R80.10: New Jumbo Hotfix (Take 185) On-Going Release

Yifat_Chen — Tue, 22 Jan 2019 12:04:59 GMT

A new On-Going Jumbo Hotfix Accumulator take for R80.10 (Take185) is available. Please refer to sk116380

To get this take please use the package identifier mentioned in sk116380.

Product	Description
Security Management	Values updated in resourceProfiles files to handle high CPU utilization for "Java" process (described in sk123417) are not resistant and get overridden after Jumbo Hotfix Accumulator installation or backup/restore or export/import procedures.
Security Management	Once user performs any change to his configuration, the Compliance blade performs a partial scan and calculates the relevant Best practices. During this scan, exceptions of relevant objects for these Best practices are deleted. Meaning, if previously obj1 was excluded from applying Best practice #1, during partial scan obj1 will be relinked to Best practice #1.
Security Gateway	Added support for NAT on payload of H323 packets when different IP addresses are used for payload and control.
Security Gateway	In some scenarios, traffic is dropped when using non-FQDN Domain object in policy.
Identity Awareness	In some scenarios, Identity Agent fails to authenticate using Kerberos SSO due to very large Kerberos ticket and the agent fallback to User/Password authentication. Refer to sk145832.
Anti-Malware	Added support for more than 10000 IOC indicators to improve capacity and performance.
Threat Emulation	Added ability to update Threat Emulation file types in an offline environment.
Threat Extraction	The scrub_cleanup script fails to delete files when there is a large amount of files (over 5000) in the /tmp/scrub directory.
SmartConsole	"Error: SIC initialization failed because of failure in parsing the certificate file" error when user attempts to log in with certificate to API (mgmt_cli) with password including "!".
SmartConsole	"Synchronization with Check Point UserCenter" feature displays "Synchronization with Check Point UserCenter requires a valid license." warning message even though all licenses are valid.
SmartConsole	Web API show-package fails if the package was installed on a cluster member which is already deleted. Refer to sk144132.
Logging	When Security gateway is configured to send alerts only to a specific Log server, logs may be written locally on the gateway instead to be sent to the Log server.
Logging	After upgrading from R80.10 to Jumbo Hotfix Accumulator Take 142 or higher, emails from Check Point server arrive with blank email body. Refer to sk142492.
Logging	When scheduled log switch is set to midnight in SmartConsole, logs and indexes are not being deleted according to configuration.
Logging	After Daylight saving time change, the logs from the time of change until the end of the day are not indexed and the "Illegal instant due to time zone offset transition (daylight savings time 'gap')" error is displayed in solr.elg file.
Logging	In some scenarios, Log indexer stopped indexing logs because of a corrupted row in FetchedFiles.
VPN	Remote Access VPN connectivity process when authenticating with certificates was improved.
VPN	After Cluster failover, VPN tunnel is down and "Unknown SPI for IPsec packet" log is shown. Refer to sk112339.
HTTPS Inspection	When HTTPS Inspection is enabled and "Hide X-Forwarded-For in outgoing traffic" option is selected, the XFF header is not obfuscated on HTTPs traffic.
SSL Inspection	Change SSL Network Extender on MacOS to 64-bit architecture to support 32-bit apps depreciation in OSX.
SSL Inspection	Traffic to HTTPS websites is dropped on "Unknown Traffic" category, if the certificate length sent from web server exceeds the limit. Refer to sk105321.
SSL Inspection	Added support to custom extension used by Apple.
ClusterXL	In some scenarios, local traffic between cluster members is dropped due to out of state. Refer to sk123795.
SecureXL	Memory consumption on Security Gateway increases after enabling NetFlow v9 in Gaia OS. Refer to sk118719.
SecureXL	Connectivity issues with "handle_outbound_pac, Reason: connection not found" debug messages on dropped traffic. Refer to sk101134, Scenario 2.
Gaia OS	When using conv2db to recreate Gaia database from /config/active, comments are not skipped and the new database file may contain irrelevant information. Refer to sk139832. Note: the issue is cosmetic only.
Gaia OS	The "iotop" command does not work on Smart-1 525, 5050 and 51580 appliances.
Gaia OS	CVE-2018-15473: Username enumeration is possible due to a premature bail-out while dealing with a malformed packet. The issue exists in several authentication protocols.
Gaia OS	Connectivity problem for 10 Gigabit fiber network interfaces (be2net driver) after upgrade from R77.30.
Gaia OS	In some scenarios, BIOS sensor randomly goes into "unknown" state. Refer to sk138332.
VSX	In some scenarios, vpnd process stops working and there is no decrypt log.
VSX	There is no failover after disabling a monitored VLAN after upgrade to R80.10. Refer to sk128692.
VSX	Traffic from a Virtual System in VSX Cluster to Security Management Server is dropped with "Local interface address spoofing" log. Refer to sk110473.

topic R80.10: New Jumbo Hotfix (Take 185) On-Going Release in General Topics

R80.10: New Jumbo Hotfix (Take 185) On-Going Release