Sophos UTM: Neues Update (9.703-3)

Sophos hat das Update für die UTM auf die Version 9.703 in einer fehlerbereinigten Version veröffentlicht. Das Update hat zunächst diverse gravierende Probleme verursacht und wurde durch Sophos zurückgezogen. Mittlerweile liegt das Update mit der Versionsnummer 9.703-3 vor. Dieses Update soll die folgenden Probleme beheben:

• [NUTM-9381]: [Access & Identity] WebAdmin user getting an error while browsing ‚Sophos Transparent Authentication Status‘ tab
• [NUTM-11258]: [Access & Identity] [SAA] Wrong version of SAA displayed in Windows with MSI installer
• [NUTM-11578]: [Access & Identity] Patch strongSwan (CVE-2019-10155)
• [NUTM-11589]: [Access & Identity] [SAA] Add TLS 1.2 support for Windows client
• [NUTM-11590]: [Access & Identity] [SAA] Add TLS 1.2 support for macOS client
• [NUTM-11675]: [Access & Identity] Patch PPTP and L2TP pppd (CVE-2020-8597)
• [NUTM-11109]: [Basesystem] Status lights blinking green constantly on SG 1xx and XG 1xx series
• [NUTM-11255]: [Basesystem]  „Internet IPv6“ binding in case of multiple IPv6 uplinks
• [NUTM-11417]: [Basesystem] SG115rev3 HA eth3 interface flapping after update to 9.7
• [NUTM-11645]: [Basesystem] Patch libxml2 (CVE-2019-19956, CVE-2020-7595)
• [NUTM-11561]: [Configuration Management] Unable to load certificate list in WebAdmin when large number of certificates present
• [NUTM-10803]: [Email] S/MIME signed mails have an invalid signature if 3rd party CA is used
• [NUTM-11240]: [Email] Recipient verification fails due to incomplete LDAP search query
• [NUTM-11662]: [Email] Bad request for release mails out of the quarantine report after update to 9.7 MR1
• [NUTM-11485]: [Kernel] Patch Linux Kernel (CVE-2019-18198)
• [NUTM-11288]: [Localization] AWS Current Stack link is incorrect
• [NUTM-11081]: [Network] Up-link balancing not clearing conntracks when interface goes down
• [NUTM-11218]: [Network] ulogd restarting/core-dumps
• [NUTM-11614]: [Network] Increase GARP buffer
• [NUTM-11676]: [Network] Patch pppd (CVE-2020-8597)
• [NUTM-11573]: [RED] RED interface doesn’t obtain IP after UTM reboot
• [NUTM-11467]: [RED_Firmware] RED15w WPA/WPA2 enterprise cannot connect
• [NUTM-11822]: [RED_Firmware] RED15 firmware update might fail if flash has bad blocks
• [NUTM-11378]: [Reporting] Top5 Malware won’t be displayed in Executive Reports if those are sent as PDF
• [NUTM-11220]: [Sandstorm] When opening Sandstorm activity which contains Korean characters for example, you get this error „cannot decode string with wide characters at encode.pm line 174“
• [NUTM-10202]: [UI Framework] [SAA] Live user table doesn’t scale with very long names
• [NUTM-11084]: [UI Framework] Webadmin Information popup not visible
• [NUTM-11191]: [UI Framework] Can’t download certificate in WebAdmin when name contains apostrophe
• [NUTM-11584]: [UI Framework] Replace FTP Up2date download link in WebAdmin with HTTPs
• [NUTM-11598]: [UI Framework] Internal Server Error alert thrown with initial Webadmin request after installation
• [NUTM-11725]: [UI Framework] Update prototype
• [NUTM-11130]: [Web] Add configuration for savi_scan_timeout
• [NUTM-11346]: [Web] Warn page proceed fails due to missing parameters
• [NUTM-10269]: [Wireless] SSID stops broadcasting
• [NUTM-11581]: [Wireless] User with „Wireless Protection Manager“ rights is unable to change wireless settings if mesh is configured

Da Sophos immer wieder Probleme mit Updates hat, sollten die Updates zunächst in einer Testumgebung ausgiebig getestet werden. Das ursprünglich Update sorgte für Verbindungssaussetzer und Zugriffsprobleme, wie sich hier im Forum nachlesen lässt.

Das Update wird per Up2Date verteilt, wenn es noch nicht zur Installation angeboten wird, kann es aber auch hier runtergeladen werden:

https://ftp.astaro.com/UTM/v9/up2date/u2d-sys-9.702001-703003.tgz.gpg

Das Update lässt sich dann manuell einspielen:

Hier findet sich noch der Artikel bei Sophos zu dem Update:

https://community.sophos.com/products/unified-threat-management/b/blog/posts/utm-up2date-9-703-released