Heute wurde ein neues Update für die Sophos UTM veröffentlicht, eigentlich sind es sogar zwei Updates:
Die beiden Updates können hier runtergeladen werden:
http://ftp.astaro.de/UTM/v9/up2date/
Hier einmal die Release Notes:
Fix [NUTM-2392]: [AWS] Allow the user to select the security group to port during conversion
Fix [NUTM-5327]: [AWS] Confd object missing after instance recovery in HA scenario
Fix [NUTM-5339]: [AWS] [RESTD] allow unauthenticated access from localhost
Fix [NUTM-5466]: [AWS] ssh disabled – No connection to stack instances
Fix [NUTM-5882]: [AWS] Logging & Reporting overview does not show any information
Fix [NUTM-5901]: [AWS] [RESTD] Improve webadmin UI and documentation
Fix [NUTM-5981]: [AWS] Conversion feature always converts to BYOL
Fix [NUTM-6013]: [AWS] Fix communication issue with S3
Fix [NUTM-5110]: [Access & Identity] Since version 9.404 L2TP with Android doesn’t work
Fix [NUTM-5562]: [Access & Identity] UTM to UTM RED Tunnel doesn’t work anymore after only TLS 1.2 is allowed
Fix [NUTM-5674]: [Access & Identity] REDs offline after HA takeover – ‚RED is not bound to this system, disabling device‘
Fix [NUTM-5840]: [Access & Identity] 3G to WAN failover on RED15/RED50 does not work
Fix [NUTM-5661]: [Basesystem] quagga security update (CVE-2016-1245)
Fix [NUTM-5701]: [Basesystem] named fails to start after invalid host record
Fix [NUTM-5779]: [Basesystem] bind security update (CVE-2016-8864)
Fix [NUTM-5769]: [Confd] Configd error Datatype.pm line 319
Fix [NUTM-5787]: [Confd] Bridge can’t be converted back to ethernet if only red interfaces are used
Fix [NUTM-5997]: [Localization] Japanese translation error if using a string longer than 64 bytes as common_name
Fix [NUTM-5533]: [Network] ‚Block invalid packets‘ option doesn’t block invalid packets
Fix [NUTM-5595]: [Network] SIP Helper behavior clarification in ‚Any‘ expectation mode
Fix [NUTM-5513]: [Reporting] RRD reporting doesn’t show the warnings and alerts of the slave nodes in cluster setups
Fix [NUTM-5655]: [Reporting] Wrong count on websecvisits data
Fix [NUTM-5792]: [WAF] WAF coredump’ed after regular session cleanup
Fix [NUTM-5856]: [WAF] Special characters are encoded when HTML rewrite is enabled
Fix [NUTM-5075]: [WebAdmin] User test is not working with LDAP special characters in Base DN
Fix [NUTM-5317]: [WebAdmin] Persistent cookie for user portal working only once
Fix [NUTM-5761]: [WebAdmin] Translation in Webadmin is not consistent (web protection)
Fix [NUTM-5811]: [WebAdmin] Misleading default QoS interface downlink/uplink values
Fix [NUTM-5888]: [WebAdmin] Since v9.408 Authentication Server test fails after first creation
Fix [NUTM-5963]: [Web] Sandstorm not delivering Emails files from „Scan Pending“ state
Fix [NUTM-5303]: [WiFi] Characters in Hotspot terms of use not encoded correctly
Fix [NUTM-5876]: [WiFi] User field is blank on login at Hotspot with voucher
Fix [NUTM-6128]: [WiFi] FollowUp-NUTM-5303 – Characters in Hotspot terms of use not encoded correctly
Und die Release Notes für das kleinere Update:
Previous 9.409 Up2Date could fail to apply on UTMs that were installed with 9.406 or older
Ich habe es bisher nicht hinbekommen das vorherige Update auf meiner virtuellen UTM zu installieren. Auch dieses Update lässt sich bei mir nicht fehlerfrei installieren. Nach dem Update fehlen virtuelle Netzwerkkarten und neue Netzwerkkarten werden nicht erkannt (VMware ESXi). Ich habe daher meine UTM mit der aktuellen Version neu installiert. Bisher läuft das aktuelle Update mit der Neuinstallation.
Vor dem Update einer virtuellen UTM sollte also ein Snapshot erzeugt werden, damit im Fehlerfall schnell wieder eine lauffähige Konfiguration wiederhergestellt werden kann.