Beschreibung
Bemerkungen
Das Update ist von allen SFOS 17.0 MR1 Installationen aus verfügbar.
Das Update ist für alle SFOS Versionen über das MySophos Portal verfügbar.
Betroffene Produktgruppen
Bugfixes
- NC-22609: [Access] Unable to import groups inside multiple OUs from AD
- NC-19427 : [API] Wrong date in validationError.log
- NC-22394: [Authentication] User Portal login is logged as SSL VPN login
- NC-22769: [Authentication] When importing from AD, the name of OUs which are inherited by multiple OUs and groups is not shown correctly
- NC-23112: [Authentication] Authentication Agent - getting logged out automatically at random time
- NC-19665: [Backup-Restore] Downloading backup creates Java exceptions
- NC-21785: [Base System] Wizard UI Improvements
- NC-22229: [Base System] SG115: pressing power off button does not shutdown appliance
- NC-22574: [Base System] Control center misleadingly shows notification of new firmware availability for few minutes after firmware upgrade
- NC-22631: [Base System] Typo in fwinstaller
- NC-22688: [Base System, Certificates] Missing QuoVadis Root Certificate
- NC-22771: [Base System] Export of 16.5 MR8 and import into v17.0 GA fails for configs without hostname<br />
- NC-22780: [Base System] Migration from CR to SF failed on CR500ia-10F appliance
- NC-22911: [Base System] Blank screen is displayed when user synchronizes license after successful registration
- NC-25573: [Base System] Users cannot activate license keys from SFOS
- NC-22354: [Certificates] Passphrase box disappears after trying to upload a CA with private-key after upload fails
- NC-22734: [Clientless Access] HTML5 VPN: keyboard input not working on Android devices
- NC-22751: [Documentation] Japanese translation for LogViewer missing
- NC-17413: [Firewall] Business rules created with device destined IP address can't be blocked with network rules
- NC-20602: [Firewall] Incorrect validation for local acl and zone where HTTPS is disabled from current login zone
- NC-21180: [Firewall] Add "Action" column to firewall rule grouping
- NC-21897: [Firewall] Import/Export of firewall rule with dependent entity fails when a VLAN is configured on WAN
- NC-22219: [Firewall] Issue with SNAT policy with multiple gateways
- NC-22557 : [Firewall] Service edit option not working in specific case
- NC-22670: [Firewall] Unable to create RED interface
- NC-22923: [Firewall] Hostset ERROR: XG stopped Responding
- NC-22932: [Firewall] Export/Import fails for every entity after exporting Security Policy entity
- NC-22946: [Firewall] Typo in SF API documentation for IP host object
- NC-22958: [Firewall, SFM-SCFM] SFM Compatibility v17: DNAT rule cannot be updated in some combinations of forward type
- NC-22982: [Firewall] Incorrect position of firewall rule name in Firefox
- NC-22424: [Framework(UI)] Close notification button does not work properly
- NC-22917: [Framework(UI)] Infomation icon does not show any info text in authentication page
- NC-21856: [IPS] In AppFilter policy smart filter values are still displayed after removal
- NC-22448: [IPS] Custom IPS signature not working for all keyword supported by snort
- NC-22753: [IPS] Application filter is not updated when there is no application matching smart filte
- NC-22834: [IPS] Application Filter Policy: All application is showing while editing through firewall rule with "selected individual application"
- NC-22382: [IPsec] IPsec UI allow to configure incompatible policy resulting in a silent DPD action change in the backend
- NC-22383: [IPsec] Typo in IPsec policy list: 'Action on Active Peer'
- NC-22489: [IPsec] Incorrect IP routes added for local VPN traffic in case of NAT over IPsec
- NC-22502: [IPsec] IPsec PSK secrets files do not contain local VPN IP
- NC-22620: [IPsec] DGD can not be disabled
- NC-22622: [IPsec] 'Remote ID' value shows blank on UI for IPSEC connection when external cert is used
- NC-22633: [IPsec] Activate on save tries to connect to respond only connections
- NC-22793: [IPsec] Cisco VPN connection with cert auth not working on iOS using config from userportal
- NC-22888: [IPsec] IPsec S2S tunnel with PSK and local/remote ids not working
- NC-22892: [IPsec] Aggressive mode IPsec policys are not filtered correctly in UI
- NC-22900: [IPsec] Cannot create 2 IPsec RSA connections with same local id to different remote gateways
- NC-22914: [IPsec] Connection status for DGD IPsec connections is not shown correctly
- NC-23035: [IPsec] DGD table locked - postgres has returned errcode 25P02
- NC-23125: IPsec] "Randomize Re-Keying Margin by" - When setting the value to 0%, UI displays 100% after saving the policy
- NC-23186: [IPsec] IPsec status not displayed when too many SAs are established
- NC-22549: [Logging] Sandstorm logo displayed in RED for reason "eligible","pending" & "Cloud Malicious"
