Sophos hat die neue Firmware SFOS 17.5.9 MR 9 für XG veröffentlicht. Ihr könnt Euch das Update vom MySophos Account herunterladen und manuell installieren. Mit dem Update werden zwei Sicherheitslücken gefixt. Es handelt sich um die Lücken in Exim CVE-2019-15846 und WAF CVE-2019-10092. Erstere wird als kritisch eingestuft.
Es folgt die Liste der Bugfixes:
NC-45755 [Authentication] Delayed/timeout for login when users authenticated remotely NC-46473 [Authentication] Constant login/logout of users NC-46591 [Authentication] Guest user registration is not working if username is not based on cell number NC-47038 [Authentication] Password complexity alert on dashboard remains after setting strong password NC-47933 [Authentication] Chromebook log files not rotating NC-49930 [Authentication] Access server service is restarting with coredump NC-49677 [Backup-Restore] tmp partition gets full with backup intended for Central synchronization NC-46118 [CSC] Not possible to edit business application rule NC-49648 [CSC] API Get BridgePair requests sometimes report incorrectly "No. of records Zero." NC-47884 [Email] Mail notification stops working after migrating from CROS to SFOS NC-48092 [Email] IPReputation Service shows as stopped on dashboard when Email and WAF module not subscribed NC-50528 [Email] Patch Exim (CVE-2019-15846) NC-47512 [Firewall] IP-list in DNAT rule does not work if service object contains TCP & UDP port combination NC-48803 [Firewall] Virtual Host update is calling on every FQDN IP update even its not used in virtual host configuration NC-50222 [Firewall] Firewall rule position display is incorrect on rule deletion NC-51079 [Firewall] Invalid traffic config takes effect only after reboot - Garner flooded with firewall dropping events NC-51181 [Firewall] Invalid messagid(0) log being sent to garner from pktcapd NC-50191 [Firmware Management] Device rebooting continuously while boot with SFOS firmware version after migration from CROS NC-51607 [Firmware Management] Smaller devices in HA are not able to migrate to v18.0 NC-47546 [HA] Delay in routing traffic during HA failover when interfaces without an IP address are configured NC-50786 [Interface Management] Webadmin Interface page with lots of devices stops loading after 7 minutes NC-46908 [IPS Engine] IPS double free or corruption (!prev): 0x000000000a9c69e0 NC-45317 [IPsec] Overload protection for IPsec IKE daemon NC-46550 [L2TP] L2TP disconnects after rekey and doesn't reconnect NC-44124 [Licensing] Registration page shows up in HA setup after upgrading to 17.5 to 17.5 MR1 NC-33302 [Logging Framework] HttpProxy Dead-Epoll worker coredump NC-47183 [Logging Framework] Reports in Control Center shown with delay NC-48106 [Logging Framework] XG85 - /tmp partition fills up NC-50024 [Logging Framework] Improper input validation in email notification after failed login (Webadmin, SSH, ...) NC-50127 [Logging Framework] Garner coredump in HA setup at handle_sync_input NC-50493 [Logging Framework] S2S IPsec logging in LogViewer is inconsistent NC-49273 [Reporting] Filtering on blocked user activities not working as expected NC-47823 [SecurityHeartbeat] heartbeatd libssl segfaults NC-48453 [SecurityHeartbeat] When heartbeat switch is toggled, in UI SAC switch is not updated NC-49791 [SecurityHeartbeat] Heartbeat status not behaving as expected when the client machine has multiple IPs NC-49852 [SFM-SCFM] SSH got exposed on XG after new firewall rule is pushed from SFM NC-43977 [UI Framework] Incorrect message shown after disabling/enabling any device access services in Central Firewall UI NC-30827 [WAF] Double quotes in site path rules breaks WAF when reverse authentication is used NC-49251 [WAF] Newly created duplicate WAF policy not taking precedence NC-49777 [WAF] Frontend realm and cookie secret not unique for default authentication profiles NC-49906 [WAF] Limited cross-site scripting in mod_proxy (CVE-2019-10092) NC-50172 [Web] Conform to Apple's new certificate requirements (awarrenhttp) NC-47617 [Wireless] API - 'update' operation does not work NC-47975 [Wireless] Remove/Disable simplified bridge does not work NC-48628 [Wireless] TX/RX UI values are mixed up for 2.4Ghz network
Weitere Informationen erhaltet Ihr in der Sophos Community. Eine Anleitung, wie man das Update manuell installiert, findet Ihr hier: How to upgrade the firmware.
Pingback: Sophos XG SFOS 17.5 MR8 verfügbar… - SULT.eu IT-Blog
Update ist hier im HA im Einsatz und läuft gut.
Freut mich, danke für die Rückmeldung bzw. für Deinen Kommentar!