Sophos UTM: New update (9.506-2)

Sophos released a new update for the Sophos UTM on 21.11.2017 which fixes numerous problems. For me, the update is not yet offered via Up2Date.

Here is a list of fixed problems:

• NUTM-8651: [AWS] AWS Permission for „Import Via Amazon Credentials“
• NUTM-7678: [Access & Identity] Pluto dies with coredump at L2TP connections
• NUTM-8211: [Access & Identity] SSL VPN connection issue with prefetched AD groups
• NUTM-8756: [Access & Identity] AUA debug log contains plain text passwords
• NUTM-8889: [Access & Identity] ESPdump with algorithm GCM does not work
• NUTM-8912: [Access & Identity] HTML5 VPN: keyboard input not working on Android devices
• NUTM-7670: [Basesystem] Update to BIND 9.10.6
• NUTM-8427: [Basesystem] postgres[xxxxx: [x-x] FATAL: could not create shared memory segment: No space left on device
• NUTM-8769: [Basesystem] Small models of SG105 / SG115 / SG125 / SG135 take over 5 minutes to accept network connection
• NUTM-9063: [Configuration Management] Regenerating the Web Proxy CA breaks all SSL VPN clients
• NUTM-8313: [Email] POP3 Proxy generate core dumps in versions v9.414 and v9.501
• NUTM-8509: [Email] Remove 3DES and SHA1 from SMIME
• NUTM-8645: [Email] MIME Type Detection 9.5
• NUTM-9061: [Email] User cannot open the SMTP Routing tab
• NUTM-8419: [Logging] „Search Log Files“ has different search result in spite of same time frame
• NUTM-8783: [Logging] SMBv1 still required for remote logging to a smb share
• NUTM-8341: [Network] Network monitor core dump
• NUTM-8685: [Network] Some clients display an „Unknown“ vendor on the wireless client list
• NUTM-8738: [Network] Error messages in fallback log about damaged static routes
• NUTM-8838: [Network] Watchdog constantly consumes 100% CPU
• NUTM-7396: [RED] UTM RED kernel log shows „seq invalid“ messages
• NUTM-6968: [REST API] Restd: supporting usage of new object right after creation
• NUTM-7981: [Reporting] WAF-reporter logs irrelevant information
• NUTM-8359: [Reporting] SMTP log on Mail Manager is empty after upgrading postgres to 64bit
• NUTM-7802: [Sandboxd] If using a ‚ character in the email address, postgres is not able to insert this to the TransactionLog (Sandbox)
• NUTM-8715: [UI Framework] Unable to access „Manage Computers“ page
• NUTM-8061: [WAF] WAF still reporting virus found when AV engine on the UTM is updating
• NUTM-8751: [WAF] Newly created web server listens on the slave node instead of the master node
• NUTM-8806: [WAF] Issue with TLS settings for virtual webserver
• NUTM-8861: [WAF] Leftover of shm files cause a WAF restart loop
• NUTM-5964: [WebAdmin] Support Access: WebAdmin not properly displayed after login via APU
• NUTM-8512: [WebAdmin] Can’t use string („0“) as a HASH ref while „strict refs“ in use at /wfe/asg/modules/asg_ca.pm line 1105
• NUTM-8571: [WebAdmin] User with only „Report Auditor“ rights receives strict refs error after login into WebAdmin
• NUTM-8807: [WebAdmin] External link to Sophos UTM Knowledge Base is not correct
• NUTM-8871: [WebAdmin] Year of Single Time Events cannot be later than 2019
• NUTM-7994: [Web] Customized templates do not allow to accept quota and access site
• NUTM-8037: [Web] HA: Low disk space alert from slave
• NUTM-8107: [Web] CONFD.PLX is taking high CPU load
• NUTM-8502: [Web] HTTP Proxy coredumps with CentralFreeList in v9.413
• NUTM-8687: [Web] Segfault and coredump from HTTP proxy
• NUTM-8691: [Web] Certificate error on accessing sites with https scanning enabled
• NUTM-8752: [Web] NTLM Issue with AD SSO in Transparent Mode
• NUTM-8771: [Web] Wrong country showing up in Web proxy requests
• NUTM-8826: [Web] Teamviewer via Standard Mode with AD-SSO not possible since v9.502
• NUTM-8834: [Web] iOS11 user agent string is not detected as iOS
• NUTM-8849: [Web] Can’t download Traveler_90119_Win.zip with HTTP proxy in Transparent Mode
• NUTM-3129: [Wireless] SG125w failed to create interface wifi0: -23 (Too many open files in system)
• NUTM-4720: [Wireless] Issues with 2.4 GHz channel 12 and 13 / inconsistent channel availibility / AWE_DEVICE_CHANNEL_INVALID
• NUTM-8288: [Wireless] Roaming issues with iPhone7 and RADIUS authentication
• NUTM-8391: [Wireless] AP55C/AP100X disconnecting from UTM repeatedly

In my environment, the bug "User cannot open the SMTP Routing tab" was particularly annoying...

Click here for the Sophos Release Notes. It's always a good idea to take a look at the comments when there are updates for the UTM, but so far it's been pretty quiet.

The update can be downloaded directly here:

u2d-sys-9.505004-506002.tgz.gpg