Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

  1. Kemp Support
  2. Announcements
  3. Product Updates

Release Notice: LoadMaster 7.2.56.2, 7.2.54.4, 7.2.48.7 (CVE-2022-0778)

Updated

Release Date: 25 April 2022

Firmware upgrade patches are now available for all active LoadMaster versions to close a security vulnerability associated with OpenSSL (see CVE-2022-0778) by upgrading the version of OpenSSL used by LoadMaster to OpenSSL version 1.1.1n.

We strongly recommend that you update your LoadMaster to one of these releases during your next maintenance period.

  • See the sections below for links to the Release Notes for each release. Please pay particular attention to the information in the following sections:
    • Before You Upgrade (READ ME FIRST)
    • Supported Models for Upgrade
    • Upgrade Patch XML File Verification Notes
  • Links to the update images for each release can be found on the Downloads Page.

LMOS 7.2.56.2 Highlights

The only change in this patch release is the upgrade to OpenSSL version 1.1.1n. Please see the Release Notes for more information.

LMOS 7.2.54.4 Highlights

In addition to upgrading to OpenSSL version 1.1.1n, critical issues in the following technology areas have been ported to the 7.2.54.4 branch.

GEO: When running in Cloud HA Mode, standby continues to respond to DNS requests.
Single Sign On with LDAP no longer working after an upgrade to LMOS 7.2.53.
Caching: Expired cache entries remain in the cache after the VS is restarted.
HTTP/2 and Chrome: random client reconnect issues when using the Chrome browser.
WAF / ESP: Modifying Virtual Service WAF or ESP can cause the LoadMaster to reboot.
Layer 7: Fixed an internal issue that could cause memory exhaustion under very heavy load.

Please see the Release Notes for more information.

LMOS 7.2.48.7 Highlights

In addition to upgrading to OpenSSL version 1.1.1n, critical issues in the following technology areas have been ported to the 7.2.48.7 branch.

GEO: Fixed a segmentation fault that may occur when the Name Server and Zone Name parameters in the Source of Authority settings are set to the same value.
Caching: Expired cache entries remain in the cache after the VS is restarted.
Layer 7: Fixed an internal issue that could cause memory exhaustion under very heavy load.

Please see the Release Notes for more information.

Was this article helpful?
0 out of 0 found this helpful

Comments

In this document