Fortinet black logo

FortiOS Release Notes

Home FortiGate / FortiOS 6.4.3 FortiOS Release Notes
6.4.3
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.15
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.0.18
6.0.17
6.0.16
6.0.15
6.0.14
6.0.13
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.14
5.6.13
5.6.12
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.4.13
5.4.12
5.4.11
5.4.10
5.4.9
5.4.8
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.15
5.2.14
5.2.13
5.2.12
5.2.11
5.2.10
5.2.9
5.2.8
5.2.7
5.2.6
5.2.5
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.14
5.0.13
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
5.0.2

Built-in IPS engine

Built-in IPS engine

Resolved engine issues

Bug ID

Description

539833

Fix invalid memory access crashes in HTTP fake body.

624928

Fix memory leaks in PCRE pattern extractor.

625371

Fix crash on derived packet processing.

637084

Use existing private keys in FortiGate for certificate resigning.

645848

Turn off SNI verification via the existing CLI in SSL-SSH profile.

647330

Use integer instead of lightuserdata to avoid bad lightuserdata pointer.

648079

Support virus URL cache for DLP sensor.

657466

Local URL filter configuration in flow mode web filter does not work when the matching FortiGuard category is also enabled in the web filter profile.

658482

High memory usage by ipsmonitor and ipsengine processes.

660489

Web filter URL filter check is skipped in flow mode certificate inspection if SNI is not present in the TLS client hello.

662573

Fix NULL pointer dereference crash.

662785

Signatures for services other than SSL traffic with the drop action are showing as detected for SSL traffic.

662964

PCAP from IPS not dumped as configured in packet-log-history and packet-log-post-attack settings.

664728

Traffic failing in NGFW policy-based mode when TCP source port range includes a zero value.
Previous
Next

Built-in IPS engine

Resolved engine issues

Bug ID

Description

539833

Fix invalid memory access crashes in HTTP fake body.

624928

Fix memory leaks in PCRE pattern extractor.

625371

Fix crash on derived packet processing.

637084

Use existing private keys in FortiGate for certificate resigning.

645848

Turn off SNI verification via the existing CLI in SSL-SSH profile.

647330

Use integer instead of lightuserdata to avoid bad lightuserdata pointer.

648079

Support virus URL cache for DLP sensor.

657466

Local URL filter configuration in flow mode web filter does not work when the matching FortiGuard category is also enabled in the web filter profile.

658482

High memory usage by ipsmonitor and ipsengine processes.

660489

Web filter URL filter check is skipped in flow mode certificate inspection if SNI is not present in the TLS client hello.

662573

Fix NULL pointer dereference crash.

662785

Signatures for services other than SSL traffic with the drop action are showing as detected for SSL traffic.

662964

PCAP from IPS not dumped as configured in packet-log-history and packet-log-post-attack settings.

664728

Traffic failing in NGFW policy-based mode when TCP source port range includes a zero value.
Previous
Next