Sophos has released a new update for the UTM. The update has the version number 9.700-5 and includes the following new features:
- Support for new APX AccessPoints
- Certificate Chain support for WebAdmin and UserPortal
- Certificate Chain Support for WebProxy
- New RED Site 2 Site Protocol
- Retirement of UTM Endpoint Management
The following problems have also been fixed:
- NUTM-10804 [Access & Identity] strongSwan vulnerability fix (CVE-2010-2628, CVE-2018-17540)
- NUTM-10485 [Email] POP3 E-Mail blocked message won’t be displayed properly in some MS Outlook versions
- NUTM-10745 [Email] Quarantine mail older than 14 days are not getting removed
- NUTM-10958 [Email] Quarantined SPX Mails which are released are still available on UTM
- NUTM-10192 [RED] Patch OpenSSL (CVE-2018-0732)
- NUTM-11141 [Sandstorm] Add support for Sandstorm’s Frankfurt data centre
- NUTM-10454 [WAF] SAVI integration doesn’t support scanning files larger than 2GB
- NUTM-10873 [WAF] Underscore in DNS hostname makes WAF unusable
- NUTM-11162 [WAF] Authentication through WAF with URL hardening enabled and umlaut in password fails
- NUTM-11202 [Web] Conform to Apple’s new certificate requirements introduced in iOS13 and macOS10.15
The new features are more than meager, the UTM can now deliver the certificate chains and supports some new Sophos hardware. The Endpoint Protection feature has been removed as it is no longer supported.
If the update is not yet available via Up2Date, it can be downloaded directly here:
https://download.astaro.com/UTM/v9/up2date/u2d-sys-9.605001-700005.tgz.gpg
Here is the post in the Sophos Community, so far no one has reported problems there, but a backup is still mandatory as always:
PS: The update has run without any problems for me so far, but I hardly use any of the UTM features any more.
Update 10/07/2019Apparently there were problems with version 9.700-4, this update is no longer available and there is version 9.700-5, which was released today on October 7th. I have therefore updated this article. I also added the note that there are problems with RED S2S Tunnel:
An issue has been discovered where after the update RED Site-to-Site tunnels may not work. This issue does not affect deployments using hardware RED devices. Environments having RED Site-to-Site tunnels deployed should NOT update to 9.7 as of now. Please see the related KB article.