Red Hat SATELLITE 5.0.0 RELEASE NOTES Instrukcja Użytkownika Pobierz pdf (Strona 43)

Palo Alto Networks PAN-OS 6.1 Release Notes • 43

PAN-OS 6.1.0 Addressed Issues

For new features, associated software versions, known issues, and changes in default behavior, see PAN-OS 6.1

Release Information.

The following is a list of issues that are fixed in the PAN-OS 6.1.0 release:

If you have asymmetric routes in your network, before upgrading to 6.1.0, use the following

command to ensure session continuity: set deviceconfig setting tcp

asymmetric-path bypass. And, if you have attached a zone protection profile, you must also

use the following command: set network profiles zone-protection-profile

<profile-name> asymmetric-path [bypass | global].

Issue Identifier Issue Description

69173

Under certain conditions, unspecified layering of packet-level evasions could be used

to bypass signature matching of the session.

68708

Addressed the bash vulnerability CVE-2014-7169 that relates to how environment

variables are processed when the shell starts up. This fix prevents a user with an

account on the firewall, from using the vulnerability to gain escalated privileges.

67833

While generating a tech support file on Panorama, private information was not being

removed correctly from files within a device group if the device group had a space in

its name. With this fix, device groups with spaces in their names are handled correctly

when generating a tech support file.

67814

Panorama displayed the secure-proxy-password in the web interface under Panorama

> Setup > Services

and in the CLI. With this fix, Panorama encrypts the

secure-proxy-password and downgrade attempts to versions which show the

secure-proxy-password will fail until you remove the secure-proxy-password from the

configuration.

67788

The configuration log on Panorama displayed the secure-proxy-password. With this

fix, the configuration log encrypts the secure-proxy-password.

67782

If a policy had more than one tag, and you wanted to filter the policies based on one

tag but not the other tag, the logic failed and the filter did not work. With this fix, the

filter is working as expected.

67720

The Network Processing Card (NPC) on the PA-7050 firewall continually restarted

when link errors were present, causing a system restart to occur. An update to the

internal link failure recovery logic now prevents system restarts when link errors are

present.

67674

Resolved an issue where a misspelling in a label in the PAN-TRAPS.my MIB file

resulted in a failure to load the MIB.

67268

When configuring DNS sinkhole, the firewall was unable to display the IP address of

the client that was initiating corrupt DNS requests in the logs. With this fix, the logs

display the source IP address of the client.

1 2 ... 38 39 40 41 42 43 44 45 46 47 48 ... 51 52

Komentarze do niniejszej Instrukcji

Brak uwag

Red Hat SATELLITE 5.0.0 RELEASE NOTES Instrukcja Użytkownika Strona 43

Komentarze do niniejszej Instrukcji

Powiązane produkty i podręczniki dla Oprogramowanie Red Hat SATELLITE 5.0.0 RELEASE NOTES