Fortinet black logo

Release Notes

Resolved Issues

Resolved Issues

The following issues have been fixed in 6.0.9. For inquires about a particular bug, please contact Customer Service & Support.

AP Manager

Bug ID Description
540347 There is no option available to configure vlan-ids under vlan-pooling.
595674 When attempting to place an AP on a map, there is a considerable border around map image where it is not possible to place an AP to the far right or very bottom of the floor.
600899 FortiManager is unable to delete WiFi profile with forward slash in the name.

Device Manager

Bug ID Description
555635 Certificate is not visible on GUI after restoring the configuration, which was exported from FortiManager.
576850 There may be possible VDOM Name inconsistent between FortiManager and FortiGate.
589814 User should be able to make interface changes using CLI Configuration.
593615 FortiManager many not be possible to configure the 'sslvpn' variable of a FortiGate VDOM.
599768 FortiManager may not be able to display the second shelf manager.
602275 FortiManager may not be able to remove VDOM or device when FortiAnalyzer feature is enabled.
602706 SD-wan Template may keep loading.
607672 Import may fail with error "user group match is not a member".
610071 When creating a new interface based VPN phase1, FortiManager should not allow duplicated names.
616606 IPSec Phase 1 does not have all encryption proposals listed.
619377 FortiManager cannot retrieve ForiGate-800D containing more than 2048 Firewall custom services.
625831 Deleting a device from Device Manager may take a long time and FortiManager becomes very slow.
631576 Device list may be empty under device group when trying to edit it.

Others

Bug ID Description
551710 The /bin/ha process may have high memory usage.
611548 the dbcache.db file size may keep increasing.
612901 Retrieving a device configuration may fail with 'dvmcmd' crash.
623147 FortiManager may never form an HA due to variance in certificates.

643784

FortiManager is crashing on security console and wizard is stopped at 50% of deployment.

Policy and Objects

Bug ID Description
480553 AntiVirus profile should add "Use Virus Outbreak Prevention Database".
500697 Application signature list is either empty or displayed as "undefined".
505887 Internet Service should separate into source and destination
540716 Under Policy, there is no "Session Count", "Session First Used", "Session Last Used" options in the Column Settings drop-down list.
574560 Installation from FortiManager may fail with the error, "No response from remote" FortiGate.
577201 Next button should be inactive until zone validation is fixed in the case of 'Re-Install Policy'.
578004 The policy interface colors are different between Device Manager and Policy & Objects.
580166 Bulk installation may get stuck with fake policy package.
581825 In workflow mode, changes to the SSL VPN portals do not trigger "Modified" status on the policy package.
582255 FortiManager is unable to lock ADOM if another admin is installing a policy to same the FortiGate in different ADOM.
599770 When the capture setting is enabled under a policy, the auto-asic-offload setting should be disabled.
599780 If one or more devices has policy validation error, FortiManager does not show devices that are "ready to install".
604789 Within SSL/SSH Profile, wildcard FQDN address is not displayed for selection and display "runtime error 0: invalid value".
608236 FortiManager is unable to install ssl-ssh-profile policy updates when disabling protocols on a policy.
609026 Peer groups should be centrally manageable by FortiManager.
609300 FortiManager may not be able to import all Cisco ACI Fabric Connector address.
613840 Process bar does not show correct status when an address fails to import for fabric connector.
625665 Policy package installation may fail due to certificates errors after creating a new VDOM.

Revision History

Bug ID Description
492088 FortiManager attempts to change Chassis ID on FortiGate 7000 series when installing configuration.
543507 Install fails for newly defined transparent VDOM's management IP.
555796 Installing policy on 6K series FortiGate may remove the interface setting "set forward-error-correction rs-fec".
600833 When trying to create a local certificate, and assign and install it for remote administration, the install operation fails due to incorrect order of configurations.
604738 Verification fails for replacemsg "auth-authorization-fail" after upgraded FortiManager and installed to FortiGate with system template assigned.
608051 Policy package install time increases when using policy package diff option.
609110 Config revision created by Script_manager causes error when restored onto the FortiGate directly.
610687 FortiManager should not unset forward-error-correct during install.
613057 During install verification, FortiManager is changing the IP of uni-cast heartbeat interfaces after FortiGate cluster failover.

Services

Bug ID Description
563624 FortiManager dbcontract updated with the entitlement file shows different contracts compared to FortiManager dbcontract updated from FDS.

System Settings

Bug ID Description
554094 FortiManager may not be able to upgrade ADOM from 5.4 to 5.6 with the error, "Fail(errno=0):invalid value".
571181 An admin user with read-write system permissions and restricted to one ADOM can change their permission to All ADOMs.
596580 Upgrade ADOM may fail on FSSO/SSO.
606545 There may be an HA synchronization issue when policy hit count is disabled.
625308 HA synchronization is lost when slave log disk usage reaches 99%.

VPN Manager

Bug ID

Description

616352 FortiManager may show empty value for phase1 and phase2 proposals.

Common Vulnerabilities and Exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

Description

597311

FortiManager 6.0.9 is no longer vulnerable to the following CVE-Reference:

  • CVE-2004-1653
606144

FortiManager 6.0.9 is no longer vulnerable to the following CVE-Reference:

  • CVE-2019-9193

Resolved Issues

Resolved Issues

The following issues have been fixed in 6.0.9. For inquires about a particular bug, please contact Customer Service & Support.

