Sophos XG Firewall 17.5 MR8 Released

Sophos have released Sophos XG Firewall v17.5.8 MR8. Initially, the firmware will be available by manual download from the Licensing Portal. They then make the firmware available via auto-update to a number of customers, which will increase over time.

Please visit the following link for more information regarding the upgrade process: Sophos XG Firewall: How to upgrade the firmware.

Issues Resolved in SF 17.5 MR8

  • NC-47055 [Authentication] Support >48 characters password length for Radius Server
  • NC-46680 [Certificates] Completing CSR with certificate breaks SSL VPN
  • NC-48512 [Dynamic Routing (PIM)] Multicast traffic getting stopped after update of interface
  • NC-39749 [Email] Use FQDN in Quarantine Digest
  • NC-40831 [Email] Add capability to increase size of Mail Quarantine area in UI
  • NC-45305 [Email] SPX related reports not being displayed on the GUI
  • NC-48542 [Email] Potential RCE via arbitrary file creation vulnerability
  • NC-49003 [Email] Custom ports for SMTP proxy stopped working after 17.5
  • NC-46938 [FQDN] FQDNd doesn’t update/create ipset
  • NC-46401 [Import-Export Framework] “/conf” partition is at 100%
  • NC-47095 [Interface Management] TSO changes are not permanent in HA
  • NC-48031 [Interface Management] Wifi client did not get gateway and other config after reboot until enable and re-enable the wifi on client
  • NC-48487 [IPS Engine] Postgres taking high CPU
  • NC-48956 [IPS Engine] Modify IPS TCP Anomaly Detection setting to disabled in default setting
  • NC-46079 [Logging Framework] Garner coredump on aux node following upgrade to 17.5 MR3
  • NC-46780 [Logging Framework] Reports not being generated when Email Notification feature is enabled
  • NC-46879 [Sandstorm] Add support for Sandstorm’s Frankfurt data centre
  • NC-48718 [Service Object] Unable to edit service object that is assigned to a firewall rule
  • NC-43625 [UI Framework] Adding VLAN interface fails in IE in HA Active-Active mode
  • NC-45371 [UI Framework] Incorrect UI behavior for Web User Activities
  • NC-45495 [Web] Policy Tester UI and overlay issues
  • NC-45724 [Web] Full file download retry failure after 416 (Range Not Satisfiable) being returned by proxy
  • NC-47626 [Web] Web category “Hacking” should be classified as “Objectionable” instead “Acceptable”
  • NC-47075 [Wireless] Export of the WirelessAccessPoint does not contain the Group
  • NC-47115 [Wireless] WirelessAccessPoint includes the wrong value for <DynChan5GHz>
  • NC-47738 [Wireless] XML import is failing for wireless config failing when RADIUS Server and Pending Access Points data is present in import file

Download

To manually install the upgrade, you can download the firmware from the Licensing Portal. Please refer to Sophos XG Firewall: How to upgrade the firmware.

Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: