R81.20 Jumbo Hotfix Take 41

Note - This Take contains all fixes from all earlier Takes.

ID	Product	Description
Take 41 Released on 20 November 2023 and moved to Recommended on 4 December 2023
PRJ-50104, PRHF-30325	Diagnostics	UPDATE: Added SecureXL SYN Defender metrics to Skyline. Refer to the Skyline Metrics Repository.
PRJ-49892, PMTR-95687	Security Management	UPDATE: Removed a redundant guava package.
PRJ-49825, PMTR-95347	Security Management	UPDATE: Upgraded the commons-compress-jar package from version 1.8 to version 1.22.
PRJ-49787, PMTR-95614	Security Management	UPDATE: properJavaRDP - an SNX-embedded application for Mobile Access is now blocked and is no longer supported because of deprecated Java library dependencies.
PRJ-50265, PRJ-49966, PRJ-48318, PRJ-49012, ODU-1121, ODU-1137 ODU-1256, ODU-1304	Web SmartConsole	UPDATE: New features and improvements are released in Take 81, Take 85 and Take 90 via self-updatable package. Refer to sk170314.
PRJ-49109, PMTR-94517	SmartConsole	UPDATE: Applied security related improvements to the Jetty open source library.
PRJ-50125, PRJ-50124, ODU-1217, ODU-1328	CPView	UPDATE: Added Take 68 and Take 70 of CPotelcol (OpenTelemetry Collector) Release Updates. Refer to sk180522.
PRJ-50043, ODU-1264	CPView	UPDATE: Added Take 14 of CPquid (QUID) Release Updates. Refer to sk181458.
PRJ-50093, PMTR-63855	Security Gateway	UPDATE: Improved traffic classification of GTP traffic on the Security Gateway to enhance the stability.
PRJ-49494, ODU-1170	Threat Prevention	UPDATE: Added Update 21 of Autonomous Threat Prevention Management integration Release. Refer to sk167109.
PRJ-49746, PMTR-95099	Mobile Access	UPDATE: SNX used to connect back to Mobile Access Blade's portal FQDN by resolving its IP address locally. This method makes it sensitive to DNS poisoning attacks such as those specified by TunnelCrack. Therefore, it was modified to connect back to the Security Gateway / Cluster member IP address by default.
PRJ-50418, PRHF-30748	CloudGuard Network	UPDATE: The automatic scanning of NSX-T IP ranges feature is now disabled by default. Refer to sk181614. See the Important Notes section.
PRJ-48340, ODU-1081	CloudGuard Network	UPDATE: Added Take 20 of Public Cloud CA Bundle. Refer to sk172188.
PRJ-49936	Harmony Endpoint	UPDATE: Upgraded symmetricDS to the 3.14.9 version.
PRJ-45981, ODU-1154	Scalable Platforms	UPDATE: Added Take 29 of Check Point Support Data Collector (CPSDC) for Scalable Platforms and Maestro Security Appliances. Refer to sk164414.
PRJ-50543, ODU-1113	HCP	UPDATE: Added Update 14 of HealthCheck Point (HCP) Release. Refer to sk171436.
PRJ-50030, PMTR-95988	Security Management	The Gaia Clish command "show configuration user" fails with "Segmentation fault" on a Management Server. Refer to sk181626.
PRJ-50899, PRHF-31187	Security Gateway	A double-free flaw that leads to a possible Security Gateway crash was identified. This release includes the fix to enhance system stability and security.
PRJ-50191, PMTR-96205	IPS	Policy installation may fail on Security Gateways with enabled IPS and configured Strict profile and IPv6.
PRJ-49379, PRHF-30056	SecureXL	SYN Defender may not correctly handle reused connections.
PRJ-49467, PRHF-30344	Scalable Platforms	On a Security Group with MDPS enabled: The "`asg perf`" command on a Security Group does not show any output - the Gaia OS prompt appears immediately after entering the command and pressing the Enter key. When running the "`mac_verifier`" and other commands on a Security Group, the output may show the error message "`mount of /sys failed: device or resource busy`". The "`distutil verify -v`" command on a Security Group returns "`verification failed`". After installing this Take, when MDPS plane separation is enabled, in the context of the Management plane, the directory /sys/class/net/ now shows interfaces that belong to the Data plane, although it should show interfaces that belong to the Management plane. See sk182076.