[SUS – Update] Watchguard Fireware 12.1.3

Neues Update verfügbar – Watchguard Fireware 12.1.3

Eine neue Firmware für die Watchguard Fireware 12.1.3 wurde veröffentlicht. Auf die Veröffentlichung folgt auch ein Update des Watchguard System Manager 12.1.3. Beide Versionen können hier über die Seite des Herstellers heruntergeladen werden.

Changelog Watchguard Fireware 12.1.3

Release Notes Watchguard Fireware 12.1.3

General

• This release removes weak ciphers that do not support forward secrecy from the Firebox web server. [FBX-10752]
• Web pages served by the Firebox now include security headers outlined in the OWASP Secure Headers Project in HTTP responses. [FBX-9691]
• This release resolves a vulnerability that made possible a SAML assertion replay attack against the Access Portal. [FBX-9731]
• This release corrects the Japanese localization of FireCluster upgrade error messages in Fireware Web UI. [FBX-10941]
• Firebox System Manager no longer reports an error when you view the Front Panel of a Firebox Cloud instance. [FBX-10910]
• Firebox System Manager no longer frequently disconnects when you connect to a Firebox with an older version of Fireware. [FBX-11814]
• This release resolves an issue that prevented certificate sync when the Firebox first joins a FireCluster. [FBX-11449]
• This release resolves an issue that caused all authenticated sessions to terminate after configuration changes are made to authentication server settings with Fireware Web UI. [FBX-11263]

Integrations

• This release resolves an issue that resulted in Autotask creating unintended duplicate configurations. [FBX-11533]
• Fireware Web UI no longer allows invalid configuration options that cause AutoTask to fail. [FBX-11771]

Networking

• This release resolves an issue that caused the Firebox to stop replying to DHCP requests. [FBX-9213, FBX-10643]
• This release resolves an issue that caused DHCP relay to stop working after a Firebox reboot. [FBX-11464]
• This release resolves an issue that caused the removal of the default route after PPPoE interface re-negotiation. [FBX-11668]
• The Huawei E3372 modem now works correctly. [FBX-10888]
• This release resolves an issue with the WebUI that prevented changing the Link Monitor settings on T10/T15 when using a Modem as external interface. [FBX-11040, FBX-10535]
• The Enable Link-Monitor check box no longer re-selects itself after you disable it. [FBX-10214]
• Policy Manager now correctly allows configuration of Multi-Wan for T15 Fireboxes with Fireware Pro. [FBX-11500]

Centralized Management

• Management Server now correctly restricts configuration options for active Directory based on RBAC role.[FBX=9167]

VPN

• Mobile VPN with SSL download page no longer fails to load for two-factor authentication users. [FBX-10085]
• This release resolves an issue that caused the Mobile VPN with SSL process to crash when FIPS is enabled on Firebox. [FBX-2558]
• BOVPN over TLS clients can now connect to a remote VPN server with its primary server configured as a domain name. [FBX-11556]
• This release resolves a kernel crash that occurs when Mobile VPN with SSL traffic is sent through a Virtual Interface (VIF). [FBX-11800]
• This release adds enhancements to BOVPN Dead Peer Detection when the Firebox is located behind a NAT device. [FBX-11192]
• This release adds several IPSec BOVPN stability improvements for Fireboxes in a NAT environment. [FBX-11188]
• This release resolves an issue that causes Managed Branch Office VPN tunnels to restart when the the Management server changes the Firebox configuration. [FBX-11400]
• SLVPN Management tunnels can now use the # symbol as the first character of the password. [FBX-11271]
• This release resolves an issue that caused packet loss through Branch Office VPN on M4600 and M5600 with large amounts of traffic. [FBX-11584]

Proxies and Services

• This release reduces load on the Firebox processor caused by excessive proxy log messages.[FBX-10691]
• The HTTP proxy no longer fails to get the MD5 hash during a file upload when the file exceeds the Gateway AV scan limit.[FBX-11577]
• This release improves IPS and Application Control scanning when Content inspection is enabled on T15, T30 and XTM330 platforms.[FBX-11354]
• IMAP proxy connection count is now correctly reported in Proxy Connection Statistics for connections handled by the TCP-UDP proxy. [FBX-10586]
• This release resolves an issue that caused some websites to fail to load in the Chrome browser for connections through the HTTPS proxy with TCP MTU probing enabled. [FBX-11280]
• A FireCluster member without a DNSWatch license will now correctly register to the DNSWatch service when it becomes Master. [FBX-10180]
• This release resolves an issue that prevented HostWatch from correctly displaying data related to SIP and H323 proxies. [FBX-10238]
• This release includes several improvements in Proxy memory usage. [FBX-11465, FBX-9256, FBX-10886]
• This release resolves a memory leak that occurred when the IMAP proxy was enabled. [FBX-11255]
• This release resolves an issue that prevented mail from downloading through the IMAP proxy with log messages that included: “fail to parse fetch argument list”. [FBX-10782]
• The status of Content Inspection is now included in IMAP proxy log messages when viewed from the Fireware Web UI.[FBX-10822]
• Log messages generated by the IMAP Proxy now include the TLS Profile name configured in the proxy. [FBX-10125]

Wireless

• Gateway Wireless Controller updates of AP420 and AP325 no longer fail because of an AP reboot during the upgrade process. [FBX-11081]
• This release resolves an issue that caused the Firebox T35-W model to crash when wireless is enabled. [FBX-9760]

Software Liste

Eine Übersicht über alle Software die von mir überprüft und gemeldet wird, findet ihr hier – Software-Liste. Sobald ein neues Software Update verfügbar ist, melde ich euch das über die bekannten Wege. Solltet ihr eine Software vermissen, dann meldet Sie mir einfach über diese Seite.