New Jumbo Hotfix (Take 203) Ongoing Release

Yifat_Chen — Tue, 26 Mar 2019 07:27:26 GMT

R80.10 JHF Take #203 content:

Issue #	Resolved Issue Description
MTR-31335	Added support for 6500 and 6800 appliances. Refer to sk139932.
PMTR-33029, SMCPOL-195	OSE policy cannot be viewed without installing it on device.
PMTR-29497, PRHF-1960	Manual changes in INSPECT files under $FWDIR/lib directory of compatibility packages are not synchronized from active to standby Management servers. Refer to sk143792.
PMTR-29584, PMTR-29856, PMTR-29855	Policy installation fails with "IPv6 addresses domain is not supported for Remote Access VPN community" message when using Domain object in Remote Access encryption domain. Refer to sk142832.
PMTR-29921, PMTR-28958, PMTR-29923	"Error retrieving results" message is displayed in SmartConsole after searching for unused objects in Object Explorer.
PMTR-23744, MCFG-80	Unjustified validation error is displayed when installing Threat Prevention policy on Cluster object: "Threat Prevention requires topology to be defined. At least one internal, one external, and no undefined interfaces are required. Incorrectly defined topology impacts performance and security. Please install both Access Control and Threat Prevention policies after fixing the topology."
PMTR-28643, PMTR-28557	In some scenarios, running the fwm sic_reset command from Domain fails with "reset_objects: updateMultiple failed" message. Refer to sk142512.
PMTR-17991, PRHF-359, PRHF-714	In some scenarios, the Interpreter process stops working. Refer to sk132892.
PMTR-21787	CPView is not supported on Multi-Domain Security Management environments.
PMTR-8603, PMTR-30286	Multi-Domain Management GUI randomly does not reflect the Domain Management objects change.
PMTR-31520, PMTR-31800	When using the "add/set simple-gateway" API command and specifying backup log servers, the input servers are not saved in the same order as listed in the request.
PMTR-34013, API-595	Number of sessions in "Changes" list does not match the value of 'total'.
PMTR-28058, PMTR-31248	When an administrator publishes session for a different administrator, the name of the administrator that invoked the action will be written in the audit logs as the publisher.
PMTR-12448, PMTR-12430	When searching in the SmartConsole main search bar for network groups we can see some number of network groups, but the search inside the Logical Server object shows the different number of Logical server objects groups.
PMTR-30570, IDA-1120	Group update request is sent specifically to the originator LDAP server even if it is down. Refer to sk127833.
PMTR-21207, PMTR-20424	In rare scenarios, Security Gateway runs out of kernel memory and may stop processing traffic, printing "double record of connection" message in /var/log/messages file. Refer to sk143432.
PMTR-31314, PRHF-2244	In some scenarios, TCP state information is not displayed in the log despite being enabled in SmartConsole.
PMTR-21080, UP-251	A large number of Time objects used in the rule base may cause rulebase matching failures resulting in connectivity issues.
PMTR-17490, PRHF-642	When working with NAT on DNS payload and having disabled NAT rules, NAT on DNS payload may not work. Refer to sk132032.
PMTR-28414, PMTR-30657	When X-Forwarded-For (XFF) settings are enabled on one of the policy layers or/and on the Security gateway object, the/var/log/messages file shows errors related to asynchronous identity fetch. Refer to sk145673.
PMTR-11999, PMTR-3286	In some scenarios, creation of a new gateway upgrade to R80.10 fails with "An internal error has occurred. (Code: 0x8003001D, Could not access file for write operation)" message.
PMTR-25755	In some scenarios, IPS purge makes a deadlock for some GUI clients, resulting in "Timeout error" error.
PMTR-31100	In some scenarios, extracted Microsoft Azure files contain only blank pages.
PMTR-24066, PRHF-134	Non-ASCII named files cause the undecoded non-ASCII characters to appear in the Threat Emulation log.
PMTR-27876, AVIR-370	Traffic from the client to the bogus IP address is handled according to the Access Control policy, but not logged as "prevented". Refer to sk141853.
PMTR-30608, PMTR-29583	In rare scenarios, when the Log server miscalculates the available disk space, it may stop receiving logs from the connected gateways and cause the logs to accumulate locally on the Security gateway. Refer to sk146152.
PMTR-30217, TPM-1378	"A general error has occurred" message appears when trying to edit the IPS Protection settings.
PRHF-523, PMTR-16583	Some SMTP-related IPS Core Protections remain enabled despite the IPS is disabled.
PMTR-31135, SA-99	Mobile Access Portal Agent installation page is vulnerable for XSS attack in Chrome and Firefox.
PMTR-15461, PMTR-21043, PMTR-28348	Added support for i40evf driver.
PMTR-22503, MB-166, PMTR-28064	In some scenarios, virtio_net is not able to run multiqueue.
PMTR-35032	Important security update for IPSec Site-to-Site (S2S) VPN.
PMTR-27144, 02657434	Improved connectivity with 3rd party VPN peers using IKEv2. Refer to sk120835.
PMTR-30870, PMTR-21587	Connectivity improvements for certain Windows L2TP client versions. Refer to sk145895.
PMTR-19379, PMTR-23292, PMTR-23293, 02031663	The CLISH command "show arp table dynamic all" and Bash command "arp -an" show different entries. Refer to sk112753.
PMTR-15738, PRHF-270	In some scenarios, routed process stops working when a VPN tunnel interface is deleted without removing the dynamic routing protocols.
PMTR-18254, PMTR-18255 EPS-17135	In some scenarios, SmartEndpoint shows different numbers of reported "Anti-Malware signature was not upgraded in the last 72 hours" between the warnings and the Active alerts section.
PMTR-32542, PMTR-32187	After new Domain creation, logs from this Domain are not seen in SmartConsole.
PMTR-28470, PMTR-329	Before R80.10 Jumbo Hotfix Accumulator Take 189, the Probing feature is set, by default, to Fail Open. From Take 189, the default behavior is changed to Fail Close. Refer to sk104717.

Thanks

Release Managers Groups

Re: New Jumbo Hotfix (Take 203) Ongoing Release

Yifat_Chen — Mon, 20 May 2019 07:51:16 GMT

Take 203 moved to GA on May 13.

Thanks .

Re: New Jumbo Hotfix (Take 203) Ongoing Release

Tommy_Forrest — Thu, 17 Oct 2019 18:48:16 GMT

Where can one download Jumbo Hotfix Take 203 now that sk116380 has been updated to take 225?

I can't find it in the download center, either.

Re: New Jumbo Hotfix (Take 203) Ongoing Release

Yifat_Chen — Thu, 17 Oct 2019 20:08:31 GMT

Hi @Tommy_Forrest

For Smart-1 525/5050/5150, use this link Smart-1 Download Link

For all other, use this one - Download link

**Note - that in general - you can always contact customer support and they will provide the old takes.

Thanks,

Yifat Chen

topic Re: New Jumbo Hotfix (Take 203) Ongoing Release in General Topics

New Jumbo Hotfix (Take 203) Ongoing Release

Re: New Jumbo Hotfix (Take 203) Ongoing Release

Re: New Jumbo Hotfix (Take 203) Ongoing Release

Re: New Jumbo Hotfix (Take 203) Ongoing Release