R80.40 Jumbo Hotfix Take 180

Note - This Take contains all fixes from all earlier Takes.

ID	Product	Description
Take 180 Released on 20 September 2022 and declared as Recommended on 30 October 2022
PRJ-41081, PMTR-86078	Security Management	UPDATE: If ISP Redundancy is configured for a target Security Gateway, backup interfaces are now used for pushing policy if the primary interface is down.
PRJ-36205, PRHF-22196	Security Management	Migration from the Management Server to the Domain Server may get stuck for 6-7 hours and then fail.
PRJ-38216, PRHF-22973	Security Management	If Log Domain reassignment fails, an Application Control and URL Filtering update may get stuck at 70 percent showing the "Running post update actions" status.
PRJ-38453, PRHF-23314	Security Management	High Availability synchronization may fail with the "Failed to update shared licenses" error.
PRJ-34237, PRHF-20836	Security Management	Migration of the Security Management Server to the Multi-Domain Management Server may fail.
PRJ-38179, PRHF-22647	Security Management	Deleting a Domain operation may fail with an "internal error" when more than one of the Security Gateways in the Domain points to the same cluster object in the NAT configuration.
PRJ-37910, PRHF-22870	Security Management	The flag "--method" for a CME command is not supported in SmartConsole Command Line.
PRJ-39208, PRHF-23632	Security Management	The output of the "show opsec-application" API command may not show the host object name or UID.
PRJ-33920, PRHF-21160	Security Management	Some unused sessions may remain open in the system, consuming memory and CPU.
PRJ-41096, PMTR-81750	Security Management	The "CPLogGetMyIp: fwobj_get_myown failed" error may be printed in CLI when starting cpboot.
PRJ-38787, PRHF-23476	Security Management	Install Policy Preset may fail with "The server did not provide a meaningful reply.". Refer to sk179524.
PRJ-39487, PRHF-23926	Multi-Domain Management	In some scenarios, in a Multi-Domain Management Server environment, SmartConsole may unexpectedly disconnect.
PRJ-38123, PRHF-23066	Multi-Domain Management	Although all Virtual Devices are deleted, deleting a Domain may fail with an "At least one Virtual Device is defined on this Domain/Domain Management Server. You need to delete all Virtual Systems/Routers prior to deleting Domain/Domain Management Server" message.
PRJ-40611, PRHF-24080	Compliance	In the Compliance Blade view, regulations with disabled best practices may display a result that does not correspond with the best practices listed below it.
PRJ-36190, PRHF-22004	Logging	UPDATE: Amended the override_server_setting.sh script to support changes in the values of RFL_SOLR_MAX_MERGE_COUNT and RFL_SOLR_MAX_MERGE_THREAD_COUNT.
PRJ-36019, PRHF-21398	Logging	In SmartView, the "Top Users that Downloaded Malicious Files" widget in the "Hosts that Encountered Malicious files" view may show no results, although there are matches.
PRJ-39588, PRHF-23981	Logging	The FWD process may unexpectedly exit and create core dump files.
PRJ-30963, EPS-562	Logging	In some scenarios, the Forensics report fails to open from Harmony Endpoint logs.
PRJ-36475, PRHF-22241	Logging	In SmartConsole, when Endpoint Policy Management Blade is enabled, the "SmartView server certificate is invalid" error may be shown when opening a new tab in the Logs & Monitor view. Refer to sk177713.
PRJ-40356, PRHF-24410	Logging	In some scenarios, the FWD process may unexpectedly exit in a Log Server environment. Refer to sk179596.
PRJ-34678, PMTR-75424	Security Gateway	UPDATE: Decreased the threshold for connections suspected as heavy from 5 to 3 seconds. Refer to sk164215.
PRJ-40509, PMTR-85083	Security Gateway	UPDATE: Added a defense mechanism against partial header attacks known as "Slowloris DoS" (CVE-2007-6750).
PRJ-38912	Security Gateway	When Anti-Virus Blade is enabled, there may be a continuous high memory consumption which can lead to latency.
PRJ-34402, PRHF-21418	Security Gateway	Deleting IP addresses in the SAM Database may fail.
PRJ-40253, PRHF-24323	Security Gateway	There may be a delay in the Logging view when more than 1000 Security Gateways are connected to the same Log Server.
