A new update for Sophos UTM was released today, actually there are two updates:
Both updates can be downloaded here:
http://ftp.astaro.de/UTM/v9/up2date/
Here are the release notes:
Fix [NUTM-2392]: [AWS] Allow the user to select the security group to port during conversion
Fix [NUTM-5327]: [AWS] Confd object missing after instance recovery in HA scenario
Fix [NUTM-5339]: [AWS] [RESTD] allow unauthenticated access from localhost
Fix [NUTM-5466]: [AWS] ssh disabled – No connection to stack instances
Fix [NUTM-5882]: [AWS] Logging & Reporting overview does not show any information
Fix [NUTM-5901]: [AWS] [RESTD] Improve webadmin UI and documentation
Fix [NUTM-5981]: [AWS] Conversion feature always converts to BYOL
Fix [NUTM-6013]: [AWS] Fix communication issue with S3
Fix [NUTM-5110]: [Access & Identity] Since version 9.404 L2TP with Android doesn’t work
Fix [NUTM-5562]: [Access & Identity] UTM to UTM RED Tunnel doesn’t work anymore after only TLS 1.2 is allowed
Fix [NUTM-5674]: [Access & Identity] REDs offline after HA takeover – ‚RED is not bound to this system, disabling device‘
Fix [NUTM-5840]: [Access & Identity] 3G to WAN failover on RED15/RED50 does not work
Fix [NUTM-5661]: [Basesystem] quagga security update (CVE-2016-1245)
Fix [NUTM-5701]: [Basesystem] named fails to start after invalid host record
Fix [NUTM-5779]: [Basesystem] bind security update (CVE-2016-8864)
Fix [NUTM-5769]: [Confd] Configd error Datatype.pm line 319
Fix [NUTM-5787]: [Confd] Bridge can’t be converted back to ethernet if only red interfaces are used
Fix [NUTM-5997]: [Localization] Japanese translation error if using a string longer than 64 bytes as common_name
Fix [NUTM-5533]: [Network] ‚Block invalid packets‘ option doesn’t block invalid packets
Fix [NUTM-5595]: [Network] SIP Helper behavior clarification in ‚Any‘ expectation mode
Fix [NUTM-5513]: [Reporting] RRD reporting doesn’t show the warnings and alerts of the slave nodes in cluster setups
Fix [NUTM-5655]: [Reporting] Wrong count on websecvisits data
Fix [NUTM-5792]: [WAF] WAF coredump’ed after regular session cleanup
Fix [NUTM-5856]: [WAF] Special characters are encoded when HTML rewrite is enabled
Fix [NUTM-5075]: [WebAdmin] User test is not working with LDAP special characters in Base DN
Fix [NUTM-5317]: [WebAdmin] Persistent cookie for user portal working only once
Fix [NUTM-5761]: [WebAdmin] Translation in Webadmin is not consistent (web protection)
Fix [NUTM-5811]: [WebAdmin] Misleading default QoS interface downlink/uplink values
Fix [NUTM-5888]: [WebAdmin] Since v9.408 Authentication Server test fails after first creation
Fix [NUTM-5963]: [Web] Sandstorm not delivering Emails files from „Scan Pending“ state
Fix [NUTM-5303]: [WiFi] Characters in Hotspot terms of use not encoded correctly
Fix [NUTM-5876]: [WiFi] User field is blank on login at Hotspot with voucher
Fix [NUTM-6128]: [WiFi] FollowUp-NUTM-5303 – Characters in Hotspot terms of use not encoded correctly
And the release notes for the minor update:
Previous 9.409 Up2Date could fail to apply on UTMs that were installed with 9.406 or older
I have not yet managed to get the previous update on my virtual UTM to install. This update cannot be installed without errors for me either. After the update, virtual network cards are missing and new network cards are not recognized (VMware ESXi). I have therefore reinstalled my UTM with the latest version. So far, the current update is running with the new installation.
Before updating a virtual UTM, a snapshot should therefore be created so that an executable configuration can be restored quickly in the event of an error.