Software-update: Sophos XG Firewall 17.5 MR12 / 18.0 GA-Build379

Sophos heeft nieuwe versies vrijgegeven van zijn XG Firewall met 17.5 MR12 en 18.0 GA-Build379 als versienummers. Deze software wordt zowel op fysieke hardware als in een soft-appliance voor VMware, Hyper-V, Xen en KVM geleverd. Naast de betaalde varianten voor bedrijven biedt Sophos deze firewall voor thuisgebruik zonder kosten aan, zoals op deze pagina te lezen is. Voor de verschillende image- en updatebestanden kun je terecht op het MySophos-portaal. De aankondigingen van deze uitgaves zien er als volgt uit:

XG Firewall 17.5 MR12 Released

Hi XG Community!

We've released XG Firewall 17.5 MR12. Initially, the firmware will be available by manual download from the Licensing Portal. We will gradually release the firmware via auto-update to customers.

Note: The upgrade from version 17.5 MR12 to 18.0 will follow soon.

News
  • Security Release
  • Fixes SQL injection vulnerability and malicious code execution in XG Firewall/SFOS detailed out in KBA135412
Note: Hotfix referenced in KBA135412 is NOT required for 17.5 MR12 as CVE-2020-12271 has been fixed in this release version.

Issues Resolved
  • NC-59408 [API Framework, UI Framework] SQLi prevention in hybrid request - ORM fields and mode parameters (CVE-2020-12271)
  • NC-58898 [Email] Potential RCE through heap overflow in awarrensmtp (CVE-2020-11503)
  • NC-59300 [Email] Blind pre-auth SQLi in spxd on port 8094
  • NC-59454 [UI Framework] Enable apache access logs
XG Firewall 18.0 GA-Build379 Released

Hi XG Community!

We've released XG Firewall 18.0 GA-Build379. Initially, the firmware will be available by manual download from the Licensing Portal. We will gradually release the firmware via auto-update to customers.

Security Release
  • Fixes SQL injection vulnerability and malicious code execution in XG Firewall/SFOS detailed out in KBA135412
Important note
  • This is a security release for v18 GA; incremental to the previous GA release 18.0 GA-Build354
  • We will soon have a re-release of v18 MR1 to support SD-RED devices and upgrade from v17.5 MR11/ MR12
  • You can upgrade from SFOS 17.5 (MR6 to MR10) to this release 18.0 GA-Build379
  • Hotfix referenced in KBA135412 is NOT required for 18.0 GA-Build379 as CVE-2020-12271 has been fixed in this release version
Issues Resolved in XG Firewall 18.0 GA-Build379
  • NC-59408 [API Framework, UI Framework] SQLi prevention in hybrid request - ORM fields and mode parameters (CVE-2020-12271)
  • NC-58898 [Email] Potential RCE through heap overflow in awarrensmtp (CVE-2020-11503)
  • NC-59300 [Email] Blind pre-auth SQLi in spxd on port 8094
  • NC-59454 [UI Framework] Enable apache access logs
Versienummer 17.5 MR12 / 18.0 GA-Build379
Releasestatus Final
Website Sophos
Download https://www.sophos.com/en-us/mysophos
Licentietype Freeware/Betaald

Door Japke Rosink

Meukposter

Feedback • 08-05-2020 09:14
0 • submitter: mikeoke

08-05-2020 • 09:14

0

Submitter: mikeoke

Bron: Sophos

Update-historie

27-02 Sophos Firewall OS 21 MR1 2
10-'24 Sophos Firewall OS 21.0 14
11-'23 Sophos Firewall OS 20.0 16
12-'22 Sophos Firewall OS 19.5 / 18.5 MR5 1
07-'22 Sophos Firewall OS 18.5 MR4 0
05-'22 Sophos Firewall OS 19.0 17
04-'21 Sophos XG Firewall 18.0 MR5 4
12-'20 Sophos XG Firewall 18.0 MR4 / 17.5 MR15 0
06-'20 Sophos XG Firewall 18.0 MR1-Build396 0
05-'20 Sophos XG Firewall 17.5 MR12 / 18.0 GA-Build379 0
Meer historie

Lees meer

Sophos Firewall OS

geen prijs bekend

Netwerk en systeembeheer Sophos

Reacties

-Moderatie-faq
0
0
0
0
0
0
Wijzig sortering

Er zijn nog geen reacties geplaatst

Op dit item kan niet meer gereageerd worden.

Apple iPhone 16e LG OLED evo G5 Google Pixel 10 Samsung Galaxy S25 Star Wars: Outlaws Nintendo Switch 2 Apple AirPods Pro (2e generatie) Sony PlayStation 5 Pro

Tweakers is onderdeel van DPG Media B.V.
Alle rechten voorbehouden - Auteursrecht © 1998 - 2025 Hosting door TrueFullstaq