Software-update: Sophos XG Firewall 18.0 MR1-Build396

Sophos heeft een nieuwe versie vrijgegeven van zijn XG Firewall met 18.0 MR1-Build396 als het versienummer. Deze software wordt zowel op fysieke hardware als in een soft-appliance voor VMware, Hyper-V, Xen en KVM geleverd. Naast de betaalde varianten voor bedrijven biedt Sophos deze firewall voor thuisgebruik zonder kosten aan, zoals op deze pagina te lezen is. Voor de verschillende image- en updatebestanden kun je terecht op het MySophos-portaal. De aankondiging van deze uitgave ziet er als volgt uit:

XG Firewall v18 MR-1-Build396

Hi XG Community!

We've released a new build of XG Firewall v18 MR1 (Build 396).

Enhancements
  • Supports new SD-RED 20 and SD-RED 60 devices
  • Previously released security hotfixes have been included in v18 MR-1-Build396. Hotfixes referenced in KBA135412, HF051220.1 and HF052220.1 have already been included in this release
  • XG Firewall web console now shows granular reasons for firmware upload failure
  • Quarantined emails can only be released from the User Portal only. Refer to KBA135515 for details
  • More than 50 issues resolved in this release (see Issues Resolved section below)
  • With the tremendous need for VPN connectivity during this challenging time, we have put together some important information here for you to achieve your networking needs
    • To configure VPN Remote Access on your Sophos XG Firewall.
    • To substitute XG for RED devices via Light-Touch deployment from Sophos Central.
    Note: Upgrading from SF 17.5 MR11/ MR12 to v18 MR-1-Build396 is now supported.
Issues Resolved in v18 MR1 (Build 396)
  • NC-60108 [API Framework] Preauth SQLi in apiInterface OPCODE
  • NC-59156 [CSC] Traffic not passing after upgrade to SF 18.0 MR1
  • NC-59300 [Email] Blind pre-auth SQLi in spxd on port 8094
  • NC-23160 [Firewall] LAN test failed in Port3 in SFLoader for 125/135 desktop model
  • NC-59586 [Network Utils] Remove MD5 remnant
  • NC-46109 [RED] No proper forwarding if bridging 3 or more RED s2s tunnels on an XG
  • NC-50796 [RED] All RED site to site tunnel restart when configuring one RED interface
  • NC-60162 [Reporting] Error 500 displayed for WebAdmin and UserPortal after HF4.1 applied on virtual XG
  • NC-60171 [Security, UI Framework] Admin to Superadmin privilege escalation
  • NC-59427 [SFM-SCFM] SQLi in User Portal
  • NC-59932 [UI Framework] Unable to login to user portal or admin using IE after HF4.1
Issues Resolved in the older release of v18 MR1 (Build 367)
  • NC-30903 [Authentication] STAS configuration is editable via GUI on AUX machine
  • NC-50703 [Authentication] Access server restarted with coredump using STAS and Chrome SSO
  • NC-50716 [Authentication] Cannot import LDAP server via XMLAPI if client cert is "None"
  • NC-54689 [Authentication] Support download certificate for iOS 13 and above
  • NC-55277 [Authentication] Service "Chromebook SSO" is missing on Zone page
  • NC-51660 [Backup-Restore] Restore failed using a backup of XG135 on SG230 appliance
  • NC-55015 [Bridge] Wifi zone is not displayed while creating bridge
  • NC-55356 [Bridge] TCP connection fails for VLAN on bridge with HA Active-Active when source_client IP address is odd
  • NC-52616 [Certificates] Add support for uploading of CRLs in DER format
  • NC-55739 [Certificates] EC certificate shows up as "RSA" in SSLx CA cert dropdowns
  • NC-55305 [CM (Zero Touch)] System don't restart on changing time zone while configured through ZeroTouch
  • NC-55617 [CM (Zero Touch)] Getting wrong error message in log viewer after ZeroTouch process
  • NC-55909 [Core Utils] Unable to see application object page on SFM
  • NC-30452 [CSC] Dynamic interface addresses not showing on Aux after failover
  • NC-55386 [Dynamic Routing (PIM)] PIM-SM import fails with LAG as dependent entity
  • NC-55625 [Dynamic Routing (PIM)] In HA with multicast interface, routes are not getting updated in the Aux routing table
  • NC-55461 [Email] After adding/edit FQDN host with smarthost, it is not displayed on the list until refresh the page
  • NC-58898 [Email] Potential RCE through heap overflow in awarrensmtp (CVE-2020-11503)
  • NC-55635 [Firewall] Display filter for forwarded is not working properly on packet capture page
  • NC-55657 [Firewall] HA backup restore fails when port name is different in backup and appliance
  • NC-55884 [Firewall] IPS policy id and appfilter id not displaying in firewall allow log in logviewer
  • NC-55943 [Firewall] Failed to resume existing connection after removal of heartbeat from firewall configuration
  • NC-57084 [Firewall] Custom DMZ not listed in dedicated link HA configuration
  • NC-44938 [Firmware Management, UX] Web UI does not surface reasons for firmware upload failure
  • NC-55756 [Gateway Management] Gateway isn't deleted from SFM UI after deleting it from SFM
  • NC-55552 [HA] WWAN interface showing in HA monitoring ports
  • NC-55281 [Import-Export Framework] Full configuration import fails when using third party certificate for webadmin setting
  • NC-55171 [Interface Management] VLAN Interface IP is not assigned via DHCP when gateway name uses some special characters
  • NC-55442 [Interface Management] DNS name lookup showing incorrect message
  • NC-55462 [Interface Management] Import fails on configuring Alias over VLAN
  • NC-55659 [Interface Management] Invalid gateway IP and network IP configured using API for IPv6
  • NC-56733 [Interface Management] Patch PPPd (CVE-2020-8597)
  • NC-51776 [IPS Engine] Edit IPS custom rule protocol doesn't work after creation
  • NC-51558 [IPsec] Add warning message before deleting xfrm ipsec tunnel
  • NC-55309 [Logging] Local acl rule not created through log viewer for IPv4 and IPv6
  • NC-50413 [Logging Framework] Gateway up event log for PPPoE interface not always shown in logviewer
  • NC-55346 [Logging Framework] Clear All for "Content filtering" does not clear SSL/TLS filter option
  • NC-56831 [Policy Routing] SIP traffic sometimes not working with SDWAN policy route
  • NC-46009 [SecurityHeartbeat] Spontaneous reconnects of many endpoints
  • NC-51562 [SecurityHeartbeat] Heartbeat service not started after HA failover
  • NC-52225 [Synchronized App Control] SAC page loading issues as the list of apps increases
  • NC-54078 [UI Framework] Internet Explorer UI issue on certain rules and policies pages
  • NC-56821 [Up2Date Client] SSL VPN downloading with the 0KB
  • NC-54007 [Web] File type block messages sometimes contain mimetype rather than file type
Versienummer 18.0 MR1-Build396
Releasestatus Final
Website Sophos
Download https://www.sophos.com/en-us/mysophos
Licentietype Freeware/Betaald

