LoadMaster 7.2.39.1 Release Notes
Refer to the sections below for details about firmware version 7.2.39.1. This was released on 6th September 2017.
Feature Enhancements
- Support for LoadMaster Service Provider License Agreements (SPLA) added to Amazon Web Services (AWS).
- Additional enhancements made to the Edge Security Pack (ESP) connection logs.
Issues Resolved
PD-9872 |
Fixed an issue where the Web Application Firewall (WAF) was not blocking specific requests when rules were enabled to do so. |
PD-9879 |
Fixed an issue that caused a delay with UDP connections. |
PD-9844 |
Fixed an issue that was causing LoadMaster reboots. |
Known Issues
PD-10980 |
A critical vulnerability (CVE-2018-9091) in the LoadMaster Operating System (LMOS) related to Session Management could allow an unauthorized, remote attacker to bypass security protections, gain system privileges, and execute elevated commands such as ls, ps, cat, and so on, thereby compromising the system. Through this remote execution, in certain cases, exposure of sensitive system data such as certificates, private keys, and other information may be possible. Further information can be found here: Mitigation For Remote Access Execution Vulnerability. |
PD-8725 |
Proximity and Location Based scheduling does not work with IPv6 source addresses. |
PD-9765 |
GEO does not support DNS TCP requests from unknown sources. |
PD-10392 |
Random reboots can occur on the master unit after upgrading the firmware to 7.2.39 and patching to 7.2.39.1. |
PD-9892 |
Application of SNORT rules does not work. |
PD-10155 |
Issue with configuration corruption causes some GEO features not to function. |
PD-9886 |
Password defined at deployment on Azure cloud appears in log. |
PD-9657 |
Naming a cipher set using - or + results in some issues. |
PD-9854 |
WAF does not support chunked transfer encoding on the POST body. |
PD-9908 |
ESP steering groups are not working as expected. |
PD-9903 |
Adding additional private IP addresses to Azure LoadMasters only works if there is more than one Network Interface Card (NIC). |
PD-9898 |
GEO IP range selection queries are refused in certain scenarios. |
PD-9869 |
Adding a space in the Replacement text field of an existing body replacement rule deletes the rule. |
PD-9867 |
There are some issues with the global connection timeout default value. |
PD-9865 |
There are some issues with the GEO IP blacklist automatic updates. |
PD-9861 |
There are some security issues with Outlook Web Access (OWA) when using ESP. |
PD-9857 |
Using RS drop on fail with HTTP/2 connections may cause the kernel to panic. |
PD-9837 |
WUI admin password login does not work in Password or Client certificate mode (except for the bal user). |
PD-9795 |
Decoding is failing for some base64 certificates when using Security Assertion Markup Language (SAML) authentication. |
PD-9770 |
ESP logs missing some information. |
PD-9768 |
Security issue in the SSO debug logs relating to the logon transcode option. |
PD-9761 |
There are some issues dealing with a high number of connections. |
PD-9758 |
Some users are unable to edit or access Office files from SharePoint when using SAML and KCD authentication. |
PD-9747 |
Some issues using HA pairs with certificate authentication. |
PD-9743 |
Issues importing some template files that have the default rule assigned. |
PD-9666 |
Headers with underscores are not accepted by Apache 2.4. |
PD-9643 |
Unable to change the IP address of a Virtual Service in an Azure LoadMaster. |
PD-9633 |
Unable to set the check host with the port attached in the WUI (it works using the API or CLI). |
PD-9604 |
Issues when trying to import some custom templates. |
PD-9517 |
Unable to authenticate some users when the password is expired and permitted groups are used. |
PD-9508 |
ESP only verifies SAML assertions when using the root certificate. |
PD-9504 |
Some users are experiencing issues with HA failover on Multi-Tenant LoadMaster units. |
PD-10159 |
CPU and network usage graphs not appearing after firmware upgrade. Resetting the statistic counters does not clear the graph data. |
PD-9453 |
Some Azure users are having issues licensing due to communication issues with the default gateway. |
PD-9383 |
Some issues with special space characters for local LoadMaster user authentication. |
PD-9359 |
Some users unable to authenticate using ESP. |
PD-9159 |
When WAF is enabled there is no traffic on the back-end in certain scenarios. |
PD-8697 |
Some users having issues detecting the partition when using the Hardware Security Module (HSM). |
PD-7157 |
When using WAF and KCD, all file attachments in SharePoint fail. |
PD-9470 |
LDAP Real Server health checking is not working optimally. |
PD-9883 |
The addvs API command incorrectly allows a Virtual Service to be created on the same IP address and port as the LoadMaster Web User Interface (WUI). |
PD-9864 |
The API on the Multi-Tenant LoadMaster is not working when Require Basic Authentication is enabled in WUI Session Management. |
PD-9779 |
Discrepancies between the WUI and RESTful API parameter for "Client Authentication Mode". |
PD-9596 |
The showiface RESTful API command shows the wrong interface values in the output for interfaces that are not configured. |
PD-9572 |
There are discrepancies displaying the location latitude/longitude parameter vales for some RESTful API commands. |
PD-9570 |
There is a typo in the removecountry API response error message. |
PD-9553 |
There is no API command to disable secure NTP mode. |
PD-9539 |
Issues with the PowerShell New-GeoCluster command in a specific scenario. |
PD-9525 |
The RESTful API returns the value of the failtime parameter in seconds, but it is set in minutes. |
PD-9523 |
In a specific scenario, the RESTful API returns a success message when fetching a non-existing GEO FQDN. |
PD-9476 |
There is no RESTful API command to get/list the installed custom rule data files. |
PD-9129 |
The API command to backup contains an error that breaks the PowerShell wrapper connection. |
PD-7156 |
The VSIndex parameter is missing in some API calls. |
PD-10160 |
The API commands to reset the CPU and network graphs do not work. |