Resolved issues
The following issues have been fixed in FortiProxy 7.6.1. For inquiries about a particular bug, please contact Customer Service & Support.
|
Description |
Bug ID |
|---|---|
| 1078472 | HA works only under NAT mode, not under transparent mode. |
|
1071098 |
Long-lived session statistic log is not shown. |
| 1082971 | Cannot receive new signed CASB update from FDS server as the built-in inline CASB database is unsigned. |
| 1051968 | Inline IPS takes effect on beta signatures and logs the relevant events. |
| 1064399 | HTTP transaction logs fields "countxxx" missing on generated log reference xml file. |
| 1081801 | Config crash for web proxy, redirect profile, URL match, and security profile. |
| 1082472 | Fix crashes related to ia blocked image memory cache. |
| 1068278 | Overrun found in WAN optimization explicit proxy. |
| 1055028 | For form authentication, sometimes the browser sends out another request when the form is in process. |
| 991280, 1081621 | FDS firmware update support. |
|
1083795 |
httpsd crash and JSON-C memory leak error. |
| 1074104 | DLP is not "Blocked" when the FortiProxy is acting as ICAP local server and Traffic is initiated from a FortiGate. |
| 1083610 | Fix NTP using HA management interface. |
| 1089876 | License Sharing History widget is missing from main dashboard and License Sharing Usage is missing in FortiView. |
| 1087908 | No authentication popup when ldap-user-cache is enabled. |
| 1087189, 1088339 | FTP traffic to ICAP server with AV does not take effect. |
| 1090073 | Incorrect product name in the readme file of VMWare .ovf.zip. |
| 1089361 | Certain applications cannot be set in policy. |
| 1089185 | Security fabric license sharing does not work. |
| 1020828 | WAD HTTP2 Stream Error when client send a small concurrent stream and make multiple concurrent requests. |
| 1083188 | Proxy AV does not generate infected-URL cache entry if the first request is HTTP/2. |
| 1083359 | Missing client IP in denied explicit forward traffic log. |
| 1088776 | Digest auth crash. |
|
1088519 |
WAD does not check BOTNET when inline IPS is disabled. |
|
1088412 |
No URL in the auth failed event log. |
|
1088276 |
Console error "loadMsgData" during booting. |
|
1083357 |
Application Control does not block SharePoint upload. |
| 1082989, 1086539 | Fix firewall internet service related CLI and fix policy based routing with internet service. |
| 1089871 | "Sessions" widget (TCP) should be removed from the main dashboard. |
| 1092613 | "Isolator Setting" feature is missing in GUI. |
|
1084141, 1090628, 1091699 |
IPsec does not work. |
| 1089697 | WAD crash with signal 6 at wad_alarm_sig. |
| 1018780, 1023127 | WAD crash on wad_http_avscan_comfort. |
| 978602, 1066078, 1066567 | Inline IPS and IPS engine redirection issues. |
|
1078395 |
Upgrade libnetfilter_conntrack to include the coverity fixes. |
|
1073651 |
"dot.quic" in no-inspection profile is not updated to bypass when the FortiProxy is first installed. |
|
1091016 |
Config-sync HA cluster is out of sync after upgrade due to "authentication.setting.update-time". |
|
1093624 |
Proxy regular expression and wildcard local URL filter pattern issues. |
|
1087486 |
ICAP client does not do URI encoding when converting FTP to HTTP. |
|
537134 |
Session is not terminated after web-filter quota is reached. |
|
1093212 |
Error when editing anti-virus profile. |
|
1090334 |
Array over boundary access in memset. |
|
1089193 |
Fail to communicate with Radius server without message-authenticator support. |
|
1085179 |
Channel video cannot be blocked by proxy-inline-ips scan when user directly visits the video by URL. |
|
1005867, 1087631 |
