R81.20 Jumbo Hotfix Take 41
|
Note - This Take contains all fixes from all earlier Takes. |
ID |
Product |
Description |
---|---|---|
Take 41 Released on 20 November 2023 and declared as Recommended on 4 December 2023 |
||
PRJ-50104, PRHF-30325 |
Diagnostics |
UPDATE: Added SecureXL SYN Defender metrics to Skyline. Refer to the Skyline Metrics Repository. |
PRJ-49892, PMTR-95687 |
Security Management |
UPDATE: Removed a redundant guava package. |
PRJ-49825, PMTR-95347 |
Security Management |
UPDATE: Upgraded the commons-compress-jar package from version 1.8 to version 1.22. |
PRJ-49787, PMTR-95614 |
Security Management |
UPDATE: properJavaRDP - an SNX-embedded application for Mobile Access is now blocked and is no longer supported because of deprecated Java library dependencies. |
PRJ-50265, PRJ-49966, PRJ-48318, PRJ-49012, ODU-1121, ODU-1137 ODU-1256, ODU-1304 |
Web SmartConsole |
UPDATE: New features and improvements are released in Take 81, Take 85 and Take 90 via self-updatable package. Refer to sk170314. |
PRJ-49109, PMTR-94517 |
SmartConsole |
UPDATE: Applied security related improvements to the Jetty open source library. |
PRJ-50125, PRJ-50124, ODU-1217, |
CPView |
UPDATE: Added Take 68 and Take 70 of CPotelcol (OpenTelemetry Collector) Release Updates. Refer to sk180522. |
PRJ-50043, |
CPView |
UPDATE: Added Take 14 of CPquid (QUID) Release Updates. Refer to sk181458. |
PRJ-50093, |
Security Gateway |
UPDATE: Improved traffic classification of GTP traffic on the Security Gateway to enhance the stability. |
PRJ-49494, |
Threat Prevention |
UPDATE: Added Update 21 of Autonomous Threat Prevention Management integration Release. Refer to sk167109. |
PRJ-49746, PMTR-95099 |
Mobile Access |
UPDATE: SNX used to connect back to Mobile Access Blade's portal FQDN by resolving its IP address locally. This method makes it sensitive to DNS poisoning attacks such as those specified by TunnelCrack. Therefore, it was modified to connect back to the Security Gateway / Cluster member IP address by default. |
PRJ-50418, PRHF-30748 |
CloudGuard Network |
UPDATE: The automatic scanning of NSX-T IP ranges feature is now disabled by default. Refer to sk181614. See the Important Notes section. |
PRJ-48340, |
CloudGuard Network |
UPDATE: Added Take 20 of Public Cloud CA Bundle. Refer to sk172188. |
PRJ-49936 |
Harmony Endpoint |
UPDATE: Upgraded symmetricDS to the 3.14.9 version. |
PRJ-45981, |
Scalable Platforms |
UPDATE: Added Take 29 of Check Point Support Data Collector (CPSDC) for Scalable Platforms and Maestro Security Appliances. Refer to sk164414. |
PRJ-50543, |
HCP |
UPDATE: Added Update 14 of HealthCheck Point (HCP) Release. Refer to sk171436. |
PRJ-50030, PMTR-95988 |
Security Management |
The Gaia Clish command "show configuration user" fails with "Segmentation fault" on a Management Server. Refer to sk181626. |
PRJ-50899, PRHF-31187 |
Security Gateway |
A double-free flaw that leads to a possible Security Gateway crash was identified. This release includes the fix to enhance system stability and security. |
PRJ-50191, PMTR-96205 |
IPS |
Policy installation may fail on Security Gateways with enabled IPS and configured Strict profile and IPv6. |
PRJ-49379, PRHF-30056 |
SecureXL |
SYN Defender may not correctly handle reused connections. |
PRJ-49467, PRHF-30344 |
Scalable Platforms |
On a Security Group with MDPS enabled:
After installing this Take, when MDPS plane separation is enabled, in the context of the Management plane, the directory /sys/class/net/ now shows interfaces that belong to the Data plane, although it should show interfaces that belong to the Management plane. See sk182076. |