Multi-Tenant LoadMaster MT_7.1.35.2 Release Notes

Updated: May 25, 2021 18:56

Refer to the sections below for details about firmware version MT_7.1.35.2. This was released on 6^th September 2017.

New Features

You can reset the VNF password from the host in the console.

Interfaces can be bonded.
Administrator Web User Interface (WUI) access can be reset from the Multi-Tenant host console.
Mitigated against the CVE-2016-5696 vulnerability.
Updated the OpenSSL version to 1.0.2k to mitigate against the following vulnerabilities:

- CVE-2017-3731

- CVE-2017-3730

- CVE-2017-3732

- CVE-2016-7055

Updated OpenSSH to version 7.5 to mitigate against the following vulnerabilities:

- CVE-2015-8325

- CVE-2016-6210

PD-8634	Added the licenseinfo Application Program Interface (API) command.
PD-9651	High Availability (HA) Virtual LoadMaster IP addresses are shown on the VNF Status page.
PD-9774	Fixed issues with automated FTP backups.
PD-9864	Fixed an issue that stopped the API from working when Basic Authentication was enabled.

PD-10980	A critical vulnerability (CVE-2018-9091) in the Multi-Tenant LoadMaster Operating System (MT-LMOS) related to Session Management could allow an unauthorized, remote attacker to bypass security protections, gain system privileges, and execute elevated commands such as ls, ps, cat, and so on, thereby compromising the system. Through this remote execution, in certain cases, exposure of sensitive system data such as certificates, private keys, and other information may be possible. Further information can be found here: Mitigation For Remote Access Execution Vulnerability.
PD-10085	An incorrect link status is displayed in certain scenarios.
PD-10004	In some situations, the Multi-Tenant LoadMaster unit becomes unreachable when running a script to add a large number of VLANs.
PD-9950	HA does not work with LTS 7.1.35.4 on the Multi-Tenant LoadMaster.
PD-10124	GEO IP blacklist commercial rule downloads are not working on Multi-Tenant LoadMasters.