Knowledgebase
Downloads
RSS
Website
Home / Release notes / 1.2.0 build 3007

1.2.0 build 3007
Article ID: 93
Last updated: 30 Jun, 2009
Print
Export to PDF
Add comment
Views: 355
Comments: 0
  • New: SMTP Proxy Greylisting and Tarpit for Antispam Service
  • New: Application Filter Service (BETA)
  • New: Remote Configuration Backup Service
  • New: Redesigned configuration management (moved Options->Import/Export to System->Manage UTM Configuration)
  • New: Other web configuration interface changes
  • New: Change physical network interface order using 'calibrate' from Serial Console or Video terminal
  • Fix: Deleting an expired X.509 certificate will no longer delete unrelated IPSec PSK tunnels (which may have occured in some cases)
  • Fix: Improve reliability, stability and performance of apache2 server used for Web Configuration Interface
  • Fix: Improved stability and interoperability of IPSec VPN tunnels
  • Fix: Problems in SHA2-512 implementation used in IPSec VPN tunnels
  • Fix: Improve stability and performance of apache2 server used for Web Configuration Interface
  • Fix: Option "defaultroute" disabled by default in PPTP server configuration to avoid misconfigurations
  • Security: Properly handle a malformed ASN.1 structure to prevent remote attackers to mount a denial of service attack
  • Security: Properly handle malformed signed attributes with PKCS12 using CMS 
  • Security: Prevent remote attackers to cause a denial of service
  • Security: Prevent remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys
  • Security: Prevent remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites."
  • Security: When the TLS server name extensions are enabled, do not allow remote attackers to cause a denial of service (crash) via a crafted packet
  • Security: Prevent remote attackers to execute arbitrary code via unspecified vectors
  • Security: Fix buffer overflow in OpenSSL implementation to prevent remote attack vectors involving a long list of ciphers
  • Security: Prevent attackers to cause a denial of service (CPU consumption) via parasitic public keys in X.509 certificates
  • Security: Prevent attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures
  • Security: Prevent malicious remote servers to cause a denial of service (client crash) via unknown vectors
  • Security: Prevent remote attackers to forge a PKCS #1 v1.5 signature that prevents OpenSSL from correctly verifying X.509 and other certificates
  • Security: Prevent a possible denial of service attacks against IPSec VPN tunnels using specially crafted DPD packets
Add comment
Prev   Next
1.2.1 build 3135     1.1.3 build 2955

Powered by KBPublisher (Knowledge base software)

(c) Copyright 2008-2009 S.C. Syneto S.R.L. Romania