Fortinet black logo

Release Notes

Home FortiProxy 7.0.14 Release Notes
7.0.14
7.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.17
7.0.16
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.1
2.0.0
1.2.13
1.2.12
1.2.11
1.2.10
1.2.9
1.2.8
1.2.7
1.2.6
1.2.5
1.2.4
1.2.3
1.2.2
1.2.1
1.2.0
1.1.6
1.1.5
1.1.4
1.1.3
1.1.2
1.1.1
1.1.0
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0

Resolved issues

Resolved issues

The following issues have been fixed in FortiProxy 7.0.14. For inquiries about a particular bug, please contact Customer Service & Support.

Bug ID Description
759153 FortiProxy ignores ARP requests to aggregated port with LACP mode set to active or passive.
949393 Files exceeding the configured size in DLP sensor still gets downloaded.
927494 Web filter logs only one HTTP request from an HTTP connection that includes multiple HTTP requests.
960677 HTTP transaction log does not have category information and drops logs sometimes.
965254 FortiProxy uses interface IP instead of IP pool setting when multiple IP pools are configured on the firewall policy.
960923 Error "Can not create query" occurs when you set ha-direct enable in CLI.
961488 VPN user IP spoofing.
961494 Double free in automation-stitch.
806556 WAD crash at "wad_h2_resume_run".
958922 Wrong policy match when URL list is set as destination.
960058 Rebuilding FortiProxy with "make image.out" rebuilds everything even when there is no code change.
961688 Crash in IP tables generation due to invalid shaping policy configuration.
953240 Memory leak on ICAP forward headers.
961454 User ldap group cache is not updated in time as the timer.
960604 admin-server-cert configuration should not be synced in config-sync cluster.
957580 cloudinit crashes when reading "User Data" (e.g. lic file) during FortiProxy AWS deployment.
971213 Traffic does not follow schedule to match the firewall policy when the schedule period is short.
954248 ICAP local server hostname is not shown correctly in DLP log when you use ICAP local server with DLP profile.
924398 FTP passive mode fails to establish data channel via DNAT as the IP/port provided by the server is not translated.

973055

 Remove unnecessary wad debug logs.
971068

Unable to match first group attribute from SAML assertion and requests may be denied.
915834 HA active-passive flip: standby FortiProxy tries to reach out to FortiGuard services through HA port.
920401 Traffic dropped when policy with action "isolate" is added in the configuation.
967579 Per-IP traffic shaper does not function when the shaping policy's destination address is a proxy-address of type url-category.
941531 Shaping policy does not allow zones to be configured as destination interface.
965226 File types configured as blocked can still be downloaded from web mail.
967177 Oversize limit does not work correctly.

967083

967507

 Firewall policy schedule does not work correctly.
790426 WAD crashes at wad_ssl_cache_ssl_redir_server.
966238 Restore image crash.
845361 WAD crashes at wad_cifs_file_free.
974307 WAD crashes if scanunit crashes when scanning a file.
968514 WAD CPU reaches 99.9% and causes service impact due to buffer overflow.
973457 cmdbsvr crash when accssing CMDB complexes.

970895

HTTP transaction log incorrectly records the forward server IP as the destination IP/port.
968660 Traffic log gets trimmed if the size exceeds 1900.

966597

Number of proxy/UTM sessions does not reflect actual usage.

959421

Cannot download files with a size greater than 5 MB file via FortiProxy with SSL deep inspection and DLP profile enabled.
995812 Error when sending HTTP put request to Cloudflare.

854913

Missing service licenses in GUI.

975392

When you create an ICAP server group, the first ICAP server on the server list is dropped.

975404

URL category proxy address configuration change does not take effect on shaping policy.
969997 FortiProxy username is not shown in log if the authentication failed.

972306

Cannot change captive portal SSL port number in transparent mode.

Common vulnerabilities and exposures

FortiProxy 7.0.14 is no longer vulnerable to the following CVE reference. Visit https://fortiguard.com/psirt for more information.

Bug ID

CVE reference

855912

CVE-2023-41677

Previous
Next

Resolved issues

The following issues have been fixed in FortiProxy 7.0.14. For inquiries about a particular bug, please contact Customer Service & Support.

Bug ID Description
759153 FortiProxy ignores ARP requests to aggregated port with LACP mode set to active or passive.
949393 Files exceeding the configured size in DLP sensor still gets downloaded.
927494 Web filter logs only one HTTP request from an HTTP connection that includes multiple HTTP requests.
960677 HTTP transaction log does not have category information and drops logs sometimes.
965254 FortiProxy uses interface IP instead of IP pool setting when multiple IP pools are configured on the firewall policy.
960923 Error "Can not create query" occurs when you set ha-direct enable in CLI.
961488 VPN user IP spoofing.
961494 Double free in automation-stitch.
806556 WAD crash at "wad_h2_resume_run".
958922 Wrong policy match when URL list is set as destination.
960058 Rebuilding FortiProxy with "make image.out" rebuilds everything even when there is no code change.
961688 Crash in IP tables generation due to invalid shaping policy configuration.
953240 Memory leak on ICAP forward headers.
961454 User ldap group cache is not updated in time as the timer.
960604 admin-server-cert configuration should not be synced in config-sync cluster.
957580 cloudinit crashes when reading "User Data" (e.g. lic file) during FortiProxy AWS deployment.
971213 Traffic does not follow schedule to match the firewall policy when the schedule period is short.
954248 ICAP local server hostname is not shown correctly in DLP log when you use ICAP local server with DLP profile.
924398 FTP passive mode fails to establish data channel via DNAT as the IP/port provided by the server is not translated.

973055

 Remove unnecessary wad debug logs.
971068

Unable to match first group attribute from SAML assertion and requests may be denied.
915834 HA active-passive flip: standby FortiProxy tries to reach out to FortiGuard services through HA port.
920401 Traffic dropped when policy with action "isolate" is added in the configuation.
967579 Per-IP traffic shaper does not function when the shaping policy's destination address is a proxy-address of type url-category.
941531 Shaping policy does not allow zones to be configured as destination interface.
965226 File types configured as blocked can still be downloaded from web mail.
967177 Oversize limit does not work correctly.

967083

967507

 Firewall policy schedule does not work correctly.
790426 WAD crashes at wad_ssl_cache_ssl_redir_server.
966238 Restore image crash.
845361 WAD crashes at wad_cifs_file_free.
974307 WAD crashes if scanunit crashes when scanning a file.
968514 WAD CPU reaches 99.9% and causes service impact due to buffer overflow.
973457 cmdbsvr crash when accssing CMDB complexes.

970895

HTTP transaction log incorrectly records the forward server IP as the destination IP/port.
968660 Traffic log gets trimmed if the size exceeds 1900.

966597

Number of proxy/UTM sessions does not reflect actual usage.

959421

Cannot download files with a size greater than 5 MB file via FortiProxy with SSL deep inspection and DLP profile enabled.
995812 Error when sending HTTP put request to Cloudflare.

854913

Missing service licenses in GUI.

975392

When you create an ICAP server group, the first ICAP server on the server list is dropped.

975404

URL category proxy address configuration change does not take effect on shaping policy.
969997 FortiProxy username is not shown in log if the authentication failed.

972306

Cannot change captive portal SSL port number in transparent mode.

Common vulnerabilities and exposures

FortiProxy 7.0.14 is no longer vulnerable to the following CVE reference. Visit https://fortiguard.com/psirt for more information.

Bug ID

CVE reference

855912

CVE-2023-41677

Previous
Next