GEO 2.2.35.6 Release Notes
Refer to the sections below for details about firmware version 2.2.35.6.
Feature Enhancements
- Addressed a critical vulnerability (CVE-2018-9091) in the LoadMaster Operating System (LMOS) related to Session Management where an unauthenticated, remote attacker could bypass security protections, gain system privileges, execute elevated commands, and expose certain sensitive system data, such as certificates and private keys. This vulnerability was partially addressed in 7.1.35.5. The expanded scope of this vulnerability, covering exploitation through injection of arbitrary executable commands in cookies, is addressed in this release.
Known Issues
PD-10155 |
Issue with configuration corruption causes some GEO features not to function. |
PD-9572 |
There are discrepancies displaying the location latitude/longitude parameter values for some RESTful API commands. |
PD-9570 |
There is a typo in the removecountry API response error message. |
PD-9539 |
Issues with the PowerShell New-GeoCluster command in a specific scenario. |
PD-9523 |
In a specific scenario, the RESTful API returns a success message when fetching a non-existing GEO FQDN. |