AP Manager

Bug ID Description
540347 There is no option available to configure vlan-ids under vlan-pooling.
595674 When attempting to place an AP on a map, there is a considerable border around map image where it is not possible to place an AP to the far right or very bottom of the floor.
600899 FortiManager is unable to delete WiFi profile with forward slash in the name.

Device Manager

Bug ID Description
555635 Certificate is not visible on GUI after restoring the configuration, which was exported from FortiManager.
576850 There may be possible VDOM Name inconsistent between FortiManager and FortiGate.
589814 User should be able to make interface changes using CLI Configuration.
593615 FortiManager many not be possible to configure the 'sslvpn' variable of a FortiGate VDOM.
599768 FortiManager may not be able to display the second shelf manager.
602275 FortiManager may not be able to remove VDOM or device when FortiAnalyzer feature is enabled.
602706 SD-wan Template may keep loading.
607672 Import may fail with error "user group match is not a member".
610071 When creating a new interface based VPN phase1, FortiManager should not allow duplicated names.
616606 IPSec Phase 1 does not have all encryption proposals listed.
619377 FortiManager cannot retrieve ForiGate-800D containing more than 2048 Firewall custom services.
625831 Deleting a device from Device Manager may take a long time and FortiManager becomes very slow.
631576 Device list may be empty under device group when trying to edit it.

Others

Bug ID Description
551710 The /bin/ha process may have high memory usage.
611548 the dbcache.db file size may keep increasing.
612901 Retrieving a device configuration may fail with 'dvmcmd' crash.
623147 FortiManager may never form an HA due to variance in certificates.

643784

FortiManager is crashing on security console and wizard is stopped at 50% of deployment.

Policy and Objects

Bug ID Description
480553 AntiVirus profile should add "Use Virus Outbreak Prevention Database".
500697 Application signature list is either empty or displayed as "undefined".
505887 Internet Service should separate into source and destination
540716 Under Policy, there is no "Session Count", "Session First Used", "Session Last Used" options in the Column Settings drop-down list.
574560 Installation from FortiManager may fail with the error, "No response from remote" FortiGate.
577201 Next button should be inactive until zone validation is fixed in the case of 'Re-Install Policy'.
578004 The policy interface colors are different between Device Manager and Policy & Objects.
580166 Bulk installation may get stuck with fake policy package.
581825 In workflow mode, changes to the SSL VPN portals do not trigger "Modified" status on the policy package.
582255 FortiManager is unable to lock ADOM if another admin is installing a policy to same the FortiGate in different ADOM.
599770 When the capture setting is enabled under a policy, the auto-asic-offload setting should be disabled.
599780 If one or more devices has policy validation error, FortiManager does not show devices that are "ready to install".
604789 Within SSL/SSH Profile, wildcard FQDN address is not displayed for selection and display "runtime error 0: invalid value".
608236 FortiManager is unable to install ssl-ssh-profile policy updates when disabling protocols on a policy.
609026 Peer groups should be centrally manageable by FortiManager.
609300 FortiManager may not be able to import all Cisco ACI Fabric Connector address.
613840 Process bar does not show correct status when an address fails to import for fabric connector.
625665 Policy package installation may fail due to certificates errors after creating a new VDOM.

Revision History

Bug ID Description
492088 FortiManager attempts to change Chassis ID on FortiGate 7000 series when installing configuration.
543507 Install fails for newly defined transparent VDOM's management IP.
555796 Installing policy on 6K series FortiGate may remove the interface setting "set forward-error-correction rs-fec".
600833 When trying to create a local certificate, and assign and install it for remote administration, the install operation fails due to incorrect order of configurations.
604738 Verification fails for replacemsg "auth-authorization-fail" after upgraded FortiManager and installed to FortiGate with system template assigned.
608051 Policy package install time increases when using policy package diff option.
609110 Config revision created by Script_manager causes error when restored onto the FortiGate directly.
610687 FortiManager should not unset forward-error-correct during install.
613057 During install verification, FortiManager is changing the IP of uni-cast heartbeat interfaces after FortiGate cluster failover.

Services

Bug ID Description
563624 FortiManager dbcontract updated with the entitlement file shows different contracts compared to FortiManager dbcontract updated from FDS.

System Settings

Bug ID Description
554094 FortiManager may not be able to upgrade ADOM from 5.4 to 5.6 with the error, "Fail(errno=0):invalid value".
571181 An admin user with read-write system permissions and restricted to one ADOM can change their permission to All ADOMs.
596580 Upgrade ADOM may fail on FSSO/SSO.
606545 There may be an HA synchronization issue when policy hit count is disabled.
625308 HA synchronization is lost when slave log disk usage reaches 99%.

VPN Manager

Bug ID

Description

616352 FortiManager may show empty value for phase1 and phase2 proposals.

Common Vulnerabilities and Exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

Description

597311

FortiManager 6.0.9 is no longer vulnerable to the following CVE-Reference:

  • CVE-2004-1653
606144

FortiManager 6.0.9 is no longer vulnerable to the following CVE-Reference:

  • CVE-2019-9193