PRJ-34170, PRHF-20978	Security Gateway	After an upgrade, in a setup with a single Virtual System (VS), the Security Gateway may crash.
PRJ-41454, PMTR-86925	Security Gateway	During a DDoS attack, the CPD and CPRID processes may unexpectedly exit with core dump files and cause latency.
PRJ-40861, PMTR-74446	Security Gateway	Improved the recovery mechanism for Dynamic Balancing.
PRJ-39518, PMTR-83692	Security Gateway	Output of the "dynamic_objects -uo_show" command on the Security Gateway may not show any updatable objects. Refer to sk178886.
PRJ-40791, PMTR-85514	Security Gateway	Enhanced connectivity during HTTP2 Inspection.
PRJ-40014, PRHF-24223	Security Gateway	The Security Gateway with VPN may drop the traffic after enabling BGP and Equal Cost Multipath (ECMP).
PRJ-38589, PMTR-79658	Security Gateway	In a cluster environment, an ICAP implied rule may not be enforced after policy installation.
PRJ-27777, PMTR-70632	Security Gateway	The RAD daemon may fail and create core dump files on VSX Gateways.
PRJ-39987, PRHF-20730	Threat Prevention	UPDATE: In the Custom Intelligence Feeds feature, decreased the hash indicators loading time.
PRJ-40431, PMTR-84242	Threat Prevention	UPDATE: The "Global Detect" value will now be updated in the "ips stat" command output.
PRJ-29734, PMTR-71844	Threat Prevention	SCP connections may get terminated with a protocol error.
PRJ-39160, PMTR-83274	Identity Awareness	The Nested Groups Depth value changed in CLI may not survive a reboot.
PRJ-39830, IDA-4187	Identity Awareness	Removed unnecessary debug messages in the Identity revocation flow.
PRJ-35834, PMTR-71684	Identity Awareness	Memory consumption may increase after policy installation when Secure ID is configured.
PRJ-36383, PRHF-22069	Application Control	The /var/log/messages directory may be flooded with "appi_app_db_get_kattrib_info: attribs hash does not exist" messages. A Security Gateway may be slow or unresponsive. Refer to sk178406.
PRJ-29434, PRHF-17678, PRJ-37279, PRHF-21170	URL Filtering	When the Security Gateway works in proxy mode, the Application Control and URL Filtering rules may not match correctly.
PRJ-30744, PRHF-19698	IPS	Logs generated by IPS Bypass may not show the correct CPU/Memory Utilization.
PRJ-37725, PRHF-22465	DLP	DLP logs for files uploaded to Microsoft OneDrive may not show the initial file names and extensions. Refer to sk178290.
PRJ-39150, PRHF-21088	Anti-Bot	Downloading or opening the packet capture file from the Anti-Bot log entries may fail with a "File fetching is still in progress" message. When opening the capture file link in the log entry in SmartConsole, the "Failed getting the incident file from the gateway. It may be expired" error is shown.
PRJ-40259, PMTR-83847	SSL Inspection	The WSTLSD process may unexpectedly exit and produce a core dump file during certificate chain verification.
PRJ-34072, PRHF-21065	Mobile Access	Manual Web Form Single Sign-On (SSO) may fail when passwords contain special characters.
PRJ-38434, PMTR-82133	Mobile Access	When installing a specific hotfix, the CVPND process may unexpectedly exit.
PRJ-39957, PMTR-84213	ClusterXL	During a Multi-Version Cluster (MVC) upgrade, there may be state flapping when using the sync interface MAC address bit "02".
PRJ-39838, PMTR-84079	ClusterXL	When reconnecting the OSPF interface on both members in a cluster, a failover may occur when receiving a ROUTED PNOTE on the Active member.
PRJ-40199, PMTR-84253	ClusterXL	In a cluster configured in the Active-Active mode, there may be connectivity issues when one of the cluster interfaces is down on one of the cluster members.
PRJ-37942, PRHF-22882	ClusterXL	In a VSX cluster with three or more members, sudden failover and recovery of the Standby VS may occur, causing termination of connections from the Active member. Refer to sk179446.
PRJ-37630, PRHF-22691	SecureXL	UPDATE: The MSS value in the SYN Cookie response can now be configured.
