Resolved issues
The following issues have been fixed in FortiProxy 7.0.14. For inquiries about a particular bug, please contact Customer Service & Support.
Bug ID | Description |
---|---|
759153 | FortiProxy ignores ARP requests to aggregated port with LACP mode set to active or passive. |
949393 | Files exceeding the configured size in DLP sensor still gets downloaded. |
927494 | Web filter logs only one HTTP request from an HTTP connection that includes multiple HTTP requests. |
960677 | HTTP transaction log does not have category information and drops logs sometimes. |
965254 | FortiProxy uses interface IP instead of IP pool setting when multiple IP pools are configured on the firewall policy. |
960923 | Error "Can not create query" occurs when you set ha-direct enable in CLI. |
961488 | VPN user IP spoofing. |
961494 | Double free in automation-stitch. |
806556 | WAD crash at "wad_h2_resume_run". |
958922 | Wrong policy match when URL list is set as destination. |
960058 | Rebuilding FortiProxy with "make image.out" rebuilds everything even when there is no code change. |
961688 | Crash in IP tables generation due to invalid shaping policy configuration. |
953240 | Memory leak on ICAP forward headers. |
961454 | User ldap group cache is not updated in time as the timer. |
960604 | admin-server-cert configuration should not be synced in config-sync cluster. |
957580 | cloudinit crashes when reading "User Data" (e.g. lic file) during FortiProxy AWS deployment. |
971213 | Traffic does not follow schedule to match the firewall policy when the schedule period is short. |
954248 | ICAP local server hostname is not shown correctly in DLP log when you use ICAP local server with DLP profile. |
924398 | FTP passive mode fails to establish data channel via DNAT as the IP/port provided by the server is not translated. |
973055 |
Remove unnecessary wad debug logs. |
971068 |
Unable to match first group attribute from SAML assertion and requests may be denied. |
915834 | HA active-passive flip: standby FortiProxy tries to reach out to FortiGuard services through HA port. |
920401 | Traffic dropped when policy with action "isolate" is added in the configuation. |
967579 | Per-IP traffic shaper does not function when the shaping policy's destination address is a proxy-address of type url-category. |
941531 | Shaping policy does not allow zones to be configured as destination interface. |
965226 | File types configured as blocked can still be downloaded from web mail. |
967177 | Oversize limit does not work correctly. |
967083 967507 |
Firewall policy schedule does not work correctly. |
790426 | WAD crashes at wad_ssl_cache_ssl_redir_server. |
966238 | Restore image crash. |
845361 | WAD crashes at wad_cifs_file_free. |
974307 | WAD crashes if scanunit crashes when scanning a file. |
968514 | WAD CPU reaches 99.9% and causes service impact due to buffer overflow. |
973457 | cmdbsvr crash when accssing CMDB complexes. |
970895 |
HTTP transaction log incorrectly records the forward server IP as the destination IP/port. |
968660 | Traffic log gets trimmed if the size exceeds 1900. |
966597 |
Number of proxy/UTM sessions does not reflect actual usage. |
959421 |
Cannot download files with a size greater than 5 MB file via FortiProxy with SSL deep inspection and DLP profile enabled. |
995812 | Error when sending HTTP put request to Cloudflare. |
854913 |
Missing service licenses in GUI. |
975392 |
When you create an ICAP server group, the first ICAP server on the server list is dropped. |
975404 |
URL category proxy address configuration change does not take effect on shaping policy. |
969997 | FortiProxy username is not shown in log if the authentication failed. |
972306 |
Cannot change captive portal SSL port number in transparent mode. |
Common vulnerabilities and exposures
FortiProxy 7.0.14 is no longer vulnerable to the following CVE reference. Visit https://fortiguard.com/psirt for more information.
Bug ID |
CVE reference |
---|---|
855912 |