Sophos XG SFOS 17.5 MR9 verfügbar…

Sophos hat die neue Firmware SFOS 17.5.9 MR 9 für XG veröffentlicht. Ihr könnt Euch das Update vom MySophos Account herunterladen und manuell installieren. Mit dem Update werden zwei Sicherheitslücken gefixt. Es handelt sich um die Lücken in Exim CVE-2019-15846 und WAF CVE-2019-10092. Erstere wird als kritisch eingestuft.

Es folgt die Liste der Bugfixes:

NC-45755 [Authentication] Delayed/timeout for login when users authenticated remotely
NC-46473 [Authentication] Constant login/logout of users
NC-46591 [Authentication] Guest user registration is not working if username is not based on cell number
NC-47038 [Authentication] Password complexity alert on dashboard remains after setting strong password
NC-47933 [Authentication] Chromebook log files not rotating
NC-49930 [Authentication] Access server service is restarting with coredump
NC-49677 [Backup-Restore] tmp partition gets full with backup intended for Central synchronization
NC-46118 [CSC] Not possible to edit business application rule
NC-49648 [CSC] API Get BridgePair requests sometimes report incorrectly "No. of records Zero."
NC-47884 [Email] Mail notification stops working after migrating from CROS to SFOS
NC-48092 [Email] IPReputation Service shows as stopped on dashboard when Email and WAF module not subscribed
NC-50528 [Email] Patch Exim (CVE-2019-15846)
NC-47512 [Firewall] IP-list in DNAT rule does not work if service object contains TCP & UDP port combination
NC-48803 [Firewall] Virtual Host update is calling on every FQDN IP update even its not used in virtual host configuration
NC-50222 [Firewall] Firewall rule position display is incorrect on rule deletion
NC-51079 [Firewall] Invalid traffic config takes effect only after reboot - Garner flooded with firewall dropping events
NC-51181 [Firewall] Invalid messagid(0) log being sent to garner from pktcapd
NC-50191 [Firmware Management] Device rebooting continuously while boot with SFOS firmware version after migration from CROS
NC-51607 [Firmware Management] Smaller devices in HA are not able to migrate to v18.0
NC-47546 [HA] Delay in routing traffic during HA failover when interfaces without an IP address are configured
NC-50786 [Interface Management] Webadmin Interface page with lots of devices stops loading after 7 minutes
NC-46908 [IPS Engine] IPS double free or corruption (!prev): 0x000000000a9c69e0
NC-45317 [IPsec] Overload protection for IPsec IKE daemon
NC-46550 [L2TP] L2TP disconnects after rekey and doesn't reconnect
NC-44124 [Licensing] Registration page shows up in HA setup after upgrading to 17.5 to 17.5 MR1
NC-33302 [Logging Framework] HttpProxy Dead-Epoll worker coredump
NC-47183 [Logging Framework] Reports in Control Center shown with delay
NC-48106 [Logging Framework] XG85 - /tmp partition fills up
NC-50024 [Logging Framework] Improper input validation in email notification after failed login (Webadmin, SSH, ...)
NC-50127 [Logging Framework] Garner coredump in HA setup at handle_sync_input
NC-50493 [Logging Framework] S2S IPsec logging in LogViewer is inconsistent
NC-49273 [Reporting] Filtering on blocked user activities not working as expected
NC-47823 [SecurityHeartbeat] heartbeatd libssl segfaults
NC-48453 [SecurityHeartbeat] When heartbeat switch is toggled, in UI SAC switch is not updated
NC-49791 [SecurityHeartbeat] Heartbeat status not behaving as expected when the client machine has multiple IPs
NC-49852 [SFM-SCFM] SSH got exposed on XG after new firewall rule is pushed from SFM
NC-43977 [UI Framework] Incorrect message shown after disabling/enabling any device access services in Central Firewall UI
NC-30827 [WAF] Double quotes in site path rules breaks WAF when reverse authentication is used
NC-49251 [WAF] Newly created duplicate WAF policy not taking precedence
NC-49777 [WAF] Frontend realm and cookie secret not unique for default authentication profiles
NC-49906 [WAF] Limited cross-site scripting in mod_proxy (CVE-2019-10092)
NC-50172 [Web] Conform to Apple's new certificate requirements (awarrenhttp)
NC-47617 [Wireless] API - 'update' operation does not work
NC-47975 [Wireless] Remove/Disable simplified bridge does not work
NC-48628 [Wireless] TX/RX UI values are mixed up for 2.4Ghz network

Weitere Informationen erhaltet Ihr in der Sophos Community. Eine Anleitung, wie man das Update manuell installiert, findet Ihr hier: How to upgrade the firmware.