Sophos UTM: New update fixes WPA2 vulnerability (9.505-4)

Sophos has today released another update for Sophos UTM to fix the WAP2 vulnerability (KRACK):

  • [NUTM-8984]: [RED] WPA2 KRACK vulnerability fixes for RED15w
  • [NUTM-8789]: [Wireless] WPA2 KRACK vulnerability fixes

The update has the version number 9.505-4 and can be downloaded and installed directly from the following link:

u2d-sys-9.504001-505004.tgz.gpg

Sophos UTM update

As there have always been problems with updates for the UTM in the past, this new update should also be tested extensively. A backup of the current configuration should also be made.

Here is the link to the release notes:

UTM Up2Date 9.505 Released

Although the release notes are quite short, users usually post comments relatively quickly if there are serious problems with the update. It is therefore worth taking a look there.

2 thoughts on “Sophos UTM: Neues Update fixt WPA2 Schwachstelle (9.505-4)”

  1. Neuer Version für UTM verfügbar: 9.5.06.002

    Up2Date 9.506002 package description:

    Remarks:
    System will be rebooted
    Configuration will be upgraded
    Connected APs will perform firmware upgrade
    Connected REDs will perform firmware upgrade

    News:
    Maintenance Release

    Bugfixes:
    Fix [NUTM-8651]: [AWS] AWS Permission for „Import Via Amazon Credentials“
    Fix [NUTM-7678]: [Access & Identity] Pluto dies with coredump at L2TP connections
    Fix [NUTM-8211]: [Access & Identity] SSL VPN connection issue with prefetched AD groups
    Fix [NUTM-8756]: [Access & Identity] AUA debug log contains plain text passwords
    Fix [NUTM-8889]: [Access & Identity] ESPdump with algorithm GCM does not work
    Fix [NUTM-8912]: [Access & Identity] HTML5 VPN: keyboard input not working on Android devices
    Fix [NUTM-7670]: [Basesystem] Update to BIND 9.10.6
    Fix [NUTM-8427]: [Basesystem] postgres[xxxxx]: [x-x] FATAL: could not create shared memory segment: No space left on device
    Fix [NUTM-8769]: [Basesystem] Small models of SG105 / SG115 / SG125 / SG135 take over 5 minutes to accept network connection
    Fix [NUTM-9063]: [Configuration Management] Regenerating the Web Proxy CA breaks all SSL VPN clients
    Fix [NUTM-8313]: [Email] POP3 Proxy generate core dumps in versions v9.414 and v9.501
    Fix [NUTM-8509]: [Email] Remove 3DES and SHA1 from SMIME
    Fix [NUTM-8645]: [Email] MIME Type Detection 9.5
    Fix [NUTM-9061]: [Email] User cannot open the SMTP Routing tab
    Fix [NUTM-8419]: [Logging] „Search Log Files“ has different search result in spite of same time frame
    Fix [NUTM-8783]: [Logging] SMBv1 still required for remote logging to a smb share
    Fix [NUTM-8341]: [Network] Network monitor core dump
    Fix [NUTM-8685]: [Network] Some clients display an „Unknown“ vendor on the wireless client list
    Fix [NUTM-8738]: [Network] Error messages in fallback log about damaged static routes
    Fix [NUTM-8838]: [Network] Watchdog consumes constantly 100% CPU
    Fix [NUTM-7396]: [RED] UTM RED kernel log shows „seq invalid“ messages
    Fix [NUTM-6968]: [REST API] Restd: supporting usage of new object right after creation
    Fix [NUTM-7981]: [Reporting] WAF-reporter logs irrelevant information
    Fix [NUTM-8359]: [Reporting] SMTP log on Mail Manager is empty after upgrading postgres to 64bit
    Fix [NUTM-7802]: [Sandboxd] If using a ‚ character in the email address, postgres is not able to insert this to the TransactionLog (Sandbox)
    Fix [NUTM-8715]: [UI Framework] Unable to access „Manage Computers“ page
    Fix [NUTM-8061]: [WAF] WAF still reporting virus found when AV engine on the UTM is updating
    Fix [NUTM-8751]: [WAF] Newly created web server listens on the slave node instead of the master node
    Fix [NUTM-8806]: [WAF] Issue with TLS settings for virtual webserver
    Fix [NUTM-8861]: [WAF] Leftover of shm files cause a WAF restart loop
    Fix [NUTM-5964]: [WebAdmin] Support Access: WebAdmin not properly displayed after login via APU
    Fix [NUTM-8512]: [WebAdmin] Can’t use string („0“) as a HASH ref while „strict refs“ in use at /wfe/asg/modules/asg_ca.pm line 1105
    Fix [NUTM-8571]: [WebAdmin] User with only „Report Auditor“ rights receives strict refs error after login into WebAdmin
    Fix [NUTM-8807]: [WebAdmin] External link to Sophos UTM Knowledge Base is not correct
    Fix [NUTM-8871]: [WebAdmin] Year of Single Time Events cannot be later than 2019
    Fix [NUTM-7994]: [Web] Customized templates do not allow to accept quota and access site
    Fix [NUTM-8037]: [Web] HA: Low disk space alert from slave
    Fix [NUTM-8107]: [Web] CONFD.PLX is taking high CPU load
    Fix [NUTM-8502]: [Web] HTTP Proxy coredumps with CentralFreeList in v9.413
    Fix [NUTM-8687]: [Web] Segfault and coredump from HTTP proxy
    Fix [NUTM-8691]: [Web] Certificate error on accessing sites with https scanning enabled
    Fix [NUTM-8752]: [Web] NTLM Issue with AD SSO in Transparent Mode
    Fix [NUTM-8771]: [Web] Wrong country showing up in Web proxy requests
    Fix [NUTM-8826]: [Web] Teamviewer via Standard Mode with AD-SSO not possible since v9.502
    Fix [NUTM-8834]: [Web] iOS11 user agent string is not detected as iOS
    Fix [NUTM-8849]: [Web] Can’t download Traveler_90119_Win.zip with HTTP proxy in Transparent Mode
    Fix [NUTM-3129]: [Wireless] SG125w failed to create interface wifi0: -23 (Too many open files in system)
    Fix [NUTM-4720]: [Wireless] Issues with 2.4 GHz channel 12 and 13 / inconsistent channel availibility / AWE_DEVICE_CHANNEL_INVALID
    Fix [NUTM-8288]: [Wireless] Roaming issues with iPhone7 and RADIUS authentication
    Fix [NUTM-8391]: [Wireless] AP55C/AP100X disconnecting from UTM repeatedly

    Reply
  2. Habs heute gewagt :-)^^^^^^^^

    Nach gefühlten 8 Min. lief alles wieder…
    Stand jetzt: Firmwareversion: 9.505-4

    Liebe Grüsse

    Reply

Leave a Comment