List of All Resolved Issues and New Features in R82 Jumbo Hotfix Accumulator

List of Takes

Take	Available Since	Recommended Since
R82 Jumbo Hotfix Take 10	27 Jan 2025	-

ID	Product	Description
Take 10 Released on 27 January 2025
Improvements and Resolved Issues
PRJ-56747, PMTR-106894	SmartConsole	UPDATE: Resolved CVE-2024-3596 - Blast-RADIUS attacks. Fix for Remote Access VPN and login to SmartConsole, Mobile Access and Identity Awareness Captive Portal. Refer to sk182516.
PRJ-58281, PMTR-97400	Security Gateway	UPDATE: Deprecated RC2-CBC cipher for SIC in OpenSSL.
PRJ-57491, PMTR-108994	Security Management	UPDATE: The Management API command "set-https-rule" now automatically sets the negative value to "false" when modifying the destination, source, service, or site-category fields, regardless of its previous setting.
PRJ-57066, PRHF-34509	SecureXL	UPDATE: Improved debugging in the Security Gateway to identify problematic hosts when resolving their next-hop IP addresses. The custom ADP queue size configuration now persists after rebooting the Security Gateway. The relevant global parameters are located in the $PPKDIR/conf/adpkern.conf file: "adp_nh_total_max_arp_qents" "adp_nh_local_max_arp_qents"
PRJ-58125, PMTR-106186	Scalable Platforms	UPDATE: Added support for Multicast Listener Discovery (MLD) on Maestro Hyperscale Orchestrator (MHO).
PRJ-57074, PRHF-35818	Security Management	In rare scenarios, when exporting policy hitcounts to CSV format, the "Hitcount" column may appear blank in the exported file.
PRJ-58104, PRHF-32246	Security Management	Audit logs may not be generated when changes are made to an inline (shared) layer that appears multiple times within the same policy.
PRJ-57319, PRHF-25950	Security Management	The Database Installation progress bar may not update during task execution.
PRJ-59004, PMTR-111056	Security Management	When editing the administrator expiration date, after publishing, the expiration date resets to "Never". Refer to sk182997.
PRJ-56542, PRHF-34752	Multi-Domain Security Management	In some scenarios, in a Multi-Domain Security Management environment, the Hit Count retention mechanism may not remove the Hit Count data from all the Domains.
PRJ-56532, PRHF-35418	Multi-Domain Security Management	The Multi-Domain Security Management Server experiences high CPU usage when communicating with the Multi-Domain Log Server. And the cpm.elg log prints the "You have reached the maximum number of active session" error. Refer to sk182738.
PRJ-57531, PRHF-36514	Multi-Domain Security Management	In rare scenarios, in Multi-Domain Security Management environments, login to SmartConsole fails.
PRJ-57310, MCFG-666	SmartConsole	SmartConsole fails to connect with "Unable to connect to server. Server is initializing". Refer to sk182507.
PRJ-57273, PMTR-108672	SmartConsole	When the Security Management has an additional NAT configuration in the SD-WAN policy (Infinity Portal), an indicating banner may not appear in SmartConsole NAT Rule Base. This is a cosmetic issue. Requires R82 SmartConsole Build 1051 or higher.
PRJ-58519, PMTR-110408	Logging	In some scenarios, in Log Servers or Multi-Domain Log Modules (MLM): The SOLR process consumes high CPU. There is a delay in displaying logs in the Logs view.
PRJ-58050, PMTR-109735	Security Gateway	In a rare scenario, the FWK process may exit when processing traffic over QUIC protocol.
PRJ-58659, PMTR-110556	Security Gateway	In a rare scenario, the FWK process may exit due to a race condition.
PRJ-56911, PRJ-56840, PRHF-33037, PRHF-35918	Security Gateway	The Security Gateway may crash after a failure in policy installation.
PRJ-56702, PRHF-35624	Security Gateway	Anti-Spoofing may drop IPv6 traffic that arrives at an interface with an IPv6 address configured. Refer to sk182725.
PRJ-57844, PMTR-109616	Security Gateway	In a rare scenario, when multiple Elephant Flows are running in parallel in the accelerated pipelining path, there may be high CPU utilization. Refer to sk183007.
