Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

  1. Kemp Support
  2. Announcements
  3. Product Updates

Release Notice: LoadMaster LMOS 7.2.54.3 LTSF

Updated

Release Notice: LoadMaster LMOS 7.2.54.3 LTSF

Release Date: 15th December 2021

Version 7.2.54.3 is the new Long Term Support Feature (LTSF) release of LMOS -- it will be maintained with stable new features from the GA release, it will also be updated with feature enhancements, bug fixes and security enhancements to provide a stable version of LMOS to succeed the LMOS 7.2.48.x legacy LTS release branch.

Subsequently, LMOS 7.2.48.x will be enhanced with critical bug fixes and security enhancements only.

Update Image Verification:

By default, verification of the digital signature on upgrade images is required in LMOS 7.2.50 and above. See the Update Verification Options setting under System Administration > Miscellaneous Options > WUI Settings. If the unit you are upgrading is set to require validation, you'll need to supply the XML Verification File supplied with this release.

Note that:

  • In previous releases, two verification files were provided: one for pre-7.2.51 systems and one for later systems. This restriction has been removed with the 7.2.53.0 release; if upgrading from firmware 7.2.51.0 / 7.2.48.3 and above you can use the XML file provided with this release. If upgrading from any other firmware version you must following the upgrade path detailed in Kemp LoadMaster Firmware Upgrade Path article.
  • LoadMasters running an LMOS version prior to 7.2.49 do not provide the option of XML file verification in the UI or API. If you are upgrading from one of these releases to this release, you can verify the digital signatures offline using a manual process documented on the support website.

Release Highlights:

Issues Resolved:

  • Web Application Firewall
    • Errors associated with adding a custom WAF rule have been resolved.
    • A delay timeout has been implemented on WAF connections to a remote log server that causes the connection to be dropped preventing open connections from exceeding the connection limit.

Security Updates:

  • Resolved a debug access security vulnerability that previously made it possible for a malicious already authenticated privileged user to obtain unrestricted access to the VLM disk image.        [CVE-2021-45080 ]

Download Links:

Download Current LTSF Version - 7.2.54.3

 

Recommended Reading:

For full details on all the firmware updates, consult the LoadMaster 7.2.54.3 Release Notes

To get the latest firmware updates please visit our Firmware Downloads page.

Comments

In this document