cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted
Employee++
Employee++

R80.10: New Jumbo Hotfix (Take 189) GA Release

A new GA Jumbo Hotfix Accumulator take for R80.10 (Take 189) is available. 

This take is  available for download to all via CPUSE (as recommended) and via sk116380

R80.10 JHF T189 is the same as T185 with additional fix

  • Resolved issues of takes 185 & 189:

ID

Product

Description

 Take 189

PMTR-32542,
PMTR-32187

Multi-Domain Management

After new Domain creation, logs from this Domain are not seen in SmartConsole. 

Take 185 

PMTR-29919,
PMTR-27655

Security Management

Values updated in resourceProfiles files to handle high CPU utilization for "Java" process (described in sk123417) are not resistant and get overridden after Jumbo Hotfix Accumulator installation or backup/restore or export/import procedures.

PMTR-25817,
PMTR-25793

Security Management

Once user performs any change to his configuration, the Compliance blade performs a partial scan and calculates the relevant Best practices. During this scan, exceptions of relevant objects for these Best practices are deleted. Meaning, if previously obj1 was excluded from applying Best practice #1, during partial scan obj1 will be relinked to Best practice #1. 

PMTR-26826,
PMTR-25909

Security Gateway

Added support for NAT on payload of H323 packets when different IP addresses are used for payload and control.

PMTR-28490,
DO-902

Security Gateway

In some scenarios, traffic is dropped when using non-FQDN Domain object in policy. 

PMTR-27366,
IDA-1609

Identity Awareness

In some scenarios, Identity Agent fails to authenticate using Kerberos SSO due to very large Kerberos ticket and the agent fallback to User/Password authentication. Refer to sk145832.

PMTR-21925,
CP-299

Anti-Malware

Added support for more than 10000 IOC indicators to improve capacity and performance. 

PMTR-24802,
PMTR-28320

Threat Emulation

Added ability to update Threat Emulation file types in an offline environment.

PMTR-27869,
PMTR-27889

Threat Extraction

The scrub_cleanup script fails to delete files when there is a large amount of files (over 5000) in the /tmp/scrub directory.

PMTR-26537,
PMTR-26474

SmartConsole

"Error: SIC initialization failed because of failure in parsing the certificate file" error when user attempts to log in with certificate to API (mgmt_cli) with password including "!". 

PMTR-29457,
PMTR-26606

SmartConsole

"Synchronization with Check Point UserCenter" feature displays "Synchronization with Check Point UserCenter requires a valid license." warning message even though all licenses are valid. 

PMTR-25588,
API-512

SmartConsole

Web API show-package fails if the package was installed on a cluster member which is already deleted. Refer to sk144132.

PMTR-29045,
SL-1538

Logging

When Security gateway is configured to send alerts only to a specific Log server, logs may be written locally on the gateway instead to be sent to the Log server. 

PMTR-29008,
SL-1878

Logging

After upgrading from R80.10 to Jumbo Hotfix Accumulator Take 142 or higher, emails from Check Point server arrive with blank email body. Refer to sk142492.

PMTR-25638,
SL-1752

Logging

When scheduled log switch is set to midnight in SmartConsole, logs and indexes are not being deleted according to configuration.

PMTR-26697,
PMTR-26696,
CP-11

Logging

After Daylight saving time change, the logs from the time of change until the end of the day are not indexed and the "Illegal instant due to time zone offset transition (daylight savings time 'gap')" error is displayed in solr.elg file.

PMTR-24738,
PMTR-18469

Logging

In some scenarios, Log indexer stopped indexing logs because of a corrupted row in FetchedFiles. 

PMTR-28970,
PMTR-29049

VPN

Remote Access VPN connectivity process when authenticating with certificates was improved.

PMTR-11377,
02100804

VPN

After Cluster failover, VPN tunnel is down and "Unknown SPI for IPsec packet" log is shown. Refer to sk112339.

PMTR-26021,
PMTR-25770

HTTPS Inspection

When HTTPS Inspection is enabled and "Hide X-Forwarded-For in outgoing traffic" option is selected, the XFF header is not obfuscated on HTTPs traffic.

PMTR-26171

SSL Inspection

Change SSL Network Extender on MacOS to 64-bit architecture to support 32-bit apps depreciation in OSX.

PMTR-22965,
01604908

SSL Inspection

Traffic to HTTPS websites is dropped on "Unknown Traffic" category, if the certificate length sent from web server exceeds the limit. Refer to sk105321.

PMTR-26140,
01967376

SSL Inspection

Added support to custom extension used by Apple. 

PMTR-16544,
CLUS-937

ClusterXL 

In some scenarios, local traffic between cluster members is dropped due to out of state. Refer to sk123795

PMTR-22839,
02535956

SecureXL

Memory consumption on Security Gateway increases after enabling NetFlow v9 in Gaia OS. Refer to sk118719

PMTR-11959,
02567792

SecureXL

Connectivity issues with "handle_outbound_pac, Reason: connection not found" debug messages on dropped traffic. Refer to sk101134, Scenario 2.

PMTR-28839,
PRHF-1502

Gaia OS

When using conv2db to recreate Gaia database from /config/active, comments are not skipped and the new database file may contain irrelevant information. Refer to sk139832. Note: the issue is cosmetic only.

PMTR-8411,
PMTR-8869

Gaia OS

The "iotop" command does not work on Smart-1 525, 5050 and 51580 appliances. 

PMTR-23155,
GAIA-3010,
PMTR-26453

Gaia OS

CVE-2018-15473: Username enumeration is possible due to a premature bail-out while dealing with a malformed packet. The issue exists in several authentication protocols. 

PMTR-20000,
GAIA-2493

Gaia OS

Connectivity problem for 10 Gigabit fiber network interfaces (be2net driver) after upgrade from R77.30.

PMTR-13024,
PMTR-9624,
GAIA-3597

Gaia OS 

In some scenarios, BIOS sensor randomly goes into "unknown" state. Refer to sk138332.

PMTR-25685

VSX

In some scenarios, vpnd process stops working and there is no decrypt log.

PMTR-28424,
PMTR-11165

VSX

There is no failover after disabling a monitored VLAN after upgrade to R80.10. Refer to sk128692.

PMTR-28021,
VSX-1895

VSX

Traffic from a Virtual System in VSX Cluster to Security Management Server is dropped with "Local interface address spoofing" log. Refer to sk110473

Thanks 

Release Management Group