PRJ-39072, PRHF-22676	SecureXL	UPDATE: Added a new kernel parameter "fw_allow_reverse_syn" for Smart Connection Reuse. This parameter allows or drops SYN packets coming from the reverse direction. The parameter is set to 0 by default, the Security Gateway drops such packets. Refer to sk24960.
PRJ-36857, PRHF-21863	SecureXL	Policy installation may cause cluster failover and impact the traffic flowing through the cluster.
PRJ-40218, PMTR-63465	SecureXL	In a rare scenario, ipsctl kernel module does not load at startup.
PRJ-40293, PMTR-81618	SecureXL	A kernel memory leak may occur in an environment with a cluster in Active/Standby bridge mode.
PRJ-40746, PRHF-24743	Routing	The ROUTED process may unexpectedly exit when querying BGP data.
PRJ-40090, PMTR-84418	Routing	When running CPView and working in Source-Specific Multicast Mode (PIM-SSM) simultaneously, the ROUTED process may unexpectedly exit and create a core dump file.
PRJ-40843, PMTR-85427	VPN	UPDATE: Added a configurable protection for blocking brute-force attacks on VPN SNX portal. Refer to sk180271.
PRJ-40752, PMTR-85206	VPN	Resolved the “HTTP Response splitting” vulnerability in Security Gateway portals. Refer to sk179705.
PRJ-40662, PRHF-24446	VPN	There may be a low throughput in a Site-to-Site VPN tunnel between two VSX Gateways with enabled Multi-Queue.
PRJ-38632, PRHF-23424	VPN	Connection to Endpoint Security Client from the Remote Access VPN may be lost when the VPN tunnel timeout is reached. Refer to sk178891.
PRJ-40384, PMTR-84477	VPN	The "Unable to open '/dev/fw0': No such file or directory" error may be printed during cpstart.
PRJ-40581, PMTR-84124	VPN	Connection over NAT-T tunnels may not be distributed well between instances of the Security Gateway with CoreXL enabled.
PRJ-37783, PMTR-82856	VPN	In SmartView Monitor (SVM), the status of tunnels with third-party peers may be inaccurate. Refer to sk169121.
PRJ-39980, PMTR-83520	VSX	The vsx_util upgrade or downgrade operation may silently fail to update the database for one or more Virtual Systems (VSs). Refer to sk179591.
PRJ-40071, PRHF-24269	VSX	A "SIC Error for EntitlementManager: Peer sent wrong DN: CN=xxx,O=xxx" message may be displayed during boot or after running the "cpstart" command. Refer to sk179586.
PRJ-40249, PMTR-84229	VSX	In VSX, when deleting a warp interface (either by deleting the warp itself or by performing the "reset_gw" command, which deletes all Virtual Devices), the VSX Gateway may crash.
PRJ-34321, PMTR-60045	VSX	The MTU value configured in SmartConsole may differ from the Virtual Switch (VSW) MTU value in the output of the "ifconfig" command.
PRJ-40702, PMTR-81932	VSX	A member in a VSX cluster may get stuck in DOWN state with "Event Code CLUS-113200" and a FULLSYNC PNOTE "Could not start a connection to remote member".
PRJ-34094, PMTR-65030	VSX	When running the "vsx showncs" command, the "cannot retrieve vsid for VSW_gw" error may be shown.
PRJ-40359, PMTR-84809	VSX	Improved packet rate performance on warp interfaces.
PRJ-24565, PRHF-16407	Gaia OS	UPDATE: Added support for the Excluded Files feature (sk116679) for XFS file system on Kernel 3.10.
PRJ-40767, PMTR-81861	Gaia OS	IPv6 connections with Manual NAT rules may not be stable after enabling Neighbor Discovery Protocol (NDP) on a VLAN in the $FWDIR/conf/local.ndp file.
PRJ-40026, PRHF-24243	Gaia OS	A user locked by the deny-on-nonuse mechanism cannot get unlocked.
PRJ-40364, PMTR-84602	Gaia OS	Gaia Snapshot fails in Gaia Portal ("Maintenance" section > "Snapshot Management" page) - after clicking the "New" button, the progress gets to 100%, but the snapshot file is never created. Refer to sk180579.
PRJ-40669, ODU-478	HCP	Added Update 10 of HealthCheck Point (HCP) Release. Refer to sk171436.