PRJ-58100, PMTR-109857	Security Gateway	Traffic through specific interfaces is dropped when the QoS blade is active and "ISP redundancy-LS" is configured. Refer to sk182807.
PRJ-57109, PRHF-36116	Security Gateway	Memory leak may occur in SecureXL templates. Refer to sk182648.
PRJ-57895, PMTR-108660	Security Gateway	DoS protection and connection rate limiting configurations may fail to effectively enforce rules.
PRJ-57098, PMTR-108273	SD-WAN	In a rare scenario, when SD-WAN transport is incorrectly marked as "UP" despite its underlying ISP interface is "DOWN", traffic fails to reach the remote peer because of incorrect routing decisions.
PRJ-58021, PMTR-109729	Threat Prevention	In a VSX environment, enabling Threat Prevention blades may cause continuous file accumulation on the Security Gateway's hard drive.
PRJ-57007, PRHF-35823	Threat Prevention	In some scenarios, when Zero Phishing is enabled, kernel crash may occur.
PRJ-57926, PMTR-109709	Identity Awareness	Identity Broker Subscriber configured with recalculation of Access Roles does not match all Access Roles after the User and Machine are identified.
PRJ-56869, PRHF-35625, PRJ-56873, PRHF-35636	Identity Awareness	In rare scenarios: The PDPD process may become unresponsive during termination. PDP to PEP Identity synchronization fails on the PEP side when Identity Sharing is configured with PUSH Identity Sharing. Refer to sk182613.
PRJ-57046, PRHF-36045	Identity Awareness	In a rare scenario, the PDPD process may unexpectedly exit during policy installation.
PRJ-57411, PMTR-108321	SSL Inspection	The Trusted CA package update fails when the Security Management Server connects to the Internet only through a Proxy Server.
PRJ-57682, PRHF-36561	SecureXL	A memory leak may occur in the SIM process when using DOS/Rate Limiting rules.
PRJ-58592, PMTR-110486	SecureXL	When working with SecureXL in User mode (UPPAK), some CPUs may reach 100% utilization when enabling or disabling debug filters.
PRJ-57801, PMTR-109570	SecureXL	Policy installation failures can disrupt the expected behavior of "fwaccel dos" commands.
PRJ-57558, PRHF-34632	VPN	SSL Network Extender (SNX) traffic on Maestro may be dropped with "vpnk_tcpt invalid negative tunnel id". Refer to sk182806.
PRJ-56335, PRHF-35251	VPN	An ECDH object may be deleted before its associated event is completed processing.
PRJ-57901, PMTR-109649	VPN	After a cluster failover, VPN tunnels may be not stable.
PRJ-56499, PRHF-35416	VPN	There is no audio during the first 5 seconds of each VoIP call. Refer to sk182730.
PRJ-57825, PRHF-17665	VSX	Multi-Queue configuration does not survive reboot on VSX. Refer to sk173950.
PRJ-56915, PRHF-35806	VSX	In SmartConsole, in the Device and License Information view, the Compliance Blade license status may incorrectly display "Quota Exceeded" when Virtual Routers or Virtual Switches are present.
PRJ-57059, PRHF-34508	VSX	After a Jumbo Hotfix upgrade, the Mail Transfer Agent may fail on all Virtual Systems except one.
PRJ-56875, EPS-57790	Harmony Endpoint	During patch deployment in Posture Management, attempting to patch multiple systems for a specific application using the "Group By Application" option fails with the "Failed to Start Patching Process" error.
PRJ-57473, PRHF-36424	Scalable Platforms	In rare scenarios, Interface Active check may cause a Security Gateway crash when probing a local network.
PRJ-58056, PRHF-37015	Scalable Platforms	When handling multiple shared uplinks across numerous interfaces, errors related to LACP bond uplink updates may be printed in logs.
PRJ-58195, PMTR-109784	Scalable Platforms	In a rare scenario, the FWK process may unexpectedly exit and bring down the Security Gateway Member (SGM).
PRJ-58127, PMTR-109620	Scalable Platforms	In rare scenarios, authentication between MHOs is not established. Trying to establish authentication manually fails with the "TrustEstablishmentError: Failed to set up communication user on host 1_1: invalid literal for int() with base 10" error.