- NC-22745: [Logging] Port and protocol information are missing in LogViewer standard view and filter
- NC-15612: [Mail Proxy] Update DLP engine and CCL data
- NC-19881: [Mail Proxy] Whitelist and blacklist for e-mail/domains in WebAdmin
- NC-21366: [Mail Proxy] Spam e-mails pass due to error " X-CTCH-Error: Unable to connect local ctasd"
- NC-21437: [Mail Proxy] Mail addresses with "systems" or "solutions" as top level domain cannot be added in address groups
- NC-21671: [Mail Proxy] Message is not displayed properly in LogViewer
- NC-21891: [Mail Proxy] Spam headers displayed in e-mail when sent through reply portal
- NC-22271: [Mail Proxy] Issues with mails in spool marked with a firewall ID
- NC-22921: [Mail Proxy] Email flow is affected for recipients using TLS1.0
- NC-25332: [Mail Proxy] awarrenmta service segfaults when IP reputation is enabled
- NC-22504: [Network Services] Unable to assign two static IP mappings for the same host in different DHCP scopes
- NC-22163: [Networking] OSPF Neighbors not updated on changing multicast group limit
- NC-22539: [Networking] Fail to add vlan when specific DHCP server confiration migrated
- NC-22662: [Networking] Unable to make changes in WAN Link Manager for an interface with /31 subnet
- NC-21952: [RED] Site-to-Site RED tunnel between XG and UTM does not pass traffic with hardware acceleration enabled
- NC-22433: [RED] Generating certificates fails when long company name is used
- NC-22174: [Reporting] Missing size verification on custom logo for on-box reporting
- NC-22819: [Reporting] Application reports stop working after enabling Sync App Control
- NC-22853: [Reporting] Drill down is not working in mail report when "Mail Count" is selected as sortby
- NC-22868: [Reporting] Font style mismatch
- NC-22364: [SecurityHeartbeat] EP_Certificates table not available error
- NC-22778: [SecurityHeartbeat] Heartbeat registration fails with appliance in HA
- NC-22151: [SSLVPN] When using special character in Appliance Certificate, SSL VPN connection fails
- NC-22116: [Synchronized App Control] Last occurance time of applications in SAC is not consistent between HA nodes
- NC-22384: [Synchronized App Control] After de-registration of Heartbeat enhancedappctrl service is still running
- NC-22440: [Synchronized App Control] Sort list of categories in SAC customize menu
- NC-22766: [Synchronized App Control] Path of a customized app is shortened in SAC customize popup when app path contains slashes
- NC-22768: [Synchronized App Control] Uncategorized category is shown twice in the SAC customize popup
- NC-22813: [Synchronized App Control] Fixed height for SAC data table
- NC-22824: [Synchronized App Control] EP name with special character is not displayed correctly for macOS in SAC list
- NC-22962 : [Synchronized App Control] Show category in SAC app list
- NC-22544: [UI] Incorrect start time displayed in Live Users list
- NC-22576: [UI] Disclaimer message is shown without line breaks
- NC-25275: [UI] Internet usage time displayed "NaN:NaN" value in Live Users list
- NC-22319: [WAF] "Edit Reverse Authentication" dialog contains untranslatable strings
- NC-22521: [WAF] Leftover of shm files cause a WAF restart loop
- NC-21534: [Web] Certificate error on accessing sites with https scanning enabled
- NC-21930: [Web] Incorrect Error message on Captive Portal when the user exceeds the number of simultaneous logins
- NC-22023: [Web] Word list files with non-UTF8 or whitespace-only should not be uploaded successfully
- NC-22124: [Web] Web Policy rule is converted to "AllWebTraffic" when adding more than one backslash character in the rule
- NC-22125: [Web] When maximum limit is reached, web exceptions cannot be updated anymore
- NC-22403: [Web] Certificate Error while accessing Outlook with direct proxy
- NC-22653: [Web] Policy Tester does not display backslash in policy name correctly
- NC-22721: [Web] AVD dies unpredictably when it runs out of memory
- NC-22800: [Web] AVD stability fixes
- NC-22930: [Web] Server side rbuf not reset for reused request
- NC-22954: [Web] Access to Custom Captive Portal does not work
- NC-23156: [Web] Not able to access any websites due to malformed ATP data update
- NC-23163: [Web] Font color for Initial Setup Wizard changes
- NC-12089 : [Wireless] Unable to edit alias of "GuestAP" interface
- NC-19166: [Wireless] SSID disappears randomly with Dynamic Channel Selection
- NC-20761: [Wireless] Wireless Client List shows wrong IP address after network change
- NC-21369: [Wireless] VLAN and non VLAN SSIDs can't be selected at the same time for RED15w
- NC-22358: [Wireless] SSID is not broadcasted from time to time
- NC-22852: [Wireless] Wireless network interface status states being unplugged