Sophos heeft een nieuwe versie vrijgegeven van zijn Unified Threat Management, UTM in het kort, met 9.718 als versienummer. Deze software wordt zowel op fysieke hardware als in een soft appliance voor VMware, Hyper-V, Xen en KVM geleverd. Naast de betaalde varianten voor bedrijven biedt Sophos deze firewall voor thuisgebruik zonder kosten aan. Voor de verschillende image- en updatebestanden kun je terecht op het MySophos-portaal. De aankondiging van deze uitgave ziet er als volgt uit:
UTM Up2date 9.7 MR18 (9.718) released
We've just released UTM version 9.7 MR18 (9.718). As this is a regular maintenance update it will be released in three phases:Details of this release, along with previous releases, can be found on our official release notes page.
- In phase 1 you can download the update package from our download server. Click the link and navigate to the folder UTM / v9 / up2date.
Up2date package – 9.717 to 9.718 https://download.astaro.com/UTM/v9/up2date/u2d-sys-9.717003-718005.tgz.gpg
Md5sum is 61ab2c8f45baa2aace8dfa80446c7caa https://download.astaro.com/UTM/v9/up2date/u2d-sys-9.717003-718005.tgz.gpg.md5- During phase 2 we will make it available via our Up2Date servers in several stages.
- In phase 3 we will make it available via our Up2Date servers to all remaining installations.
Other newsRemarks
- Maintenance Release
- Security Release
Issues resolved
- System will be rebooted
- Configuration will be upgraded
- NUTM-14068 [Basesystem] Tar Vulnerability - CVE-2022-48303
- NUTM-14219 [Basesystem] Remove support for weak TLS signature algorithms in Web Admin and User Portal
- NUTM-14237 [Basesystem] Remove deprecated XSS protection header from Web Admin and User Portal
- NUTM-14285 [Basesystem] Disable session tickets on Web Admin and User Portal
- NUTM-14288 [Basesystem] Samba Vulnerability - CVE-2022-2127
- NUTM-14197 [Email] Email stuck in queue with scanner timeout
- NUTM-14289 [Endpoint] Remove Endpoint Protection from WebAdmin and system backend
- NUTM-14305 [Logging] Failed logins for SSL VPN Remote Access are not displayed in reports
- NUTM-14218 [RED] Disable DHE ciphers support for RED in UTM
- NUTM-14339 [WAF] Daily WAF Coredumps: Segmentation fault (11)
- NUTM-13182 [Web] Reflected XSS in Web Proxy - CVE-2021-4429
- NUTM-13988 [Web] Improve performance and error handling for AD SSO