Multi-Tenant LoadMaster MT_7.1.35.2 Release Notes
Refer to the sections below for details about firmware version MT_7.1.35.2. This was released on 6th September 2017.
New Features
You can reset the VNF password from the host in the console.
Feature Enhancements
- Interfaces can be bonded.
- Administrator Web User Interface (WUI) access can be reset from the Multi-Tenant host console.
- Mitigated against the CVE-2016-5696 vulnerability.
- Updated the OpenSSL version to 1.0.2k to mitigate against the following vulnerabilities:
- CVE-2017-3731
- CVE-2017-3730
- CVE-2017-3732
- CVE-2016-7055
- Updated OpenSSH to version 7.5 to mitigate against the following vulnerabilities:
- CVE-2015-8325
- CVE-2016-6210
Issues Resolved
PD-8634 |
Added the licenseinfo Application Program Interface (API) command. |
PD-9651 |
High Availability (HA) Virtual LoadMaster IP addresses are shown on the VNF Status page. |
PD-9774 |
Fixed issues with automated FTP backups. |
PD-9864 |
Fixed an issue that stopped the API from working when Basic Authentication was enabled. |
Known Issues
PD-10980 |
A critical vulnerability (CVE-2018-9091) in the Multi-Tenant LoadMaster Operating System (MT-LMOS) related to Session Management could allow an unauthorized, remote attacker to bypass security protections, gain system privileges, and execute elevated commands such as ls, ps, cat, and so on, thereby compromising the system. Through this remote execution, in certain cases, exposure of sensitive system data such as certificates, private keys, and other information may be possible. Further information can be found here: Mitigation For Remote Access Execution Vulnerability. |
PD-10085 |
An incorrect link status is displayed in certain scenarios. |
PD-10004 |
In some situations, the Multi-Tenant LoadMaster unit becomes unreachable when running a script to add a large number of VLANs. |
PD-9950 |
HA does not work with LTS 7.1.35.4 on the Multi-Tenant LoadMaster. |
PD-10124 |
GEO IP blacklist commercial rule downloads are not working on Multi-Tenant LoadMasters. |