Inline IPS botnet does not work for transparent proxy.

WAD does not match the traffic with IPv6 policy when DNS resolves the result as IPv4.

Cannot block Zoom remote control component of Zoom Meeting with Application Control.

FDS firmware update support.

Inline IPS: "dia test app wad 99" does not clear wad_ips process.

Explicit FTP fails to set up data channel in active mode on transparent mode.

Fix fnbamd memory leak.

When tcp-window-type is set to auto-tuning, throughput for single file download speed falls below expectation.

After login with SSO SAML, facebook.com and twitter.com do not show all the contents.

Removed transaction from CASB GUI when saving profiles

Generated or cached http resp_time is 0 when request traffic or server response traffic is blocked by FortiProxy.

DNS filter feature is not controlled by the license seat limit.

SMTP traffic exceeding session limit is not bypassed.

Associate all UTM logs with http-transaction log for cert-inspect HTTPS traffic.

log-http-transaction configuration is lost after upgrade.

Explicit FTPS not working over SOCKS proxy.

Kerberos authentication failure.

Unexpected logged kernel warnings.

Log disk usage is not visible when Security fabric is enabled.

Frequent WAD crash in system even log.

For form authentication, sometimes the browser sends out another request when the form is in process.

Windows AD cross-forest support for Kerberos authentication.

Detail of IPS Sensor is blank after adding Signature in the GUI.

Fix WAD memory leak at CASB and forward server.

Duplicate security events when log-http-transaction is enabled.

Access issue with dedicated-to management interface in HA mode in transparent mode.

Requests fails to match a policy if the destination address is a simple FQDN address.

Cannot format all storage disks using the "exe disk format all" command on VM platforms. Only individual disk format option works.

Cannot add device with IPv6 address.

If other UTM features are enabled, the IPS sensor's set scan-botnet-connections block will not work.

Image analysis replacement image is not updated after changing image content in "config system replacemsg-image".

HTTPS matches policy with interface to the fw-server instead of interface routed to destination server.

HA config-sync out of sync due to mismatch rule.fmwp.

Add FortiProxy synchronization scripts.

FortiProxy enters memory conserve mode.

Aggregate interface and all related interfaces flap when any of the aggregate interface configuration is changed.

SNMP MIB file check failure for FPX-4000G.

WAD process should set pipe debug log to serial console by default.

When an image analysis profile is configured, image blocking fails after the first attempt.

SAML authentication intermittent failure "403 Forbidden error".

Add compile option to enable kernel debug features.

Remove duplicate code.

Wad crashes at wad_http_session_get_from_msg.

OCR detection failure due toconcatenation of strings without adding delimiters.

Replaced certificate does not take effect immediately.

diag debug reset does not clear WAD debug.

Wanopt ports 7810 and 7802are always exposedeven when no wanopt profile is enabled.

Credit card numbers are blocked only when separated by a new line.

Support UEFI boot option for KVM and AWS FortiProxy VMs.

Remove core dump from code base.

ICAP error "Unsupport resp code: 400".

PBRs stop working after network configuration changes.

WAD memory leak.

Cannot access a website with http header "timing-allow-origin" when strict-web-check is enabled.

HTTP3 does not work.

Logging details are not detected as ICAP when the FortiProxy is used as a local ICAP server.

DLP is not "Blocked" when the FortiProxy is acting as ICAP local server and Traffic is initiated from a FortiGate.

CPU easily reaches 100% usage by WAD worker when captive-portal and cors-stateful are enabled.

diagnose wad debug show generates wrong results.

Unable to load pages of Cloudflare-protected websites with authentication enabled with authentication scheme set to form-based in explicit proxy.

Form based user authentication WAD crash.

Web proxy and SOCKS forward server blocked by domain fronting check.

Adjust memcpy buffer size based on the destination buffer sizes.

HA works only under NAT mode, not under transparent mode.

Add Web Forwarding Server column on policy.

casb-profile does not cause redirect.

"Archive Block" configuration in the antivirus profile is not same between the CLI and GUI.

Add statistics for recording partially initialized unix buffer.

Fix GUI field errors on the Router Policy page.

WAD crash in wad_ssl_unsupport_block_check.

Fix crashes related to ia blocked image memory cache.

Fix firewall internet service related CLI and fix policy based routing with internet service.

Fix NTP using HA management interface.

CVE-2024-54021