Sophos has today released another update for Sophos UTM to fix the WAP2 vulnerability (KRACK):
- [NUTM-8984]: [RED] WPA2 KRACK vulnerability fixes for RED15w
- [NUTM-8789]: [Wireless] WPA2 KRACK vulnerability fixes
The update has the version number 9.505-4 and can be downloaded and installed directly from the following link:
u2d-sys-9.504001-505004.tgz.gpg
As there have always been problems with updates for the UTM in the past, this new update should also be tested extensively. A backup of the current configuration should also be made.
Here is the link to the release notes:
Although the release notes are quite short, users usually post comments relatively quickly if there are serious problems with the update. It is therefore worth taking a look there.
Neuer Version für UTM verfügbar: 9.5.06.002
Up2Date 9.506002 package description:
Remarks:
System will be rebooted
Configuration will be upgraded
Connected APs will perform firmware upgrade
Connected REDs will perform firmware upgrade
News:
Maintenance Release
Bugfixes:
Fix [NUTM-8651]: [AWS] AWS Permission for „Import Via Amazon Credentials“
Fix [NUTM-7678]: [Access & Identity] Pluto dies with coredump at L2TP connections
Fix [NUTM-8211]: [Access & Identity] SSL VPN connection issue with prefetched AD groups
Fix [NUTM-8756]: [Access & Identity] AUA debug log contains plain text passwords
Fix [NUTM-8889]: [Access & Identity] ESPdump with algorithm GCM does not work
Fix [NUTM-8912]: [Access & Identity] HTML5 VPN: keyboard input not working on Android devices
Fix [NUTM-7670]: [Basesystem] Update to BIND 9.10.6
Fix [NUTM-8427]: [Basesystem] postgres[xxxxx]: [x-x] FATAL: could not create shared memory segment: No space left on device
Fix [NUTM-8769]: [Basesystem] Small models of SG105 / SG115 / SG125 / SG135 take over 5 minutes to accept network connection
Fix [NUTM-9063]: [Configuration Management] Regenerating the Web Proxy CA breaks all SSL VPN clients
Fix [NUTM-8313]: [Email] POP3 Proxy generate core dumps in versions v9.414 and v9.501
Fix [NUTM-8509]: [Email] Remove 3DES and SHA1 from SMIME
Fix [NUTM-8645]: [Email] MIME Type Detection 9.5
Fix [NUTM-9061]: [Email] User cannot open the SMTP Routing tab
Fix [NUTM-8419]: [Logging] „Search Log Files“ has different search result in spite of same time frame
Fix [NUTM-8783]: [Logging] SMBv1 still required for remote logging to a smb share
Fix [NUTM-8341]: [Network] Network monitor core dump
Fix [NUTM-8685]: [Network] Some clients display an „Unknown“ vendor on the wireless client list
Fix [NUTM-8738]: [Network] Error messages in fallback log about damaged static routes
Fix [NUTM-8838]: [Network] Watchdog consumes constantly 100% CPU
Fix [NUTM-7396]: [RED] UTM RED kernel log shows „seq invalid“ messages
Fix [NUTM-6968]: [REST API] Restd: supporting usage of new object right after creation
Fix [NUTM-7981]: [Reporting] WAF-reporter logs irrelevant information
Fix [NUTM-8359]: [Reporting] SMTP log on Mail Manager is empty after upgrading postgres to 64bit
Fix [NUTM-7802]: [Sandboxd] If using a ‚ character in the email address, postgres is not able to insert this to the TransactionLog (Sandbox)
Fix [NUTM-8715]: [UI Framework] Unable to access „Manage Computers“ page
Fix [NUTM-8061]: [WAF] WAF still reporting virus found when AV engine on the UTM is updating
Fix [NUTM-8751]: [WAF] Newly created web server listens on the slave node instead of the master node
Fix [NUTM-8806]: [WAF] Issue with TLS settings for virtual webserver
Fix [NUTM-8861]: [WAF] Leftover of shm files cause a WAF restart loop
Fix [NUTM-5964]: [WebAdmin] Support Access: WebAdmin not properly displayed after login via APU
Fix [NUTM-8512]: [WebAdmin] Can’t use string („0“) as a HASH ref while „strict refs“ in use at /wfe/asg/modules/asg_ca.pm line 1105
Fix [NUTM-8571]: [WebAdmin] User with only „Report Auditor“ rights receives strict refs error after login into WebAdmin
Fix [NUTM-8807]: [WebAdmin] External link to Sophos UTM Knowledge Base is not correct
Fix [NUTM-8871]: [WebAdmin] Year of Single Time Events cannot be later than 2019
Fix [NUTM-7994]: [Web] Customized templates do not allow to accept quota and access site
Fix [NUTM-8037]: [Web] HA: Low disk space alert from slave
Fix [NUTM-8107]: [Web] CONFD.PLX is taking high CPU load
Fix [NUTM-8502]: [Web] HTTP Proxy coredumps with CentralFreeList in v9.413
Fix [NUTM-8687]: [Web] Segfault and coredump from HTTP proxy
Fix [NUTM-8691]: [Web] Certificate error on accessing sites with https scanning enabled
Fix [NUTM-8752]: [Web] NTLM Issue with AD SSO in Transparent Mode
Fix [NUTM-8771]: [Web] Wrong country showing up in Web proxy requests
Fix [NUTM-8826]: [Web] Teamviewer via Standard Mode with AD-SSO not possible since v9.502
Fix [NUTM-8834]: [Web] iOS11 user agent string is not detected as iOS
Fix [NUTM-8849]: [Web] Can’t download Traveler_90119_Win.zip with HTTP proxy in Transparent Mode
Fix [NUTM-3129]: [Wireless] SG125w failed to create interface wifi0: -23 (Too many open files in system)
Fix [NUTM-4720]: [Wireless] Issues with 2.4 GHz channel 12 and 13 / inconsistent channel availibility / AWE_DEVICE_CHANNEL_INVALID
Fix [NUTM-8288]: [Wireless] Roaming issues with iPhone7 and RADIUS authentication
Fix [NUTM-8391]: [Wireless] AP55C/AP100X disconnecting from UTM repeatedly
Habs heute gewagt :-)^^^^^^^^
Nach gefühlten 8 Min. lief alles wieder…
Stand jetzt: Firmwareversion: 9.505-4
Liebe Grüsse