Sophos UTM Update 9.210 released

By | 10. Dezember 2014

In der letzten Woche hat Sophos ein Update seiner UTM auf Version 9.210 veröffentlicht. Neben weiterten Verbesserungen die Sie unter weiterlesen finden wurden durch dieses Update insbesondere Änderungen an den SMTP und POP3-Diensten vorgenommen. Das Update behebt Probleme im Bezug auf „Poodle“ (CVE-2014-3566).

Nachfolgend finden Sie eine detaillierte Aufstellung der Verbesserungen und Anpassungen:

Sophos UTM 9.210 – Details


  • Maintenance Release


  • System will be rebooted
  • Configuration will be upgraded
  • Connected Wifi APs will perform firmware upgrade


  • 27257 RED50 frequently reconnecting because configuring an Additional Address as UTM-Hostname is not supported
  • 27588 Unable to fetch POP3 accounts on iOS devices via POP3 Proxy
  • 27647 aua does not work with facility http while installing basic guard license
  • 27905 [BETA] log the mac addresses human readable with leading zeros in the packetfilter log
  • 28056 it’s not possible to view or download large log files in the webadmin because root partition is too small
  • 28400 Syslog not started after ipsbundle pattern installation
  • 28842 HA takeover if master reboots takes too much time
  • 28966 exceptions for Common Threat Filters do not work individually
  • 29412 Wireless Security Manager Role can’t accept new AP’s
  • 30800 [BETA] Some double byte characters aren’t filtered by DLP custom rule and AntiSpam Expressions filter.
  • 31083 Remote SSL VPN view is empty in printable configuration
  • 31340 rsyncd not started after switching to master mode (slave node hangs in syncing state)
  • 31387 is executed even if AD sync is disabled
  • 31534 Wrong date in executive report
  • 31581 Up2date pattern rpm’s fails to install if hostname contains ‘/’ character.
  • 31859 Make http proxy handle uncompressed DNS responses
  • 32034 Full transparent AD SSO redirect URL request gets dropped by packetfilter
  • 32079 UMTS modem device hanging
  • 32097 High load after pattern installation [9.2]
  • 32190 Policy tester always returns “allowed” if warn page is proceeded once
  • 32391 UMTS interface doesn’t come up again after the speed changed from 4G to 3G
  • 32433 Not possible to delete VPN tunnel managed by SUM after use “cleanup object”
  • 32537 Guest login fails in transparent browser auth mode if “terms of use” confirmation is required
  • 32552 Quarantined mail will be quarantine again after release with the same reason
  • 32588 Can’t restore backup beacause of an undefined value
  • 32602 Web control policy not applying to endpoints
  • 32604 Special characters like umlauts didn’t work in passwords with reverse authentication for the WAF
  • 32607 Not possible to use virtual mac on lag interfaces
  • 32683 Can’t send a VPN Profile to the SMC if the Organization Name includes a umlaut
  • 32690 It’s not possible to use Subfolders for Remote Log File Archives over SMB on CIFS share
  • 32696 Hotspot: only one login possible per username for backend authentication hotspot
  • 32703 Multicast traffic problems after upgrading to SG430 and 9.204
  • 32711 Mail preview should display kyrilic or chinese chars too.
  • 32713 Console keyboard doesn’t work
  • 32726 Dashboard does not show Antivirus active protocols for HTTP/S
  • 32794 segfault in get_amazonvpc
  • 32805 NETDEV WATCHDOG: eth0 (tg3): transmit queue 0 timed out
  • 32832 Remote Syslog Server IPv6 support
  • 32837 segfaults, error 4 in
  • 32851 Device auth reports wrong client information
  • 32852 Any SSL traffic through HTTP proxy gets classified as “Sophos Portal” if a “Sophos Portal” AppCtrl rule exists
  • 32870 fails to lookup trusted domains groups
  • 32940 SG550: Licensing does not work if module is relocated after installation
  • 32950 Configuring a whitelist in webfilter filter action appears in blacklist on UTM
  • 32957 winbindd died in kernel_vsyscall
  • 32969 Coredumps from reverseproxy after update to v9.206
  • 32972 IPS exception does not work for SID 18575
  • 32980 Remove RC4 from TLS ciphers in Exim
  • 33019 After upgrading to iOS 8 UTM does not recognize iOS anymore (Device-specific Authentication)
  • 33111 Group matching incorrect if user belongs to static and backend groups
  • 33277 [9.2] Add support for passthrough NTLM connection
  • 33307 Not possible to change TLS certificate
  • 33323 Using @ in hostname results in corrupt /etc/syslog-ng.conf
  • 33382 Config changes in IPsec remote access sometime causing a drop of established connections
  • 33429 AP100: Unable to authenticate with an SSID using a PSK with a dollar character
  • 33515 SMTP Vulnerability in SSL v3.0
  • 33516 POP3 Vulnerability in SSL v3.0
  • 33613 OS X HTTPS traffic identified as iOS