We have soft-released a large stability/fix Up2Date for UTM 9.1. The 9.108 package fixes many reported issues and updates the stability of your system overall. We also will adjust some WebAdmin certificate expiry dates to avoid future issues with browsers. Our developers will watch this thread until the planned release GA next week. Details are below!
Sophos UTM v.9.108023
News
- Maintenance Update
- Reduce lifetime of WebAdmin certificate to 39 months to comply with future browser requirements
- Also reduce lifetime of https-scanning certificate to 39 months
- Support SHA-2 algorithm for SSL VPN authentication
- Remove RC4 from WebAdmin SSL cipher list to comply with current recommendations
- Various WebAdmin fixes in Wireless Status overview
Remarks
- System will be rebooted
- Configuration will be upgraded
- Connected REDs will perform firmware upgrade
Bugfixes
- 23295 Safe search does not work for Yahoo search engine
- 23585 WiFi Wireless Client List misses modified clients that are not shown for a long time
- 24059 Aua fails to handle customized user group attributes
- 24207 [UBB][9.065] Duplicate NAT entries in Service Definition
- 24541 Queries on images.google.com, ca, uk, etc. bypasses SafeSearch
- 26906 Update GPG for security fix [V9]
- 27348 Memory allocation errors in Webfilter for FTP requests
- 27474 Teamviewer via Basic-Auth Webproxy requires creds even if those are stored in the settings
- 27484 turning off RED client connection has no effect, tunnel will still be established
- 27744 Routing issue in RED standard/split mode
- 28013 Its not possible to add more than 20 remote networks into the Sophos IPsec Client
- 28223 The websecurity manager is not able to change or create some proxy settings
- 28226 Httpproxy reaches maximum number of open file descriptors due to header files in tmp (Windowsupdate)
- 28360 Avira Scanner can not scan pop3 mail, Error index out of bound
- 28390 Not possible to activate more than 62 virtual webserver
- 28432 Display errors for hotspot vouchers in Japanese language
- 28633 Update kernel and Intel drivers
- 28673 Read-only user may delete quarantine mails in mail manager
- 28846 Slow network throughput on BCM57810 (bnx2x) with kernel warning at net/core/dev.c:2029 skb_warn_bad_offload
- 29175 HTML5 VPN SSL certificate fetch doesn't work reliably
- 29215 Successful console logins are not logged [V9.1]
- 29283 UTM fails to verify signed emails
- 29483 [CVE-2013-2061] OpenVPN: non-constant time comparsion of HMACs
- 29600 Add host tag to remote syslog messages
- 29663 Httpproxy coredumps every few minutes after update from 9.006 to 9.106
- 29709 NTPd fails to synchronize
- 29792 Bridge: Allow IPv6 pass through has no effect
- 29840 RED doesn't work in half duplex mode
- 30047 SSL VPN disconnects when transferring large amounts of data [9.1]
- 30059 User Portal webpage doesn't get fully loaded while using Internet Explorer [9.1]
- 30151 Interface based policy routes don't work in some setups (9.107 regression)
- 30178 [NTT] Disable ASPM for 82583V NICs on 120N6 (Bixbox)
Download Details:
Up2date link: ftp://ftp.astaro.de/UTM/v9/up2date/u2d-sys-9.107033-108023.tgz.gpg
Up2date MD5sum: cc0c2e6688e5d5cc9dfe2a74f38a6b56
File size: ≈93MB
This thread was automatically locked due to age.
