Hi Everyone,

We've just released 9.407 to the Up2Date servers. This is a full GA release, meaning that all firewall running will be offered the automatic update.

News

Maintenance Release

Remarks

System will be rebooted

Configuration will be upgraded

Connected REDs will perform firmware upgrade

Connected Wifi APs will perform firmware upgrade

Bugfixes

NUTM-4079 [AWS] DNS Resolver too slow for ELBs

NUTM-3885 [Access & Identity] [RED] RED50 reconnecting every 30 minutes

NUTM-4502 [Access & Identity] [RED] reactivating RED management causes problem with provisioning server

NUTM-4749 [Access & Identity] [RED] interface default routes are not written

NUTM-4832 [Access & Identity] 9.404 SSL site-to-site VPN client is not compatibal with older UTM versions

NUTM-4870 [Access & Identity] STAS: Packetfilter rule is written too late when enabling the feature

NUTM-4875 [Access & Identity] 9.404 SSL site-to-site VPN doesn't work with static IP setting

NUTM-4881 [Access & Identity] IPsec remote access xauth fails with "could not find cache entry"

NUTM-4918 [Access & Identity] HTML5 VPN: Portuguese (Brazil) keyboard doesn't appear to support special characters

NUTM-4974 [Access & Identity] UTM unable to connect to support tunnel

NUTM-4981 [Access & Identity] [RED] RED management can't be reactivated after a Backup / Restore

NUTM-4987 [Access & Identity] 9.404 SSL site-to-site VPN client compatibility to older openvpn versions

NUTM-5004 [Access & Identity] [RED] misleading peer status send

NUTM-4941 [Basesystem] NTP Vulnerability

NUTM-5132 [Basesystem] Disable weak ciphers for webadmin

NUTM-3180 [Confd] IP Address change was not applied properly to the interface

NUTM-4346 [Documentation] Enhance documentation regarding unencrypted SSO AD password in printable configuration

NUTM-3225 [Email] JSON error when accessing Data Loss Prevention Tab and SMTP Profiles

NUTM-3483 [Email] Missing/incomplete logging for sandstorm in SMTP proxy

NUTM-3505 [Email] MIME type blacklist can be bypassed if an another file is whitelisted

NUTM-3666 [Email] Mail log in user portal is case-sensitive

NUTM-3667 [Email] RAR and XLSX files causing Scanner timeout or deadlock - moving to error queue

NUTM-4331 [Email] Implement more error handling in QMGR for error cases

NUTM-4874 [Email] SMTP proxy can't be disabled when upgrading from 9.31x

NUTM-5228 [Email] change LogLevel in httpd-spx-reply.conf to warn

NUTM-5355 [Email] Increase AV Scanner timeout to 60 seconds

NUTM-2768 [HA/Cluster] 36307: Postgres can't be started on Slave / rsync error: error in socket IO (code 10) at clientserver.c(122) [receiver=3.0.4]

NUTM-4894 [Logging] Fallback log on slave node is filling up the partition

NUTM-1954 [Network] 35457: Amazon vpc gets imported but quagga doesnt start

NUTM-3092 [Network] snmp does not work: because 10G modules query of link status timeout if no GBIC is plugged

NUTM-3115 [Network] AFC misclassifying HTTPS connections as 'OpenVPN'

NUTM-3157 [Network] [INFO-152] Network Monitor not running - restarted

NUTM-3229 [Network] IPv6 over transparent proxy

NUTM-3247 [Network] Spam Filter cannot query database servers from Slave if a block all AFC rule exists

NUTM-4037 [Network] Update kernel to 3.12.58

NUTM-4992 [Network] Unitymedia / KabelBW customer getting always the MTU 576

NUTM-4885 [Reporting] SSL VPN reporting shows no user with a "#" sign in the username

NUTM-4593 [Sandboxd] Constant error when inserting record into sandstorm transactionlog table

NUTM-5128 [Virtualization] Incorrect interface order on HyperV

NUTM-4868 [WAF] WAF service restart issue (segmentation fault in mod_avscan)

NUTM-5266 [WAF] Form auth default template login not possible with chrome and FF

NUTM-4916 [WebAdmin] User portal: add Windows 10 to list of supported OSs for SSL VPN

NUTM-2447 [Web] 36231: HTTP proxy policy matching with backend groups is sometimes not working

NUTM-4525 [Web] Handle ha zeroconf for sandbox_reportd

NUTM-4806 [Web] postgres[xxxxx]: [x-x] STATEMENT: INSERT INTO TransactionLog

NUTM-4877 [Web] segfault after installing ep-httpproxy-9.40-319.g32fa996.i686.rpm

NUTM-4127 [WiFi] MAC filter whitelist does not work after editing the MAC Address List

NUTM-4451 [WiFi] Mesh AP doesn't connect after deleting the AP from webadmin

NUTM-4913 [WiFi] Hotspot voucher QR code pointing to IP address instead of configured host name

NUTM-5032 [WiFi] 'STA WPA Failure' messages not appearing in wireless log

Firmware Updates:

From 9.406:

DL: ftp://ftp.astaro.de/UTM/v9/up2date/u2d-sys-9.406003-407003.tgz.gpg

Size: ~165M

MD5: b355872857f1c42588a30816adb1ade6