Sophos hat heute ein weiteres Update für die Sophos UTM veröffentlicht, welches die WAP2 Schwachstelle (KRACK) beheben soll:
- [NUTM-8984]: [RED] WPA2 KRACK vulnerability fixes for RED15w
- [NUTM-8789]: [Wireless] WPA2 KRACK vulnerability fixes
Das Update trägt die Versionsnummer 9.505-4 und kann unter dem folgenden Link direkt runtergeladen und eingespielt werden:
u2d-sys-9.504001-505004.tgz.gpg
Da es in der Vergangenheit immer mal wieder Probleme mit Updates für die UTM gegeben hat, sollte auch dieses neue Update ausgiebig getestet werden. Ein Backup der aktuellen Konfiguration sollte ebenfalls angefertigt werden.
Hier ist noch der Link zu den Release Notes:
Zwar sind die Release Notes ziemlich kurz, aber Benutzer schreiben in der Regel relativ schnell Kommentare, wenn es schwerwiegende Probleme mit dem Update gibt. Daher lohnt es sich dort mal vorbeizuschauen.
Neuer Version für UTM verfügbar: 9.5.06.002
Up2Date 9.506002 package description:
Remarks:
System will be rebooted
Configuration will be upgraded
Connected APs will perform firmware upgrade
Connected REDs will perform firmware upgrade
News:
Maintenance Release
Bugfixes:
Fix [NUTM-8651]: [AWS] AWS Permission for „Import Via Amazon Credentials“
Fix [NUTM-7678]: [Access & Identity] Pluto dies with coredump at L2TP connections
Fix [NUTM-8211]: [Access & Identity] SSL VPN connection issue with prefetched AD groups
Fix [NUTM-8756]: [Access & Identity] AUA debug log contains plain text passwords
Fix [NUTM-8889]: [Access & Identity] ESPdump with algorithm GCM does not work
Fix [NUTM-8912]: [Access & Identity] HTML5 VPN: keyboard input not working on Android devices
Fix [NUTM-7670]: [Basesystem] Update to BIND 9.10.6
Fix [NUTM-8427]: [Basesystem] postgres[xxxxx]: [x-x] FATAL: could not create shared memory segment: No space left on device
Fix [NUTM-8769]: [Basesystem] Small models of SG105 / SG115 / SG125 / SG135 take over 5 minutes to accept network connection
Fix [NUTM-9063]: [Configuration Management] Regenerating the Web Proxy CA breaks all SSL VPN clients
Fix [NUTM-8313]: [Email] POP3 Proxy generate core dumps in versions v9.414 and v9.501
Fix [NUTM-8509]: [Email] Remove 3DES and SHA1 from SMIME
Fix [NUTM-8645]: [Email] MIME Type Detection 9.5
Fix [NUTM-9061]: [Email] User cannot open the SMTP Routing tab
Fix [NUTM-8419]: [Logging] „Search Log Files“ has different search result in spite of same time frame
Fix [NUTM-8783]: [Logging] SMBv1 still required for remote logging to a smb share
Fix [NUTM-8341]: [Network] Network monitor core dump
Fix [NUTM-8685]: [Network] Some clients display an „Unknown“ vendor on the wireless client list
Fix [NUTM-8738]: [Network] Error messages in fallback log about damaged static routes
Fix [NUTM-8838]: [Network] Watchdog consumes constantly 100% CPU
Fix [NUTM-7396]: [RED] UTM RED kernel log shows „seq invalid“ messages
Fix [NUTM-6968]: [REST API] Restd: supporting usage of new object right after creation
Fix [NUTM-7981]: [Reporting] WAF-reporter logs irrelevant information
Fix [NUTM-8359]: [Reporting] SMTP log on Mail Manager is empty after upgrading postgres to 64bit
Fix [NUTM-7802]: [Sandboxd] If using a ‚ character in the email address, postgres is not able to insert this to the TransactionLog (Sandbox)
Fix [NUTM-8715]: [UI Framework] Unable to access „Manage Computers“ page
Fix [NUTM-8061]: [WAF] WAF still reporting virus found when AV engine on the UTM is updating
Fix [NUTM-8751]: [WAF] Newly created web server listens on the slave node instead of the master node
Fix [NUTM-8806]: [WAF] Issue with TLS settings for virtual webserver
Fix [NUTM-8861]: [WAF] Leftover of shm files cause a WAF restart loop
Fix [NUTM-5964]: [WebAdmin] Support Access: WebAdmin not properly displayed after login via APU
Fix [NUTM-8512]: [WebAdmin] Can’t use string („0“) as a HASH ref while „strict refs“ in use at /wfe/asg/modules/asg_ca.pm line 1105
Fix [NUTM-8571]: [WebAdmin] User with only „Report Auditor“ rights receives strict refs error after login into WebAdmin
Fix [NUTM-8807]: [WebAdmin] External link to Sophos UTM Knowledge Base is not correct
Fix [NUTM-8871]: [WebAdmin] Year of Single Time Events cannot be later than 2019
Fix [NUTM-7994]: [Web] Customized templates do not allow to accept quota and access site
Fix [NUTM-8037]: [Web] HA: Low disk space alert from slave
Fix [NUTM-8107]: [Web] CONFD.PLX is taking high CPU load
Fix [NUTM-8502]: [Web] HTTP Proxy coredumps with CentralFreeList in v9.413
Fix [NUTM-8687]: [Web] Segfault and coredump from HTTP proxy
Fix [NUTM-8691]: [Web] Certificate error on accessing sites with https scanning enabled
Fix [NUTM-8752]: [Web] NTLM Issue with AD SSO in Transparent Mode
Fix [NUTM-8771]: [Web] Wrong country showing up in Web proxy requests
Fix [NUTM-8826]: [Web] Teamviewer via Standard Mode with AD-SSO not possible since v9.502
Fix [NUTM-8834]: [Web] iOS11 user agent string is not detected as iOS
Fix [NUTM-8849]: [Web] Can’t download Traveler_90119_Win.zip with HTTP proxy in Transparent Mode
Fix [NUTM-3129]: [Wireless] SG125w failed to create interface wifi0: -23 (Too many open files in system)
Fix [NUTM-4720]: [Wireless] Issues with 2.4 GHz channel 12 and 13 / inconsistent channel availibility / AWE_DEVICE_CHANNEL_INVALID
Fix [NUTM-8288]: [Wireless] Roaming issues with iPhone7 and RADIUS authentication
Fix [NUTM-8391]: [Wireless] AP55C/AP100X disconnecting from UTM repeatedly
Habs heute gewagt :-)^^^^^^^^
Nach gefühlten 8 Min. lief alles wieder…
Stand jetzt: Firmwareversion: 9.505-4
Liebe Grüsse