R81.10 Jumbo Hotfix Take 128
|
|
Note - This Take contains all fixes from all earlier Takes. |
|
ID |
Product |
Description |
|---|---|---|
|
Take 128 Released on 6 November 2023 |
||
|
PRJ-49938, PRJ-49979 |
Security Management |
UPDATE: Removed a redundant rule-assistant.war package. |
|
PRJ-49824, PMTR-95347 |
Security Management |
UPDATE: Upgraded the commons-compress-jar package from version 1.8 to version 1.22. |
|
PRJ-49695, PMTR-96310 |
Security Management |
UPDATE: Upgraded the Jackson Java library from version 2.5.0 to version 2.11.3. |
|
PRJ-49786, PMTR-95614 |
Security Management |
UPDATE: properJavaRDP - an SNX-embedded application for Mobile Access is now blocked and is no longer supported because of deprecated Java library dependencies. |
|
PRJ-49891, PMTR-95687 |
Security Management |
UPDATE: Removed a redundant guava package. |
|
PRJ-50264, PRJ-49965, PRJ-49011, ODU-1137, ODU-1256, ODU-1304 |
Web SmartConsole |
UPDATE: New features and improvements are released in Take 81, Take 85, Take 88 and Take 90 via self-updatable package. Refer to sk170314. |
|
PRJ-49108, PMTR-94517 |
SmartConsole |
UPDATE: Applied security related improvements to the Jetty open source library. |
|
PRJ-50325, PRJ-50324, PRJ-50124, ODU-1217 |
CPView |
UPDATE: Added Take 68 and Take 70 of CPotelcol (OpenTelemetry Collector) Release Updates. Refer to sk180522. |
|
PRJ-50042, |
CPView |
UPDATE: Added Take 14 of CPquid (QUID) Release Updates. Refer to sk181458. |
|
PRJ-50092, PRHF-30702 |
Security Gateway |
UPDATE: Improved traffic classification of GTP traffic on the Security Gateway to enhance the stability. |
|
PRJ-49493, |
Threat Prevention |
UPDATE: Added Update 21 of Autonomous Threat Prevention Management integration Release. Refer to sk167109. |
|
PRJ-49745, PMTR-95099 |
Mobile Access |
UPDATE: SNX used to connect back to Mobile Access Blade's portal FQDN by resolving its IP address locally. This method makes it sensitive to DNS poisoning attacks such as those specified by TunnelCrack. Therefore, it was modified to connect back to the Security Gateway / Cluster member IP address by default. |
|
PRJ-49937, PRJ-49936 |
Harmony Endpoint |
UPDATE: Upgraded symmetricDS to the 3.14.9 version. |
|
PRJ-45980, |
Scalable Platforms |
UPDATE: Added Take 29 of Check Point Support Data Collector (CPSDC) for Scalable Platforms and Maestro Security Appliances. Refer to sk164414. |
|
PRJ-50542, |
HCP |
UPDATE: Added Update 14 of HealthCheck Point (HCP) Release. Refer to sk171436. |
|
PRJ-48878, |
Security Management |
|
|
PRJ-49204, |
Security Management |
Refer to sk181471. See the Important Notes section. |
|
PRJ-50082, PMTR-96031 |
Threat Prevention |
In rare scenarios, the FW1 process may stop working when at least one of these features is enabled:
|
|
PRJ-50190, PMTR-96205 |
IPS |
Policy installation may fail on Security Gateways with enabled IPS and configured Strict profile and IPv6. |
|
PRJ-50639, |
ClusterXL |
ARP requests sent with VMAC from the Standby member may cause MAC flapping. See the Important Notes section. |
|
PRJ-49905, |
Routing |
When BGP local address is configured, BGP peer may fail to establish. See the Important Notes section. |
|
PRJ-49653, |
Scalable Platforms |
In a Quantum Maestro / Scalable Chassis environment, there may be a delay during TCP start negotiation for fully accelerated connections, which are distributed asymmetrically. For example, C2S distribute to member 1_1 and S2C to member 1_2. To maintain the original behavior (prior to R81.10 Jumbo Hotfix Take 128), follow these steps before starting the Jumbo Hotfix Accumulator upgrade:
Refer to sk181464. See R80.20 SmartConsole Releases. |