
- NC-19720: [API] SQL Injection: Application filter add type
- NC-19721: [API] SQL Injection: Proxy port config
- NC-19775: [API] SQL Injection: User add/edit
- NC-20840: [Authentication] SATC: users logged in and logged out continuously
- NC-19420: [Base System] "Don't register yet " link is not shown in Chinese language
- NC-19520: [Base System] Hotfix applied multiple times in SF device
- NC-19558: [Base System] Add kernel patch for 'Stack Clash'
- NC-19920: [Base System] Several vulnerabilitiy patches for Dropbear (CVE-2016-7409, CVE-2016-7408, CVE-2016-7407, CVE-2016-7406)
- NC-20753: [Base System] Changing of "admin" password in SFM does not replicate to the XG device and device is inaccessible due to password missmatch
- NC-21237: [Base System] Linux Kernel vulnerability "Dirty Cow" (CVE-2016-5195)
- NC-19330: [Firewall] XG live logs show packets out of time order
- NC-19659: [Firewall] Invalid IP Host import fails but leaves invalid db entries causing system framework failure
- NC-19674: [Firewall] Unidentified user usage from identity based rule
- NC-20343: [Firewall] Wrong GeoIP classification for some IP addresses
- NC-19745: [Hotspot] Hotspot custom voucher is changed to default upon hotspot update
- NC-19956: [Localization] XG translation error on the firewall policies page for Brazilian (PT-BR) language
- NC-19300: [Mail Proxy] Unable to parse or decode the contents of the email when the banner contains bare LF
- NC-19354: [Mail Proxy] Quarantined Emails are not visible in Webadmin
- NC-19829: [Mail Proxy] Email are bounced with SMTP/s scanning and RBL enabled
- NC-19873: [Mail Proxy] XG inconsistent NDR notification behaviour
- NC-19901: [Mail Proxy] Attachment name causing awarrentmta to stop
- NC-20490: [Mail Proxy] SMTP Quarantine data doesn't load in User Portal for all users
- NC-20784: [Mail Proxy] SMTP Quarantine data is not loading
- NC-19621: [Network Services] nslookup / dnslookup commands not using specified server
- NC-19136: [Networking] Incorrect information in System Graphs for bandwidth usage
- NC-19598 : [Networking] Gateway failover not working
- NC-19750: [Networking] IPv6 Policy Route not removed from system when gateway is deleted
- NC-19716: [UI] SQL Injection: Current Activities
- NC-19753: [UI] SQL Injection: filter function
- NC-19540 : [WAF] WAF - Fix CVE-2017-7679: mod_mime buffer overread
- NC-19717: [WAF] SQL injection: IPS backend server add
- NC-19718: [Web] SQL Injection: Proxy file type add
- NC-20787: [Web] Proxying is allowed through port 8090
- NC-19719: [Wireless] Blind code execution: Access point edit