GEO 2.3.45.0 Release Notes
Refer to the sections below for details about firmware version 2.3.45.0. This was released on 23rd January 2019.
New Features
The following new features were added to the 2.3.45.0 release:
- Added TLS 1.3 Support in GEO LoadMasters.
- Supported as a TLS protocol on GEO LoadMasters for administration Web User Interface (WUI) access.
- Created a new hard disk partitioning structure for hardware GEO LoadMasters.
- Previously, the GEO LoadMaster Operating System (LMOS) did not make full use of all the hard disk capacity that was available. With these changes, all the available space on the hard disk is now accessible to the GEO LMOS.
Feature Enhancements
- Added support for new MaxMind GeoLite2 database.
- The GEO LoadMaster now supports the new MaxMind GeoLite2 database. The GeoLite Legacy database has been discontinued by MaxMind and is no longer supported on GEO LoadMaster firmware 2.3.45.0 onwards.
- Added the ability to set and send the Remote Authentication Dial-In User Service (RADIUS) Network Access Server (NAS) identifier attribute in RADIUS requests.
- The GEO LoadMaster Web User Interface (WUI) and Application Programming Interfaces (REST and PowerShell APIs) now allow the setting and sending of NAS-ID attribute in RADIUS requests for WUI Authorization.
- Added support for SFTP as an option for GEO LoadMaster Automated Backups feature.
- SFTP can now be configured in the GEO LoadMaster WUI as a backup method for Automated Backups. Options are also available to configure automated backups using SFTP with the REST and PowerShell APIs.
- The LoadMaster Disk Management capabilities have been enhanced.
- Improvements have been made to the management of log files. Users now have greater control over log file management with the ability to download and delete individual log files. The logrotate utility has been made more robust.
- Updated OpenSSH from version 7.5p1 to 7.9p1.
- This is to mitigate against some security vulnerabilities - specifically CVE-2018-15473.
Issues Resolved
PD-12388 |
Addressed a further vulnerability (CVE-2018-9091) in the GEO LoadMaster Operating System (LMOS) related to Session Management that allows a logged in user to gain access to sensitive system data, thereby compromising the system. The expanded scope of this vulnerability covers exploitation through the use of insecure Web User Interface (WUI) endpoints. These vulnerabilities have been addressed in this release. Further information can be found here: Mitigation For Remote Access Execution Vulnerability. |
PD-12205 |
Fixed the issue where the SNMP user password changes when editing SNMP configuration. |
PD-12203 |
Improved the GEO Nameserver Statistic output that is displayed from the System Log files WUI page |
PD-12084 |
Corrected some inconsistencies in the description of LoadMaster SNMP MIB parameters. |
PD-12077
|
A validly-configured RADIUS user can now login to the LoadMaster WUI with Session Management enabled or disabled. |
PD-12070 |
Previously, a GEO Cluster could be created without a name. This caused problems when selecting this cluster as part of the FQDN configuration as the name would be a blank entry in the Cluster drop down selection area. Now, if a name is not specified when creating a new GEO Cluster, the IP address is automatically used as the name. |
PD-12062 |
Added missing parameter syslognone to the Set-LogSyslogConfiguration PowerShell cmdlet. |
PD-9553 |
A user can disable secure NTP by setting the REST API parameter ntpkeysecret to an empty string. |
Known Issues
PD-12424 |
Special characters for LDAP String Representation of Search Filters are not currently supported on the GEO LoadMaster for LDAP WUI Authorization. |
PD-12357 |
WUI Multi-Interface access does not work on any port other than the default port 443. |
PD-11861 |
IPv6 is not supported by the current RADIUS implementation in the GEO LoadMaster for WUI Authorization. |
PD-11024 |
The WUI is not accessible on NIC-1 from a non-local subnet. |
PD-10586 |
If a GEO FQDN is configured with All Available as the Selection Criteria, IP addresses are returned even if the cluster is disabled. |
PD-10155 |
An issue with configuration corruption is causing some GEO features to not function. |
PD-9765 |
GEO does not support DNS TCP requests from unknown sources. |
PD-8853 |
GEO Location Based failover does not work as expected. |
PD-8725 |
GEO Proximity and Location Based scheduling do not work with IPv6 source addresses. |