Sophos has today released an update with the version number 9.502-4 for the Sophos UTM. The update is intended to fix a total of 39 problems.
Unfortunately, Sophos has not had such a lucky hand with updates for the UTM in the past, so the last update fixed some problems, but also caused new ones. Unfortunately, this makes extensive testing necessary in the meantime.
According to Sophos, the following problems have been fixed:
- [NUTM-8127]: [AWS] Link to CloudFormation console during cloudupdate is not working
- [NUTM-3213]: [Access & Identity] Inconsistent behavior/state when deleting a user cert
- [NUTM-3283]: [Access & Identity] IPSec: VPN ID shall not include blanks
- [NUTM-3294]: [Access & Identity] Menu option (keyboard layout) background not rendered properly in IE (version 11.0.9600.17728)
- [NUTM-6972]: [Access & Identity] SSLVPN disconnection: backend AD sync
- [NUTM-7897]: [Access & Identity] Argos doesn’t start in HA setup without IP address
- [NUTM-7940]: [Access & Identity] Client Authentication daemon crashes in HA scenario
- [NUTM-7982]: [Access & Identity] SSL VPN connection not possible since v9.5 if organization name contains umlauts
- [NUTM-7996]: [Access & Identity] Devices authenticated via SAA are no longer associated with multiple user network objects in UTM 9.5
- [NUTM-8122]: [Access & Identity] L2TP connections with separate DHCP server does not work
- [NUTM-8146]: [Access & Identity] PPTP fails to connect when Assign IP addresses by is set to DHCP Server
- [NUTM-8147]: [Access & Identity] OpenVPN vulnerabilities
- [NUTM-8161]: [Access & Identity] OpenVPN vulnerabilities (client part)
- [NUTM-8280]: [Access & Identity] High confd load through UMA
- [NUTM-8130]: [Basesystem] Linux vulnerability ‚The Stack Clash‘
- [NUTM-8156]: [Basesystem] Apache httpd vulnerability (CVE-2017-3169)
- [NUTM-7235]: [Confd] READONLY user can download support package
- [NUTM-7425]: [Email] Emailenc causing high load – permanently 100% CPU usage
- [NUTM-7790]: [Email] Restrict long regular expression in WebAdmin
- [NUTM-7876]: [Email] POP3 Proxy stops working after some time
- [NUTM-7889]: [Email] Sandbox scan doesn’t work – worker_do_get_file req content parsing error or missing parameters
- [NUTM-6116]: [Network] Service_monitor sets wrong IP address for availability group
- [NUTM-7647]: [Network] WAN random disconnects
- [NUTM-7735]: [Network] ATP doesn’t work with „Send anonymous application accuracy telemetry data“ disabled.
- [NUTM-7950]: [Network] Dhcp client not running – restarted
- [NUTM-8015]: [Network] Main interface IP address swapped by additional address for DHCP setup
- [NUTM-7543]: [Reporting] Calculate correct malware count for ExecReport
- [NUTM-7609]: [Reporting] Websec-reporter is constantly restarting
- [NUTM-7725]: [Reporting] High latency while navigating through WebAdmin after trying to display Web Reports
- [NUTM-7878]: [WAF] Segfault for HTTP 1.0 requests when cookie rewriting is enabled
- [NUTM-6845]: [Web] https://sslvpn.goodix.com does not loads through UTM PROXY
- [NUTM-7467]: [Web] Sandstorm communication issues in some configurations
- [NUTM-7697]: [Web] httpproxy.ConfdReload – core dump generated during configuration reload
- [NUTM-7895]: [Web] Enable SMB2 in Samba
- [NUTM-7939]: [Web] Chrome v58 and higher fail verification with HTTPS scanning enabled
- [NUTM-7967]: [Web] httpproxy coredump
- [NUTM-6950]: [WiFi] APs displayed as inactive in WebAdmin while clients connect to SSIDs which are still being broadcasted
- [NUTM-7495]: [WiFi] Wireless client IP in Webadmin not updated after changing the SSID
- [NUTM-7962]: [WiFi] Split traffic not working for wireless clients on RED15w after upgrade to v9.5
Anyone who has not yet been offered the update via Up2Date can download it here and install it manually:
u2d-sys-9.501005-502004.tgz.gpg
The update requires a restart of the UTM, AccessPoints and Sophos REDs are also restarted after the firmware update.