Door Japke Rosink

Meukposter

Feedback • 12-06-2020 10:54 0

12-06-2020 • 10:54

0

Bron: Sophos

Update-historie

27-02 Sophos Firewall OS 21 MR1 2
10-'24 Sophos Firewall OS 21.0 14
11-'23 Sophos Firewall OS 20.0 16
12-'22 Sophos Firewall OS 19.5 / 18.5 MR5 1
07-'22 Sophos Firewall OS 18.5 MR4 0
05-'22 Sophos Firewall OS 19.0 17
04-'21 Sophos XG Firewall 18.0 MR5 4
12-'20 Sophos XG Firewall 18.0 MR4 / 17.5 MR15 0
06-'20 Sophos XG Firewall 18.0 MR1-Build396 0
05-'20 Sophos XG Firewall 17.5 MR12 / 18.0 GA-Build379 0
Meer historie

Lees meer

Sophos Firewall OS

geen prijs bekend

Netwerk en systeembeheer Sophos

Reacties

-Moderatie-faq
0
0
0
0
0
0
Wijzig sortering

Er zijn nog geen reacties geplaatst

Op dit item kan niet meer gereageerd worden.

Apple iPhone 16e LG OLED evo G5 Google Pixel 10 Samsung Galaxy S25 Star Wars: Outlaws Nintendo Switch 2 Apple AirPods Pro (2e generatie) Sony PlayStation 5 Pro

Tweakers is onderdeel van DPG Media B.V.
Alle rechten voorbehouden - Auteursrecht © 1998 - 2025 Hosting door TrueFullstaq