Hi everyone, this is a soft-release for manual download/installation of several versions of UTM 9.105. We put this out mainly for a security fix around Webadmin, but will use this release for a few bug fixes, too (details below). We'll push this out ASAP as GA, until then, here are the details for soft-releaser's! Sophos UTM 9.105 News Security Fix Fix vulnerability in WebAdmin Remarks System will be rebooted Bugfixes 27295 Two processes of repctld run on slave after switching preferred master, and therefore it is still shown as syncing 27580 audld.plx gets stuck and UTM is not able to download patterns anymore Download Up2date Link: ftp://ftp.astaro.de/UTM/v9/up2date/u2d-sys-9.104017-105007.tgz.gpg Up2Date MD5Sum: 8874d4b29c0781f67a7ee6df946ce681 Up2Date Size: ~32 MB

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9.105 Soft-Released

Hi everyone, this is a soft-release for manual download/installation of several versions of UTM 9.105. We put this out mainly for a security fix around Webadmin, but will use this release for a few bug fixes, too (details below). We'll push this out ASAP as GA, until then, here are the details for soft-releaser's!

Sophos UTM 9.105
News

Security Fix
Fix vulnerability in WebAdmin

Remarks

System will be rebooted

Bugfixes

27295 Two processes of repctld run on slave after switching preferred master, and therefore it is still shown as syncing
27580 audld.plx gets stuck and UTM is not able to download patterns anymore

Download
Up2date Link: ftp://ftp.astaro.de/UTM/v9/up2date/u2d-sys-9.104017-105007.tgz.gpg
Up2Date MD5Sum: 8874d4b29c0781f67a7ee6df946ce681
Up2Date Size: ~32 MB

This thread was automatically locked due to age.

Parents

0 William Warren over 12 years ago

i'm curious bout the security issue. What was it? Hiding it from us doesn't help the partners and others..i bet the bad boys know about it already.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 William Warren over 12 years ago

i'm curious bout the security issue. What was it? Hiding it from us doesn't help the partners and others..i bet the bad boys know about it already.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 apijnappels over 12 years ago in reply to William Warren

i'm curious bout the security issue. What was it? Hiding it from us doesn't help the partners and others..i bet the bad boys know about it already.

I don't think they will reveal before another GA version is out. Majority of admins might not even know about soft-releases and if they do, they may not like to install non-GA versions.
Cancel
Vote Up 0 Vote Down

Cancel
0 snowcrash_01 over 12 years ago in reply to William Warren

i'm curious bout the security issue. What was it? Hiding it from us doesn't help the partners and others..i bet the bad boys know about it already.

Hi William,
the bug is NOT disclosed yet and yes there will be details available after 9.105 GA.
Cancel
Vote Up 0 Vote Down

Cancel
0 BarryG over 12 years ago in reply to snowcrash_01

Hi William,
the bug is NOT disclosed yet and yes there will be details available after 9.105 GA.

Hi,
I'd like to know if restricting access to webadmin (and the user portal?) is effective mitigation.

Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 trollvottel over 12 years ago in reply to BarryG

Hi,
I'd like to know if restricting access to webadmin (and the user portal?) is effective mitigation.

Barry

Yes it is - if you restrict on IP level (which you should always do, anyway).
Cancel
Vote Up 0 Vote Down

Cancel