Resolved issues
The following issues have been fixed in FortiProxy 7.0.10. For inquiries about a particular bug, please contact Customer Service & Support.
Bug ID | Description |
---|---|
746587 | WAD process crashes because acsm_cmem global object gets written through. |
875708 | Disable swapping for FortiProxy. |
884339 | Fix algo process ICAP crash issue. |
850683 850688 |
Console keeps displaying |
881697 | After an HA cluster is formed, the secondary comes back with "config file may contain errors" after a restart. |
871749 874932 |
WAD crash about infection cache feature. |
854511 | Unable to make API calls via PostmanRuntime script. |
883618 | New Alibaba region (SCCC) uses different region-id. |
883121 | HTTP transaction log does not show status code for some cached traffics. |
882728 | SNAT ocassionally fails on DNS requests. |
873656 | Failed to validate the EMS certificate which is signed by third-party CA and installed into FortiProxy. |
880712 882878 |
Fix WAD crash and memory leak on traffic mirror. |
729351 889309 |
The object allocated by wad_mem_malloc is not freed by wad_mem_free . |
759144 888354 |
Port incorrect IOCTL causes userspace CMDB firewall issues. |
873475 | No model-specific limit for licensed sessions or disk limit for VMUL model. |
873224 874099 |
SSL log and configuration fixes. |
779361 | when ftp server require non-anonymous login, it fails to walk through when av profile has outbreak-prevention. |
883067 | AV cache-infected-result causes false positives with incorrect dst addr. |
833306 884670 |
Intermittent error "Failed to retrieve FortiView data" on real-time FortiView sources and destination. |
872550 | Fail to create config-sync HA on GCP when heartbeat interfaces are within the same subnet range. |
869573 885850 885912 886579 894569 899181 899625 900736 902135 |
Fix some GUI issues. |
835903 842624 |
Change WAD's TCP port to delay close if datais pending on socket's write queue. |
889382 | When query-v1-status is disabled and custom SNMP service doesn't exist, Iptable rule is not added and SNMP v2 query generation via client fails. |
887321 | wAD "signal 6" crash. |
887560 | dnsproxy does not populate ipsets when firewall.central-snap-map and firewall.shaping-policy are updated to include FQDNs. |
891541 | forward-server-group config change might cause crash. |
885994 889991 |
Fix a few bugs in CLI configuration during upgrade. |
872493 | Disk logging files are cached in kernel and causes high memory usage. |
840549 | WAD is unable to recognize RSSO users. |
891696 | Fix miscalculation on request header length and no space to append body for av scan with legacy scan mode. |
857543 | ha-management interface config on FPX units causes the cluster to be out-of-sync. |
894087 | FortiAnalyzer logs of secondary devices are queued under the Active-Passive HA cluster. |
886145 899507 |
Failure in creating firewall.address6 FQDNs with a syscall error. |
889537 | WAD fails to match policy when dstintf is specified. |
889349 892209 |
Improve the build performance of algo daemon fast match table. |
889521 | Failure in creating a firewall policy with a parse error message. |
769955 889493 899959 |
WAD crashes in some cases. |
882182 | Crash on av comfort stop due to missing secure profile. |
842336 | Timeout when sequentially upgrading a config-sync HA cluster. |
888670 | Local certificate is lost following the upgrade from FortiProxy 2.0 to 7.0. |
894884 | Fix WAD memory leak on master secret. |
854918 | Changing an HA cluster from unicast to multicast requires a reboot for the cluster to re-sync. |
776260 | MAPI is not functional when ICAP profile is enabled. |
866434 | Domain fronting detection log enhancement. |
894755 | Fix WAD firewall policy new memory leak. |
893697 | Incorrect cifs file cache purge timeout causes scan issues. |
800850 | ICMPv6 input and routing traffic is dropped. |
896345 | User authenticate timeout configuration doesn't work. |
897421 | ha-mgmt-interfaces are not used when ha-direct is enabled. |
891171 | SNMP walk failed when ha-direct is enabled in the snmp community config. |
877239 | Forward traffic log is missing utmref for some web filter events which causes empty results in Security tab. |
890809 |
Requests from users in a child domain cannot match a firewall policy with user-based authentication. |
863854 | Lack of certificate verification when establishing secure connections with FortiGuard's map server. |
897409 | SNMP Traffic not responding through dedicated-to management port. |
898325 | HA hbdev is reset to port2 as a "default" value during upgrade. |
896992 | Wrong minor version number in update request. |
890626 | WAD worker crashes with signal 11 during NTLM authentication after changing the authentication rule from session-based to IP-based. |
828917 878668 895126 |
LDAP group cache issue. |
898503 | WAD keeps crashing during SSLVPN test. |
898406 |
Heap buffer overflow in SSLVPN pre-authentication. |
892091 |
Wrong file type and matched file type/name is missing in filefilter logs for some archived zip files. |
899145 |
Trusthost ipsets are not present when a wildcard exists. |
891777 |
"set log-http-transaction disable" option does not work. |
896476 898903 |
FortiProxy rejects CONNECT request with body and extra data. |
901191 |
Fail to display "Security" of a traffic log with utm block in GUI. |
883831 |
FortiProxy web cache memory leak. |
896048 |
Access of uninitialized pointer in vdom parameter. |
Common vulnerabilities and exposures
FortiProxy7.0.10 is no longer vulnerable to the following CVE reference. Visit https://fortiguard.com/psirt for more information.
Bug ID |
CVE reference |
---|---|
844920 |
|
863855 |
|
N/A |
|
898406 |
|
889254 |
|
857368 |
|
803283 |