Fortinet black logo

Release Notes

Home FortiProxy 7.0.17 Release Notes
7.0.17
7.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.17
7.0.16
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.1
2.0.0
1.2.13
1.2.12
1.2.11
1.2.10
1.2.9
1.2.8
1.2.7
1.2.6
1.2.5
1.2.4
1.2.3
1.2.2
1.2.1
1.2.0
1.1.6
1.1.5
1.1.4
1.1.3
1.1.2
1.1.1
1.1.0
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0

Resolved issues

Resolved issues

The following issues have been fixed in FortiProxy 7.0.17. For inquiries about a particular bug, please contact Customer Service & Support.

Bug ID Description
1012827 Admin login fails after the admin is renamed.
1002945 When auth request is closing, calling wad_hauth_req_auth_notify triggers the close of auth request again.
1005976 Misleading message in "Fabric Upgrade" window.

1008255

When you edit a rule with "Domain Threat Feed" as dstaddr, it changes to dstaddr6 and traffic does not match.

1009948

FortiView Traffic Shaping console is not available in GUI.
1003811, 1008263 IP threat feed takes too long to load and external resource cannot load.
1006692 Out-of-bounds access in diag_iotop.c.

1004013

New deployment of FortiProxy 7.0.16 fails on VMware.
1004752 When using "IP Address Threat Feed" for source and destination, the traffic is not matched by the rule.

988473

Fix diag wad stats output format issue and a potential memory leak.
1005957

Issues with traffic shaping CLI:

  • Unable to change a guaranteed bandwidth that is greater than 50.

  • Irrelevant NPU warning when enabling shaping on a VLAN interface.
1000338

Traffic shaping does not take effect on FTP data channels. A large file download via FTP can clog the entire bandwidth even with traffic shaping enabled.

1004206

MITM attack vulnerability for FortiManager connector.

1017888

Forward server memory issues.
1008676 Weak authentication in security fabric.
1013981, 1015407 Restoring a configuration backup with deny policies that have "set profile-type group" without the "profile-group" attributes will result in those policies being deleted.
1003937 Change "Data Leak Prevention" to "Data Loss Prevention" in GUI.

1021833

WAD policy and address build fails when a member in the address group does not exist.

1021318

Kerberos authentication gets stuck when "ldap-user-cache" is enabled.

1020828

HTTP2 stream is not closed after transaction is complete.

1006108

Sites cannot open correctly during the first try when web cache for HTTPS traffic is enabled.

1019308

HTTP NTLM authentication requests are redirected to captive portal.

1011970 , 1017054

"Failed to generate firewall rules" logs due to invalid address members configured in a policy.

995812

Error when sending HTTP put request to Cloudflare.

977645

Incorrect output in FortiView proxy policy when source is set to be FortiAnalyzer.

Common vulnerabilities and exposures

FortiProxy 7.0.17 is no longer vulnerable to the following CVE reference. Visit https://fortiguard.com/psirt for more information.

Bug ID

CVE reference

964421

CVE-2023-44487

Previous
Next

Resolved issues

The following issues have been fixed in FortiProxy 7.0.17. For inquiries about a particular bug, please contact Customer Service & Support.

Bug ID Description
1012827 Admin login fails after the admin is renamed.
1002945 When auth request is closing, calling wad_hauth_req_auth_notify triggers the close of auth request again.
1005976 Misleading message in "Fabric Upgrade" window.

1008255

When you edit a rule with "Domain Threat Feed" as dstaddr, it changes to dstaddr6 and traffic does not match.

1009948

FortiView Traffic Shaping console is not available in GUI.
1003811, 1008263 IP threat feed takes too long to load and external resource cannot load.
1006692 Out-of-bounds access in diag_iotop.c.

1004013

New deployment of FortiProxy 7.0.16 fails on VMware.
1004752 When using "IP Address Threat Feed" for source and destination, the traffic is not matched by the rule.

988473

Fix diag wad stats output format issue and a potential memory leak.
1005957

Issues with traffic shaping CLI:

  • Unable to change a guaranteed bandwidth that is greater than 50.

  • Irrelevant NPU warning when enabling shaping on a VLAN interface.
1000338

Traffic shaping does not take effect on FTP data channels. A large file download via FTP can clog the entire bandwidth even with traffic shaping enabled.

1004206

MITM attack vulnerability for FortiManager connector.

1017888

Forward server memory issues.
1008676 Weak authentication in security fabric.
1013981, 1015407 Restoring a configuration backup with deny policies that have "set profile-type group" without the "profile-group" attributes will result in those policies being deleted.
1003937 Change "Data Leak Prevention" to "Data Loss Prevention" in GUI.

1021833

WAD policy and address build fails when a member in the address group does not exist.

1021318

Kerberos authentication gets stuck when "ldap-user-cache" is enabled.

1020828

HTTP2 stream is not closed after transaction is complete.

1006108

Sites cannot open correctly during the first try when web cache for HTTPS traffic is enabled.

1019308

HTTP NTLM authentication requests are redirected to captive portal.

1011970 , 1017054

"Failed to generate firewall rules" logs due to invalid address members configured in a policy.

995812

Error when sending HTTP put request to Cloudflare.

977645

Incorrect output in FortiView proxy policy when source is set to be FortiAnalyzer.

Common vulnerabilities and exposures

FortiProxy 7.0.17 is no longer vulnerable to the following CVE reference. Visit https://fortiguard.com/psirt for more information.

Bug ID

CVE reference

964421

CVE-2023-44487

Previous
Next