R77.30 Take 292: New Jumbo Hotfix GA Release

Danny — Wed, 03 Jan 2018 15:12:39 GMT

A new General Availability Jumbo Hotfix Accumulator take for R77.30 (Take 292) is available.

Take_292 is the latest General Availability release that can be directly downloaded from Check Point Cloud using CPUSE and from sk106162

Take	Date	CPUSE Identifier	CPUSE offline package
Take_292	19 Dec 2017	Check_Point_R77_30_JUMBO_HF_1_Bundle_T292_FULL.tgz	(TGZ)

Note: Effective Dec 19th 2017, the General Availability Take_292 is available for CPUSE online installation in Gaia Portal and Gaia Clish (it replaces Take_286).

It includes important stability and security software updates:

ID	Product	Symptoms
Take 292 (19 Dec 2017) - General Availability Take
02563960	IPS	fwd process or fw_full process on Security Gateway consumes memory at high level after installing Take 206 of R77.30 Jumbo Hotfix Accumulator (sk117655)
02569432	Threat Emulation	When Threat Emulation was configured to send some of the files to the cloud and some locally, the files were sent only locally and not to the cloud. In this release, the configuration in the GUI will take effect and files will be sent to emulation according to the policy.
02659361	ClusterXL	SNMP query returns wrong outputs for haClusterIpTable
02665619	SNX	In rare cases, client running Windows 10 Anniversary update experiences disconnections within SNX tunnel.
02656968	Security Gateway	In rare scenarios, when working with Dynamic Objects, NAT rules are not applied anymore after policy installation or update of software blades signatures. This causes traffic outage for all connections that should undergo NAT.
02536207	VSX	Added: Ability to query specific Virtual Device directly using the IP address of the Virtual System. Ability to query SNMP daemons in the contexts of Virtual Devices sent to the IP Address of VSX Gateway itself using SNMPv1, SNMPv2 and SNMPv3. New OIDs in the SNMP VSX tree: Memory usage for each Virtual System. CPU usage for each Virtual System for each core.
02659849	VoIP	Data connections of H323 protocol were not opened correctly in VSX cluster environments.
02660349	DLP, Threat Extraction	Security enhancements for Data Loss Prevention and Threat Extraction blades
02659678	Threat Emulation	Links inside email with Domain suffix (e.g. www.example.com) were emulated as com files.
02661043	SmartLog	Improved stability of "`smartlog_server`" process when running queries in SmartLog GUI to several Log Servers. Refer to sk112826. Note: This fix is relevant for any Take of R77.30 Jumbo Hotfix Accumulator between Take 198 and Take 286 including.
02655985	SmartLog	Improved stability of "`smartlog_server`" process when activating the "Auto Refresh" button in SmartLog GUI (upper right corner) for several hours.
02555984	Security Gateway, Security Management Server, Multi-Domain Security Management Server	Improved memory consumption by FW process and FWD process. Refer to sk117655. Note: This fix is relevant for any Take of R77.30 Jumbo Hotfix Accumulator between Take 206 and Take 286 including.
02590882	SmartEvent	New events are not created in SmartEvent GUI, and "`ERROR: duplicate key value violates unique constraint "seam_event_XXX_pkey"`" in $RTDIR/log/cpsemd.elg file. Refer to sk105185.
02532160	SecureXL	For 21000 appliances with SAM card, improved stability of SAM card when running the "`cpstop -fwflag -driver`" command as a part of kernel memory leak detection procedure. Refer to sk35496.
02401494	VoIP	Improved check for memory allocation failures under heavy load of VoIP traffic.
02573235	VSX	Improved support for Connectivity Upgrade (CU) in VSX VSLS. Note: This fix is relevant for any Take of R77.30 Jumbo Hotfix Accumulator between Take 198 and Take 286 including.

Notes:

For Threat Emulation customers that do not allow automatic updates from the cloud, and following the integration of TLS1.2 support,

it is important to update the Threat Emulation Engine according to the next SK: sk92509 - Offline updates for Threat Emulation images and engine.

For all ThreatEmulation E-Mail users:

Check your custom postfix modifications after the upgrade.

This JHF GA also includes a known issue with emulation of links in email - sk118280:

It is therefore important to disable “Emulation of links in email” until the TE Engine 6.9 is deployed

when installing this JHF GA build:

1. vi $FWDIR/conf/mail_security_config

2. add “te_mta_emulate_links_inside_emails=0” under "[mta]" section

3. Save and install policy

4. When TE engine 6.9 is deployed revert the above setting, Save and install policy.

Re: R77.30 Take 292: New Jumbo Hotfix GA Release

Sean_Tracey — Thu, 01 Feb 2018 16:01:16 GMT

Hi, has anyone had a chance to install? Would be interested to hear about how it went, and if there were any issues encountered during upgrading.

Re: R77.30 Take 292: New Jumbo Hotfix GA Release

KennyManrique — Thu, 01 Feb 2018 19:43:58 GMT

Hello,

On tuesday I upgraded one customer's Appliance (Standalone) from take 178 to this take.

I did not have issues during upgrand and so far, everithing is working right. Anyway, dont forget to do a snapshot before.

Regards.

Re: R77.30 Take 292: New Jumbo Hotfix GA Release

Billye_Moore — Fri, 23 Feb 2018 19:26:54 GMT

I had one issue with 292, I had a device patch in order to manage 1400 series FW's that had to be removed prior to installing. Found out during the install

topic Re: R77.30 Take 292: New Jumbo Hotfix GA Release in General Topics

R77.30 Take 292: New Jumbo Hotfix GA Release

Re: R77.30 Take 292: New Jumbo Hotfix GA Release

Re: R77.30 Take 292: New Jumbo Hotfix GA Release

Re: R77.30 Take 292: New Jumbo Hotfix GA Release