This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New 9.202033 out now

News

· Mobile Protection feature release
· * push VPN and Wifi configurations to Sophos Mobile Control
· * disable VPN and Wifi for non-compliant mobile devices
· .
· OTP: allow to define bigger windows of time difference to better support hardware tokens
Remarks

· System will be rebooted
· Configuration will be upgraded
· Connected Wifi APs will perform firmware upgrade
· Connected RED devices will perform firmware upgrade
· Fix for #31374 can cause issue if using client authentication with more than 170 groups referenced in rules

Bugfixes

24445 Windows Live-ID Sign In assistant breaks Kerberos authentication
24855 Hungarian keyboard layout get lost when starting a HTML5VPN RDP session
30127 [BETA] Strict TCP session handling
30502 Rev. Auth.: session management with multiple profiles
30522 [BETA] Tunnel broker Hurricane Electric broken
30736 [BETA] AD SSO Transparent mode conflicts with WAF
30792 [BETA] DLP: Incorrect DLP behaviour when no routing domains are configured
31077 increase window of allowed OTP tokencodes for the very first authentication
31078 implement option for manual and automatic sync of time drift of hardware OTP tokens to UTM
31100 Import of Filter Exceptions from UTM to SUM fails
31118 httpproxy 'srcip' debugging does not contain all auth_transparent.c debug entries [9.2]
31121 DHCP mapping comments gets lost by upgrading to 9.100 [9.2]
31173 SSL VPN Client crashes on 64 Bit Machines
31175 Redirect with port number on backend leads to invalid Location header on frontend [9.2]
31236 'Force caching for Sophos Endpoint updates' still doesn't work correctly everytime
31238 mod_proxy_msrpc: segmentation fault on backend connection access [9.2]
31374 Correctly account Confd ipsets consumed by user and group networks
31386 Regression: Wrong AD SSO backend group matching since 9.200
31508 [UBB] DynDNS: Wrong update URL for namecheap.com
31527 [CVE-2014-2891] DoS vulnerability in strongSwan
31541 "Web Protection Manager" role is missing necessary rights
31627 REDs without connection to the provisioning server can't install the new firmware after up2date to 9.2

Index of /UTM/v9/up2date/

9.201-25 to 9.202-33 : http://ftp.astaro.com/UTM/v9/up2date/u2d-sys-9.201025-202033.tgz.gpg

9.202-28 to 9.202-33 http://ftp.astaro.com/UTM/v9/up2date/u2d-sys-9.202028-202033.tgz.gpg

This thread was automatically locked due to age.

0 FrankBarmentlo over 11 years ago

Is there any changelog available for this one, or am I too early?
Cancel
Vote Up 0 Vote Down

Cancel
0 Crisman over 11 years ago

Hello,

My UTM has 9.201-23, where´s the update files from 9.201023 to 9.202028 or 9.202033?

Thanks.
Cancel
Vote Up 0 Vote Down

Cancel
0 stealthmatt_01 over 11 years ago in reply to FrankBarmentlo

Is there any changelog available for this one, or am I too early?

I was just in the process of downloading it to get the change log... I have updated the main post.
Cancel
Vote Up 0 Vote Down

Cancel
0 stealthmatt_01 over 11 years ago in reply to Crisman

Hello,

My UTM has 9.201-23, where´s the update files from 9.201023 to 9.202028 or 9.202033?

Thanks.

Hi there you need to upgrade to 9.201-25 first

http://ftp.astaro.com/UTM/v9/up2date/u2d-sys-9.201023-201025.tgz.gpg
Cancel
Vote Up 0 Vote Down

Cancel
0 FrankBarmentlo over 11 years ago

Thanks, stealthmatt,
sorry for being too fast, should' ve given you a chance,

good to see this includes a small fix I've been waiting for
Cancel
Vote Up 0 Vote Down

Cancel
0 stealthmatt_01 over 11 years ago

Looks like they fixed the Strict TCP session handling issue which will be good when you make changes to firewall rules [:)]
Cancel
Vote Up 0 Vote Down

Cancel
0 Crisman over 11 years ago in reply to FrankBarmentlo

Ok, thanks!

Why my UTM doesn't show update available for 9.201-25 since the file is present on the ftp update folder?
Cancel
Vote Up 0 Vote Down

Cancel
0 Crisman over 11 years ago in reply to stealthmatt_01

Hi there you need to upgrade to 9.201-25 first

http://ftp.astaro.com/UTM/v9/up2date/u2d-sys-9.201023-201025.tgz.gpg

Ok, thanks!

Why my Utm does not show update for 9.201-25 if the file its present on the ftp folder?
Cancel
Vote Up 0 Vote Down

Cancel
0 teched_01 over 11 years ago

Updates are generally on the ftp/download servers for a time before rolling out to UTMs (soft-release).

Sometimes updates get pulled back (or "worse" repackaged?) as they introduce bigger problems than they solve (but the problems have to be caught first).
Cancel
Vote Up 0 Vote Down

Cancel
0 teched_01 over 11 years ago

Just because it is on the FTP doesn't mean it is automatically available for your UTM. Infact the UTMs don't appear to pull the updates from the ftp servers but from the up2date servers.

To elaborate a bit on the up2date process:

Your UTMs, individually if you have more than one, contact particular servers (up2date servers) and the conversation goes approximately like this "Hi I'm UTM license # 123456 with hardware id abcdef0123456 running system version 9.whatever using X of my Y licensed IPs and here are my current antivirus/geoip/help/ips/system/etc versions. What updates do you have for me?"

When the up2date servers respond (sometimes they don't, hence the occasional error messages) they respond with a list of updates for antivirus/geoip/help/ips/system/etc. Only the returned updates are automatically downloaded from the up2date servers.
Cancel
Vote Up 0 Vote Down

Cancel