Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 18 replies
  • Answers 1 answer
  • Subscribers 33 subscribers
  • Views 34765 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Any sign of the 5.7 MR7 update

rfcat_vk

Hi,

getting close to v17b release. 5.7 MR7 was a suggested release before V17b was released?

Ian



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to VishvasChitale

    I guess that they will wait a couple of weeks (after the MR7 in order to understand and collect feedbacks) before releasing v17 beta.

    Regards

  • 0 in reply to VishvasChitale

    Hi All, 

    we've finished SFOS v16.05.7 MR7. This release is available from within your device for all SFOS v16.05 installations.

    The release is available to all SFOS version via MySophos portal.

    Issues Resolved

    • NC-19720 [API] SQL Injection: Application filter add type
    • NC-19721 [API] SQL Injection: Proxy port config
    • NC-19775 [API] SQL Injection: User add/edit
    • NC-20840 [Authentication] SATC: users logged in and logged out continuously
    • NC-19420 [Base System] "Don't register yet " link is not shown in Chinese language
    • NC-19520 [Base System] Hotfix applied multiple times in SF device
    • NC-19558 [Base System] Add kernel patch for 'Stack Clash'
    • NC-19920 [Base System] Several vulnerabilitiy patches for Dropbear (CVE-2016-7409, CVE-2016-7408, CVE-2016-7407, CVE-2016-7406)
    • NC-20753 [Base System] Changing of "admin" password in SFM does not replicate to the XG device and device is inaccessible due to password missmatch
    • NC-21237 [Base System] Linux Kernel vulnerability "Dirty Cow" (CVE-2016-5195)
    • NC-19330 [Firewall] XG live logs show packets out of time order
    • NC-19659 [Firewall] Invalid IP Host import fails but leaves invalid db entries causing system framework failure
    • NC-19674 [Firewall] Unidentified user usage from identity based rule
    • NC-20343 [Firewall] Wrong GeoIP classification for some IP addresses
    • NC-19745 [Hotspot] Hotspot custom voucher is changed to default upon hotspot update
    • NC-19956 [Localization] XG translation error on the firewall policies page for Brazilian (PT-BR) language
    • NC-19300 [Mail Proxy] Unable to parse or decode the contents of the email when the banner contains bare LF
    • NC-19354 [Mail Proxy] Quarantined Emails are not visible in Webadmin
    • NC-19829 [Mail Proxy] Email are bounced with SMTP/s scanning and RBL enabled
    • NC-19873 [Mail Proxy] XG inconsistent NDR notification behaviour
    • NC-19901 [Mail Proxy] Attachment name causing awarrentmta to stop
    • NC-20490 [Mail Proxy] SMTP Quarantine data doesn't load in User Portal for all users
    • NC-20784 [Mail Proxy] SMTP Quarantine data is not loading
    • NC-19621 [Network Services] nslookup / dnslookup commands not using specified server
    • NC-19136 [Networking] Incorrect information in System Graphs for bandwidth usage
    • NC-19598 [Networking] Gateway failover not working
    • NC-19750 [Networking] IPv6 Policy Route not removed from system when gateway is deleted
    • NC-19716 [UI] SQL Injection: Current Activities
    • NC-19753 [UI] SQL Injection: filter function
    • NC-19540 [WAF] WAF - Fix CVE-2017-7679: mod_mime buffer overread
    • NC-19717 [WAF] SQL injection: IPS backend server add
    • NC-19718 [Web] SQL Injection: Proxy file type add
    • NC-20787 [Web] Proxying is allowed through port 8090
    • NC-19719 [Wireless] Blind code execution: Access point edit
  • 0 in reply to lferrara

    Hi,

    currently downloading and installing 5.7 mr7.

    Ian

  • 0 in reply to lferrara

    I think there is nothing to wait. Resp. the MR7 on my HW and vmware appliances are running very well. I did not have to reactivate the Security Heartbeat again as with several previous versions of MR and also STAS and SATC are running correctly.

    For me a thumb up for now.

    alda

    P.S. And SFMOS 16.05.1 MR-1 already supports MR7 too. Maybe a hat down? ;-) 

     

  • 0 in reply to Aditya Patel

    Hi  these are some serious vulnerabilities that were patched upstream long time ago. Does this mean that all the previous versions of XG are vulnerable? Also, the sql injections, are they low priority where only an admin with login credentials can inject code or anyone from LAN or WAN(if enabled) can inject code. Dropbear CVEs are months old and dirty cow??? XG is still vulnerable to dirty cow????  I will post the same question under the release notes because this is scary

    NC-19720 [API] SQL Injection: Application filter add type
    NC-19721 [API] SQL Injection: Proxy port config
    NC-19775 [API] SQL Injection: User add/edit
    NC-19558 [Base System] Add kernel patch for 'Stack Clash'CVE-2017-1000364
    NC-19920 [Base System] Several vulnerabilitiy patches for Dropbear (CVE-2016-7409, CVE-2016-7408, CVE-2016-7407, CVE-2016-7406)
    NC-21237 [Base System] Linux Kernel vulnerability "Dirty Cow" (CVE-2016-5195)
    NC-19716 [UI] SQL Injection: Current Activities
    NC-19753 [UI] SQL Injection: filter function
    NC-19540 [WAF] WAF - Fix CVE-2017-7679: mod_mime buffer overread
    NC-19717 [WAF] SQL injection: IPS backend server add
    NC-19718 [Web] SQL Injection: Proxy file type add
    NC-20787 [Web] Proxying is allowed through port 8090
    NC-19719 [Wireless] Blind code execution: Access point edit

    Thanks for looking into this.

  • 0 in reply to rfcat_vk

    Hi folks,

    installed 5.7 m7 last night.

    Observations.

    1/. system appears very sluggish using the management console

    2/. no daily reports

    3/. dhcp server has not renewed all leases of connected devices after restart

    Ian

     

    Update. One of the daily reports arrived 10 hours after it was generated.

  • 0 in reply to rfcat_vk

    Hi

    I have updated to MR7 ,Then found that incoming mail are not coming to my internal server.Same configration was working fine with MR6, So rolled back to MR6. Email Logs are also getting hanged

    BR

  • 0 in reply to VishvasChitale

    Hi,

    eventually all the daily reports have arrived. I suspect the delay was caused by a number of the scanning packages waiting for updates to be released. Otherwise beside the slower management GUI the latest version appears to be going okay except all my clientless assignments are now wrong and have to be deleted and start again.

    Waiting for v17b before deciding to implement my own DHCP server.

    Ian