SFOS 17.5 MR6

Bugfixes

• NC-40785: [API Framework] Incorrect data types and values in API documentation
• NC-44687: [API Framework] Unable to update webadmin settings when WAF rule with port 80 is configured
• NC-43933: [Authentication] csd not cleaning up stale connections
• NC-45077: [Authentication] Some LDAP users are not associated with the expected group
• NC-45283: [Authentication] Memory leak in access server
• NC-46024: [Authentication] Guest user registration is not working after upgrading to 17.5 MR4
• NC-46572: [Authentication] Race condition in access server when setting authserverid
• NC-44178: [Backup-Restore] Unnecessary selection button when downloading backup without encryption password
• NC-45532: [Clientless Access] Clientless SMB Bookmark - Unable to upload files in a folder or share with an apostrophe
• NC-39353: [Core Utils] Brazilian timezone and DST problem
• NC-40924: [Core Utils] ATP patterns filling up /content/ folder
• NC-43506: [DHCP] Established connection is destroyed when dynamic WAN interface gets configured
• NC-46351: [DHCP] DHCP service dies on firmware upgrade
• NC-43624: [Dynamic Routing (PIM)] Coredump from pimd while applying interfaces in pim-sm in HA-AA case
• NC-41225: [Email] Assertion while scanning mail with custom file mime type
• NC-42752: [Email] Issues with certificate chain
• NC-42986: [Email] Mail application usage reports shows 0bytes for POP and IMAP
• NC-43179: [Email] Mails stuck in queue when email id contains '='
• NC-43285: [Email] Filtering for bounced mails freezes mail log page
• NC-43399: [Email] "DKIM: validation of body hash failed" when DKIM signed mail gets forwarded by XG
• NC-43445: [Email] Mails are split in different header information and hang in spool
• NC-43539: [Email] Unable to access appliance after restoring backup
• NC-44131: [Email] Core dumps in smtpd while deleting mail from mail spool page
• NC-44490: [Email] Unable to use CAs with ECC certificates
• NC-44559: [Email] Conan engine does not get upgraded on migration
• NC-44662: [Email] Mails with folded headers might not be processed correctly
• NC-45144 : [Email] Exim complaining about illegal header file
• NC-45223: [Email] Unable to filter mail log with some special russian characters
• NC-46145: [Email] Email notification using external mail server not working after upgrading to 17.5 MR4
• NC-42902: [Firewall] IPsec traffic flows only after REKEY event
• NC-44344: [Firewall] Not able to enable IP Spoofing on more than 18 zones
• NC-46188: [Firewall] GUI icons broken in firewall rules
• NC-44083: [Hotspot] Hotspot voucher created in HA setup is expired and has used data attached to it
• NC-38688: [IPsec] Sporadic connection interruption to local XG after IPsec rekeying
• NC-41631: [IPsec] Tunnel not established in HA setup
• NC-43220: [IPsec] Unable to use "Reset" button on Sophos Connect settings page
• NC-43898: [IPsec] Improve udp/500 firewall rule activation
• NC-44072: [IPsec] Charon timeout while starting on small appliances with 20+ IPsec tunnels and auth type 'rsa'
• NC-44240: [IPsec] XG not accepting MODP_1024 DH during IKE negotiations
• NC-44016: [Logging Framework] Garner segfault in Central Management plugin of garner
• NC-44693: [Logging Framework, SecurityHeartbeat] Reports are not being generated
• NC-45339: [Logging Framework] Assertion fail in garner causing RED clients to disconnect
• NC-46535: [Logging Framework] Memory leak in notification plugin
• NC-44531: [nSXLd] nSXLd connection handling improvements
• NC-46117: [Policy Routing] Traffic passing through IPSec link though policy route (MPLS) has high priority
• NC-30294: [PPPoE] PPPoE interface graph is showing incorrect bandwidth information
• NC-33657: [SFM-SCFM] API output shows "Configuration parameters validation failed"
• NC-44007: [SFM-SCFM] Error message on GUI: SSOD is stopped
• NC-44562: [SFM-SCFM] Backup snapshot has not been restored from SFM when SF having encrypted password for backup
• NC-43684: [SNMP] libsnmp segfaults for "AVVERSION Get"
• NC-44695: [SSLVPN] Unable to connect via SSL VPN after migrating from CROS
• NC-46253: [SupportAccess] Backport: Cannot connect to WebAdmin via SupportAccess
• NC-43936: [UI Framework] Guest Users page not loading after deleting the last page of available Guest Users
• NC-44018: [UI Framework] Type of icon should be drop-down instead of icon of increase-decrease
• NC-44283: [UI Framework] Cannot load Connection Details page of an IPsec VPN connection when Chinese characters are used in local/remote host configuration
• NC-45358: [WAF] Privilege escalation from modules' scripts (CVE-2019-0211)
• NC-45544: [WAF] Reduce memory footprint
• NC-45974: [WAF] URL normalization inconsistency (CVE-2019-0220)
• NC-46104: [WAF] HTML rewriting in large embedded CSS causes appliance to reboot due to OOM
• NC-46810: [WAF] NULL pointer dereference in mod_proxy_html
• NC-43970: [Web] Policy editor window doesn't close when new policy created
• NC-44089: [Web] Backslashes not properly escaped on User Activities page
• NC-44228: [Web] Web categorization fails randomly
• NC-44609: [Web] Incorrect parsing of DNS responses leads to 502 errors
• NC-45020: [Web] Memory leak in sandbox pending page
• NC-45094: [Web] SSL scan not on in case of force_ntlm on transparent connection
• NC-27524: [Wireless] Restoring backup of Cyberoam 10.6.5050 GA not working when WLAN is configured
• NC-45088: [Wireless] Selective export of WirelessNetworks with dependencies does not contain any dependencies
• NC-45405: [Wireless] Country field for AP shown empty while accepting it with multple pending APs
• NC-46142: [Wireless] SSID deleted but WiFi interface remains