[UPDATE: We have exchanged the RPM package for this Up2Date due to the LCM bug formerly reported. No changes in version or file name - only checksum changed.]
We just released an up2date package for UTM 9.2 which will bring UTM 9.200 (soft-release) to 9.201. This will also be the official GA release!
Beside several bug fixes you will find the fix for the formerly reported OpenSSL Heartbleed vulnerability.
UTM Up2Date 9.200 to 9.201
Link: ftp://ftp.astaro.de/UTM/v9/up2date/u2d-sys-9.200011-201023.tgz.gpg
Size: ~116MB
MD5: cb77b378fae1fe652c6299d65fb409c6
Sophos UTM v.9.201023
News
- Official 9.2 GA Release - update from 9.200
- Fix: OpenSSL vulnerability: TLS heartbeat read overrun (CVE-2014-0160)
Remarks
- System will be rebooted
- Configuration will be upgraded
- Connected Wifi APs will perform firmware upgrade
- Connected RED devices will perform firmware upgrade
Bugfixes
28439 vpn site2site overwiev is missing ipsec respondOnly connections
28953 Object Changelog PopUp can not be closed in IE9
29356 [BETA] RED50 reconnects all the time
29419 [BETA] Web Policy tester and http.log do not display modifications by local site list
29501 Transparent AD SSO conflicts with WAF (port 80)
29748 [BETA] changing OTP has no effect on WAF
29843 [BETA] Changing AV Scanners cause memory spikes in http proxy
30389 [BETA] http cache fills up partition
30441 [BETA] SPX encryption has higher priority than SMIME or PGP encryption
30446 [BETA] SPX: some characters in mail subject lead to broken subject in pdf
30561 [BETA] Username with \ is seen in sAMAccountName with \
30571 Add option to disable OTP for Webadmin/SSH from front panel LCD of UTM appliance
30637 [BETA] Handling Filter actions used in multiple policies
30701 [BETA] SPX: labels of original message are not correctly encoded in spx reply
30723 RED 10 stops working while handling large packets
30869 [BETA] DLP: Region selector of ""Sophos CCL Rules"" doesn't show the first element
30898 OTP: Token may be created for wrong user if remote/local user differ in case
30925 SPX: character sets other than UTF-8 break PDF and portal
30934 Incorrect Certificate used during Transparent HTTPS
30940 Wireless: Some SSIDs are shown as HASH(...) in WebAdmin
30945 ATP Dashboard Link & Reporting Issue (72h not visible)
30949 smtp scanner dies in combination with SPX and regular email encryption
30951 Outgoing mails get quarantined as ""UNSCANNABLE"" although ""Quarantine unscannable and encrypted content"" is disabled
31368 CVE-2014-0160: TLS heartbeat read overrun [9.2]
Regards,
Eric
This thread was automatically locked due to age.
