Software Update: Sophos XG Firewall 16.05.7 MR7

Sophos has released a new version of its XG Firewall with 16.05.7 MR7 as the version number. This software runs on physical hardware as well as in a soft appliance for VMware, Hyper-V, Xen and KVM delivered. In addition to the paid variants for businesses, Sophos offers this firewall for home use at no cost, such as on this page can be read. For the various image and update files you can visit the MySophos Portal. The announcement of this release looks like this:

SFOS 16.05.7 MR7 Released

Hi XG Community!
We’ve finished SFOS v16.05.7 MR7. This release is available from within your device for all SFOS v16.05 installations as of now and will increase the group in a few days. The release is also available to all SFOS version via MySophos portal.

Issues Resolved

• NC-19720 [API] SQL Injection: Application filter add type
• NC-19721 [API] SQL Injection: Proxy port config
• NC-19775 [API] SQL Injection: User add/edit
• NC-20840 [Authentication] SATC: users logged in and logged out continuously
• NC-19420 [Base System] “Don’t register yet ” link is not shown in Chinese language
• NC-19520 [Base System] Hotfix applied multiple times in SF device
• NC-19558 [Base System] Add kernel patch for ‘Stack Clash’
• NC-19920 [Base System] Several vulnerabilities patches for Dropbear (CVE-2016-7409, CVE-2016-7408, CVE-2016-7407, CVE-2016-7406)
• NC-20753 [Base System] Changing of “admin” password in SFM does not replicate to the XG device and device is inaccessible due to password missmatch
• NC-21237 [Base System] Linux Kernel vulnerability “Dirty Cow” (CVE-2016-5195)
• NC-19330 [Firewall] XG live logs show packets out of time order
• NC-19659 [Firewall] Invalid IP Host import fails but leaves invalid db entries causing system framework failure
• NC-19674 [Firewall] Unidentified user usage from identity based rule
• NC-20343 [Firewall] Wrong GeoIP classification for some IP addresses
• NC-19745 [Hotspot] Hotspot custom voucher is changed to default upon hotspot update
• NC-19956 [Localization] XG translation error on the firewall policies page for Brazilian (PT-BR) language
• NC-19300 [Mail Proxy] Unable to parse or decode the contents of the email when the banner contains bare LF
• NC-19354 [Mail Proxy] Quarantined Emails are not visible in Webadmin
• NC-19829 [Mail Proxy] Email are bounced with SMTP/s scanning and RBL enabled
• NC-19873 [Mail Proxy] XG inconsistent NDR notification behavior
• NC-19901 [Mail Proxy] Attachment name causing awarrentmta to stop
• NC-20490 [Mail Proxy] SMTP Quarantine data doesn’t load in User Portal for all users
• NC-20784 [Mail Proxy] SMTP Quarantine data is not loading
• NC-19621 [Network Services] nslookup / dnslookup commands not using specified server
• NC-19136 [Networking] Incorrect information in System Graphs for bandwidth usage
• NC-1998 [Networking] Gateway failover not working
• NC-19750 [Networking] IPv6 Policy Route not removed from system when gateway is deleted
• NC-19716 [UI] SQL Injection: Current Activities
• NC-19753 [UI] SQL Injection: filter function
• NC-19540 [WAF] WAF – Fix CVE-2017-7679: mod_mime buffer overread
• NC-19717 [WAF] SQL injection: IPS backend server add
• NC-19718 [Web] SQL Injection: Proxy file type add
• NC-20787 [Web] Proxy is allowed through port 8090
• NC-19719 [Wireless] Blind code execution: Access point edit