Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

GEO 2.3.40 Release Notes

Refer to the sections below for details about firmware version 2.3.40. This was released on 1st November 2017.

New Features

The following features were added to the 2.3.40 release:

  • Activation Server Local (ASL) LoadMasters have the ability to download Web Application Firewall (WAF) commercial rules and GEO IP blacklist rules.

Issues Resolved


Fixed an issue with configuration corruption that caused some GEO features to not function.


Fixed issues that prevented automatic update of GEO IP blacklist rules.


Fixed an issue preventing the addition of network/addresses in the GEO IP blacklist.


Fixed an issue that caused a crash when restoring a LoadMaster backup with 'Type' All, Base, Base+VS and Base+Geo using the RESTful API.

Known Issues


A critical vulnerability (CVE-2018-9091) in the Multi-Tenant LoadMaster Operating System (MT-LMOS) related to Session Management could allow an unauthorized, remote attacker to bypass security protections, gain system privileges, and execute elevated commands such as ls, ps, cat, and so on, thereby compromising the system. Through this remote execution, in certain cases, exposure of sensitive system data such as certificates, private keys, and other information may be possible.
Further information can be found here: Mitigation For Remote Access Execution Vulnerability.


Proximity and Location Based scheduling do no work with IPv6 source addresses.


GEO does not support DNS TCP requests from unknown sources.


An issue with configuration corruption is causing some GEO features to not function.


There is an issue relating to wildcard FQDNs in GEO.


Sometimes the GEO zone serial is not refreshed, causing a spurious "zone may fail to transfer to slaves" log message.


GEO IP blacklist commercial rule downloads are not working on Multi-Tenant LoadMasters.