Enhancements and Resolved Issues in Fireware XTM v11.8.4
Release Notes 15
When you downgrade the Fireware XTM OS on your Firebox or XTM device, the firmware on
any paired APdevices is not automatically downgraded. We recommend that you reset the AP
device to its factory-default settings to make sure that it can be managed by the older version of
Fireware XTM OS.
Enhancements and Resolved Issues in Fireware XTM v11.8.4
Fireware XTM v11.8.4 addresses many previously reported bugs and enhancement requests, including the
issues shown below.
General
lThis release contains patches to OpenSSL version used in the appliance and the Mobile VPN with SSL
client. The patch addresses the following OpenSSL advisories CVE-2014-0195, CVE-2014-0221, CVE-
2014-0224, CVE-2014-3470.
lThis release resolves a Kernel vulnerability tracked under CVE-2014-0196. [80741]
lFeature keys with more than 1024 characters are now supported. [80403]
lThis release resolves a kernel crash. [79832]
lThis release resolves a kernel crash triggered by a SYN flood directed at the XTM device. [79909]
Proxies and Services
lHTTPS sessions started from Internet Explorer v10 or higher on Windows 8 now establish more quickly
when using an HTTPS proxy. [78793]
lA memory leak has been resolved that occurred when large files were transferred through the FTP
proxy. [79643]
lThis release resolves several proxy process crashes. [78665, 78819]
lThis release resolves an issue that caused traffic to fail when using the HTTP Proxy with WebBlocker.
When the issue occurred, this error showed in the log file: err webblocker[1903]: scan_wb: no
profile found.[80315]
lSeveral issues related to the use of inbound HTTPS content inspection have been resolved in this
release. [79235, 75725]
lThis release provides improvements to Application Control detection when not using HTTPS proxy with
content inspection. [81008, 80885, 81037]
lSeveral improvements were made to SIP ALG to improve one way audio during VoIP calls.[79962,
79311, 80385]
lThis release resolves several issues in which HTTPS web sites did not load correctly when using
HTTPS Content Inspection. [77987, 78807, 78939]
lThis release resolves an issue that caused excessive CPUuse when using the SMTP proxy with TLS.
[80328, 79733]
lThis release resolves an issue that caused a kernel crash when maximum command line length for the
FTP proxy is exceeded and auto-block is enabled. [79841]
lThis release resolves a proxy process crash when using IPS. [77948]
Authentication
lIf you use Active Directory (AD) authentication for Terminal Services users, a mismatch in capitalization
(case) between the domain name configured in Setup > Authentication > Servers and your actual AD
server no longer causes a failure to apply policies correctly to the users. [72721]
Terms of Use | Privacy Policy | DMCA Policy
2006-2021 Rsmanuals.com