Enhancements and Resolved Issues in Fireware v11.11.4
General
lThis release includes a localization update for WatchGuard System Manager and Fireware Web UI to
match Fireware v11.11 functionality for our French, Japanese, and Spanish (LA) users.
lThis release resolves a kernel crash on Firebox M400 and M500 appliances when using IPSec VPNs.
[90930]
lThis release includes multiple updates to the lighttpd service used by the Firebox web server to ensure
best cipher suite compatibility with modern web browsers. [91311]
lThis release resolves an issue that prevented changes from saving correctly from Fireware Web UI
when using the localized French interface. [92008]
lSeveral Fireware Web UI pages have been updated to guard against XSS injection attempts. [86039]
lThe Fireware Web UIConfiguration Report now correctly displays all ports and protocols for a firewall
policy when multiple ports and protocols are configured. [91347]
Proxies and Security Subscriptions
lThe SMTP and HTTPS proxy now support Perfect Forward Secrecy (PFS). [82389, 90567]
lThe HTTPS-proxy log messages now contain application identification information when Content
Inspection is not enabled. [87532]
lFor a new WebBlocker action, the Log this action option is now always enabled by default. [89834,
91177]
lThe HTTPS proxy no longer crashes when Content Inspection is enabled and an HTTPS request is sent
that uses an unsupported cipher. [91455]
lThis release resolves an issue introduced in Fireware v11.11.1 that prevented traffic from passing
through a proxy policy if the receiving interface has an MTU set below 1500. [91761]
lThis release resolves an issue that caused some unhandled denied traffic to show as allowed in the
traffic log message even though the traffic was denied. [91566]
lMobile Security trial licenses now work correctly. [91754]
lThe POP3 proxy now provides the ability to detect file extensions inside compressed attachments.
[89078]
lThis release improves the proxy detection of Visual Basic Script macros inside of Microsoft Office
documents. [91388]
lThis release resolves an issue that occurred when you edit an existing Explicit Proxy action where
Content Inspection is not enabled in CONNECT Tunneling. [91887]
lThe SMTP proxy Return-Receipt-To header rule now correctly matches the header field name. [91504]
lPOP3 proxy log messages now correctly include the User field. [91493]
lHTTP Proxy Exceptions now save correctly from the French localized Fireware Web UI. [92008]
lThe SIP ALG no longer crashes when referencing a pointer to a proxy connection structure that has
already been freed and is no longer valid. [91563]
lThis release updates the proxy handling of SSLv2 traffic. SSLv2 traffic will now pass through the
HTTPS-Proxy if Allow only SSL compliant traffic is not enabled and Content Inspection is disabled.
[91749]
lSSL unknown protocol event log messages no longer occur when incomplete SSLauthentication
connections are closed by the Firebox. An example of those log messages looks like this: SSL:1
error;140760FC:SSL routines;SSL23_GET_CLIENT_HELLO;unknown protocol.[91641]
Enhancements and Resolved Issues in Fireware v11.11.4
22 WatchGuard Technologies, Inc.
Terms of Use | Privacy Policy | DMCA Policy
2006-2021 Rsmanuals.com