Danny Jung

R77.30: New Jumbo Hotfix (Take 338) GA-Release

Discussion created by Danny Jung Champion on Oct 17, 2018
Latest reply on Oct 19, 2018 by Dameon Welch-Abernathy

A new General Availability Jumbo Hotfix Accumulator take for R77.30 (Take 338) is available (Resolved issues).

Also download and install the most updated R77.30.03 SmartConsole.

 

Take_338 is the latest General Availability release that can be directly downloaded from Check Point Cloud using CPUSE and from sk106162.

 

Take

Date

CPUSE Identifier

CPUSE offline package

Take_338

16 Oct 2018

Check_Point_R77_30_JUMBO_HF_1_Bundle_T338_FULL.tgz

Download

 

Note:

  • Effective Oct 16th 2018, General Availability Take_338 is available for CPUSE online installation in Gaia Portal and Gaia Clish (it replaces Take_317).

List of resolved issues in R77.30 JHF (Take 338) since last GA-Take 317:

IDProductSymptoms

Take 338 (16 Oct 2018) - General Availability Take

02481671Threat ExtractionWhen Threat Extraction is configured to block access to original files and to block corrupted/encrypted files (both not default) - The email that indicates that the encrypted/corrupted file has been removed is not received by email recipient.
01850251Anti-MalwareUDP performance with Threat Prevention was improved.
SA-31Gaia OSFixing an issue which can lead to the loss of connectivity.
02421166,
02482081,
02468381
VPNAdded Azure VPN IKEv2 enhancement. Refer to sk116157.
02431088VPNStability improvements for IKEv2 and Azure gateways.
02058553VPNIKEv2 support for more than 8 proposals.
02471564SSL InspectionImproved stability of WSTLSD daemon.
IDA-949Identity AwarenessRADIUS accounting server does not understand accounting-response from Check Point gateway. Refer to sk130532.
01786753Identity AwarenessAD users with special characters in their names cannot authenticate.
Refer to sk131872.
01500409Identity Awareness"Group membership of the required account (user or machine) could not be retrieved from the AD. Make sure the account exists in the AD." log is received from Identity Awareness blade when format of RADIUS user is "user@domain".
Refer to scenario 6 in sk106133.
IDA-1150Identity AwarenessFixed a MUH Agent issue of sending unnecessary MUH updates causing high CPU on PEP. This lead to delays with getting identities and can cause connectivity issues.
IDA-735Identity AwarenessIdentities are not synced to PEP if two PDPs will report the same network
Refer to sk130373.
PMTR-20184Security GatewayCheck Point response to SegmentSmack (CVE-2018-5390) & FragmentSmack (CVE-2018-5391).
Refer to sk134253.
PMTR-20189 &
PMTR-20188
UserCheck,
VSX
In VSX environment portals are down after uninstalling R77.30 Jumbo Hotfix take 266 or later and there are multiple defunc instances of mpdaemon.
02729238 SSL Inspection Improved accuracy of HTTPS Inspection rule-base matching.
01699431Mobile AccessImproving stability of SNX roaming feature.
02408359QoSVPN Stability improvements in setups with NAT.
PMTR-19603GaiaJumbo Hotfix uninstall causes issues in boot and communication in TEX product line.
01855951VPNImproved stability for VPN Remote Access when using tcpt.
GAIA-2269Data Center Security AppliancesAdded support for 23900 appliances. Refer to sk107516.
02396869VPNImproved tunnel stability in site to site setups.
02447010VPNImproved accounting of Remote Access user licenses in cluster environment.
02006858VPNImproving consistency and stability of supernet encryption domains of gateways with Mobile Access blade.
PMTR-14587Gaia OSSecurity hardening for Gaia WebUI
PMTR-14615Gaia OSSecurity hardening for Gaia WebUI
PMTR-14614Gaia OSSecurity hardening for Gaia WebUI
01944349Gaia OSWhen browsing to the Time page in the GAIA WebUI, two messages are spammed in /var/log/messages (flag is ... and data is...).
02049361Gaia OSIntel X520 DP 10Gb DA/SFP+ Server Adapter is not detected by GAIA OS.
01876093Mobile AccessAdding configurable option to allow compressed https connections to internal servers. Refer to sk128513
PMTR-15763Gaia OSGaia Portal shows blank page after login with Firefox 5x or Chrome 66. Refer to sk121373.
THREATEMUL-4272Threat EmulationIf Threat Emulation disk space threshold is higher than Log disk space threshold, then Threat Emulation will stop emulation while the logs will continue to accumulate, resulting in the emulation entering fail open.
GAIA-2269Data Center Security AppliancesAdded support for 23900 appliances. Refer to sk107516.
02725585Mobile AccessCVPN daemon stability.
02764970Gaia OSlspci utility showing unknown devices on HP G9 server with 4TH gen Xeon CPU's.
02764972Gaia OSFixed the output of raid_diagnostics command.
PMTR-9275Security GatewayIn rare scenarios, CPD process stops working when running for a long time.
02757263SSL InspectionImproved resumption handshake behavior in SSL inspection.
02757276SSL InspectionImproved handshake handling in case of re-negotiation.
CPDIAG-936Check Point Diagnostic tool
  • New cpview capability to collect and present IO data. 
  • Enabled cpview history collection on Management machines

Outcomes