Take 73 - Ongoing
List of Resolved Issues and New Features
|
Note - This Take contains all fixes from all earlier Takes. |
ID |
Product |
Description |
---|---|---|
Take 73 Released on 8 April 2019 |
||
PMTR-31335 |
General |
Added support for 6500 and 6800 appliances. Refer to sk139932. |
PMTR-23799 |
General |
Added ability to FW Monitor to support monitoring of accelerated traffic by default. Refer to sk30583. |
PMTR-29498, |
Security Management |
Manual changes in INSPECT files under $FWDIR/lib directory of compatibility packages are not synchronized from active to standby Management servers. Refer to sk143792. |
PMTR-29853 |
Security Management |
Policy installation fails with "IPv6 addresses domain is not supported for Remote Access VPN community" message when using Domain object in Remote Access encryption domain. Refer to sk142832. |
PMTR-29923, |
Security Management |
"Error retrieving results" message is displayed in SmartConsole after searching for unused objects in Object Explorer. |
PMTR-34653, |
Security Management |
After installing R80.20 Jumbo HFA Take 33, newly created users fail to log in into local SmartView WebUI, receiving the "Invalid username and password" error. |
PMTR-23745, |
Security Management |
Unjustified validation error is displayed when installing Threat Prevention policy on Cluster object: |
PMTR-34017, |
SmartConsole |
Number of sessions in "Changes" list does not match the value of 'total'. |
PMTR-31336, |
SmartConsole |
When searching in the SmartConsole main search bar for network groups we can see some number of network groups, but the search inside the Logical Server object shows the different number of Logical server objects groups. |
PMTR-31641, |
SmartConsole |
FWM process unexpectedly exits after repeatedly clicking "Update Corporate Gateways" in SmartConsole. |
PMTR-31044 |
SmartConsole |
When an administrator publishes session for a different administrator, the name of the administrator that invoked the action will be written in the audit logs as the publisher. |
PMTR-31136 |
Mobile Access |
Mobile Access Portal Agent installation page is vulnerable for XSS attack in Chrome and Firefox. |
PMTR-29243, |
Security Gateway |
When routed syslog is enabled, the "show configuration routedsyslog" command does not show any output. |
PMTR-33631, |
Security Gateway |
In some scenarios, Security Gateway crashes when Priority Queue is enabled. Refer to sk149414. |
PMTR-34473, |
Security Gateway |
R80.20 bridge with no VLAN configuration may cause connectivity disruptions on VLAN-tagged traffic passing through it. |
PMTR-30245, |
Security Gateway |
In rare scenarios, Security Gateway crashes during file upload to Google drive when Content Awareness Blade is enabled. |
PMTR-33140, |
Security Gateway |
In a rare scenario, TCP segments of HTTPS payload are missing in Mirror and Decrypt designated interface. |
PMTR-33559, |
Security Gateway |
Users are not matched to access roles with nested LDAP groups or LDAP groups with filter. |
PMTR-31049, |
Security Gateway |
Group update request is sent specifically to the originator LDAP server even if it is down. Refer to sk127833. |
PMTR-26374, |
Security Gateway |
Added support for ICAP client working with Symantec DLP ICAP server. |
PMTR-27196, PMTR-24606 |
Security Gateway |
Starting from SmartConsole Build 46, added automatic Implied Rule for ICAP Server to allow connectivity with trusted ICAP clients. |
PMTR-31315, |
Logging |
In a rare scenario, TCP state information is not displayed in the log despite being enabled in SmartConsole. |
PMTR-32876, |
UserCheck |
Potential memory leak in rare scenarios when UserCheck is used on HTTP connection. |
PMTR-30599 |
UserCheck |
When switching from manual expiration date in User Template to "According to global properties", the actual expiration date is not changed. |
PMTR-31422 |
Threat Extraction |
When configuring scrub_additional_file_types to "all" and enabling block_unsupported_files, file types that have no extension are not stripped. |
PMTR-30657 |
Identity Awareness |
When X-Forwarded-For (XFF) settings are enabled on one of the policy layers or/and on the Security gateway object, the /var/log/messages file shows errors related to asynchronous identity fetch. Refer to sk145673. |
PRHF-523, |
IPS |
Some SMTP-related IPS Core Protections remain enabled despite the IPS is disabled. |
PMTR-33238, |
IPS |
R77.x gateways managed by R80.x Security Management show that IPS Blade is enabled while it is disabled on the gateway object. |
PMTR-35032 |
VPN |
Important security update for IPSec Site-to-Site (S2S) VPN. |
PMTR-31860, |
VPN |
Connectivity improvements for certain Windows L2TP client versions. Refer to sk145895. |
PMTR-23293, |
Gaia OS |
The CLISH command "show arp table dynamic all" and Bash command "arp -an" show different entries. Refer to sk112753. |
PMTR-32129, |
Gaia OS |
Added 'pigz' and 'unpigz' binaries. |
PMTR-30225, |
Gaia OS |
Enhancement: Administrators are allowed to use personal, remotely managed password to login to Expert mode, instead of the shared "expert password". |
PMTR-28064 |
SecureXL |
In some scenarios, virtio_net is not able to run multiqueue. |
PMTR-33811, |
CPView |
"Connections from templates" property shows incorrect value Network tab ->Traffic-> Templates of CPView. |
PMTR-29063, |
Endpoint |
"User was not authenticated" errors in Capsule Docs when activating Single Sign-On in the policy. |
PMTR-30683, |
Compliance |
The grc_conditions3.xml and grc_controls.xml files in R80.20 are overwritten by the files of R80.10 from the Cloud. |