AV scan does not work for archived msoffice, msofficex and 7z files. |
|
1095296 |
fast-policy-match becomes disabled after destination address changes in firewall policy. |
|
1094396 |
session-sync-dev is unsupported and should be hidden in CLI. |
|
1095945 |
Cannot reset one of the scanunit debugs, which permanently floods the CLI with output. |
|
1093671 |
Policy route with port configured causes IP tables failure. |
|
1095679 |
FortiProxy does not set umask before creating temp file. |
|
916178 |
With deep-inspection and SSL exempt is enabled, WAD crashes when visiting a server that has an expired certificate. |
|
1048296 |
Error in the HTTP2 framing layer when accessing a specific website via proxy with deep inspection configured. |
|
1097079 |
WAD crashes signal 11 at __wad_flush_http_sessions. |
|
1095315 |
The application and category fields are missing in replacement message when proxy inline IPS is enabled. |
|
899983 |
The size of wad_authgrp_member structure is not optimal. |
|
1096348 |
Unexpected logs are generated for the known applications when the logging is disabled in application profile. |
|
979502 |
WAD signal 11 crash at waps_sync_cmdb_vd. |
|
1096280 |
WAD crash at wad_icap_on_cancel. |
|
1093923 |
WAD crash caused by NULL webfilter profile when cmdb having issue. |
|
1082378 |
The counter of bytes shows 0 after SOCKS traffic matched the policy. |
|
1089004 |
WAD still kicks and deep-inspect the SSH traffic when auth is configured for a policy with no-inspection. |
|
1092324 |
Randomly the auth portal is not displayed in the secondary. |
|
1096450 |
WAD process crashes continuously. |
|
1099891 |
firewall.address type wildcard does not support non-contiguous masks. |
|
1094717 |
Root CA certificate should be filtered out for option ssl-cert under web-proxy global. |
|
1097384 |
FortiProxy SOCKS policy-matching is case-sensitive while case-sensitivity is disabled globally. |
|
1083925 |
When captive portal is set to FQDN, it fails to match due to FQDN case sensitivity. |
|
933225 |
Unexpected message during link monitor deamon start. |
|
1070388 |
FortiProxy does not respond to an ICMP request from directly connected interfaces. |
|
1100008, 1099962, 1102482, 1102052, 1102928, 1102965, 1103110 |
GUI issues. |
|
1096705 |
With inline-IPS enabled, no SNMP traps are generated when an IPS signature is detected. |
|
1096290 |
WAD crash at wad_log_http_transaction. |
|
1099036 |
Kernel panic on bridge mode FTPS traffic. |
|
1102602 |
Console shows "Total 0 remote conns is cleared" after boot. |
|
1099324 |
"fpx_snat_pick_ip" related kernel messages in crashlog. |
|
1101390 |
Proxy-address host address config update does not take effect. |
|
1100611 |
VMware kernel panic does not log to console. |
|
1102210 |
HTTPS fails to walk thru policy with fw-server. |
|
1099850 |
WAD crashes when it tries to initialize a QUIC listener on a port that has been already assigned to another UDP listener in another daemon (e.g. DNS proxy). |
|
1095866 |
WAD not responding to clients with error when SMB uploads are blocked. |
|
1094526 |
Blackhole route is created when creating IPsec tunnel on GUI. |
|
1102998 |
Inconsistent units used for "duration" and "durationdelta" fields in traffic log. |
|
1103484 |
Reportd daemon keeps crashing in FPX-4000G. |
|
1103545 |
Serverlo ad balance VIP in policy causes IP tables failure. |
|
1102477 |
Unable to download PAC file in PAC policy. |
|
1066365 |
ZTNA traffic failed. |
|
1081621 |
No support for automatic upgrade. |
Common vulnerabilities and exposures
FortiProxy 7.6.1 is no longer vulnerable to the following CVE reference. Visit https://fortiguard.com/psirt for more information.
|
Bug ID |
CVE reference |
|---|---|
|
1092960, 1093060 |