Web Gateway 6.9.2 Build 13015 Release Notes - McAfee

McAfee Web Gateway 6.x 

====================== 

This file contains the new features, changed features and bugs that 

have been fixed for version 6.x of the McAfee Web Gateway product. For 

additional tips and information, see the Webwasher Online Help and/or 

User Guide. 

6.9.2 build 13015: Part Number 91-0950194-F 

------------------------------------------- 

New and Improved 

Bugs Fixed 

o MWG does not respond after client submitted quota (81713) 

o Node stopped working - pthread_create failed with code 12 (81778) 

o child process exited (termsignal=6)-Avira Engine crash during 

update after scan failure (81774) 

o Inactive epo event is logged in audit.log (81767) 

o multiple vulnerabilities in openssl (81777) 

o Question regarding Vulnerability (81792) 

o Vulnerability scanner detections on MWG 6.9 11735 (81787) 

o CVE-2011-318 (81746) 

o Extended List changes in the secure admin shell not synchronized 

with the sites (81788) 

o Avira engine should not throw an error on encrypted files (81811) 

o Whitelisting "Avira" is not working in duplicate coverage - MWG 

Internal Error (81810) 

o Nessus Scan - HTTP Proxy CONNECT Loop DoS (81764) 

o Wrong Alert when the DC connection status is unknown (81815) 

6.9.1 build 12571: Part Number 91-0950194-E 

------------------------------------------- 


Bugs Fixed 

o Big sqlite database "wwwp" causes welcome page to fail (81760)

o System crash, an unhandled ACCESS_VIOLATION exception (81755) 

o With SafeSearch enabled, some cookied were removed from the 

request (81754) 

o Failure of log transfer over FTP may create duplicate files at 

the FTP server (81747) 

o Dashboard not shown in IE6 (81740) 

o Internal error while accessing a website with SSL Scanner enabled 

using self signed certificates (81737, 81739) 

o "wwauth still busy" error messages appear in the logs (81734) 

o Custom header gets duplicated (81733) 

o Incorrect command syntax in system configuration documentation 

for removing stale nodes (81702) 

o Valid archive blocked as corrupt (81689) 

o "Can not load CRL" messages appear in the logs (81660) 

o Proactive Scanning Database version in Overview always set to 

zero (81549) 

6.9.0 build 11742: Part Number 91-0950194-D 

------------------------------------------- 


o RootCA certificate handling (81703) 

o New help page added explaining the update server concept (81629) 

Bugs Fixed 

o No revoked certificates for some CAs (81662) 

o Can not load CRL error for CRLs which work in the browser (81660) 

o System crash, an unhandled ACCESS_VIOLATION exception (81643) 

o MWG on Windows crashes frequently (81678) 

o POST protocol failure with 100 continue (81624) 

o server_ip is not logged in proxy with HTTP 502 response (81683) 

o max-age in 304 response not used for cache time (81701) 

o SpamEquator update failed: Could not find all the files (81655)

o Too many "Cannot load CRL" entries in errors.log (81676) 

o Valid archive blocked as corrupt (81689) 

o A specific file which cannot be scanned by Avira engine is not 

blocked (81692) 

o SNMP counter issue (81649) 

o Upgrade Trusted source library to 2.0.6.01 (81724) 

6.9.0 build 11282: Part Number 91-0950194-C 

------------------------------------------- 


Bugs Fixed 

o After upgrade clients are not following redirect to auth server 

(81675) 

o 6.9 upgrade breaks CM site instances (81673) 

o Unable to Join Central Management After Upgrading to 6.9 (81670) 

6.9.0 build 10927: Part Number 91-0950194-B 

------------------------------------------- 


Bugs Fixed 

o Cannot load legacy AV after upgrade to 6.9 (81647) 

o Customer Upgraded to 6.9 and Now the Application Terminates with 

termsignal=11 (81641) 

o MWG sends 502 could not connect when accessing cached file 

(81636) 

o Win7 clients NTLM auth fails through MWG 6.9 (81633) 

o Incorrect Behavior of "Cache Revalidation Rules" (81597) 

o Central Management update failing, sites unsubscribed (81572) 

o License change can lead to disabled AV scanning (81557) 

6.9.0 build 10636: Part Number 91-0950194-A 

------------------------------------------- 


o The following procedure must be completed to install MWG 6.9.0:

o - install the repository for MWG 6.9.0: 

o - from a system console, log on to the appliance using SSH 

o - run the following command: 

o yum install yumconf-6.9 

o - perform an update on the user interface or from a system 

console: 

o - to update on the user interface: 

o - go to Configuration > Appliance > Update 

o - click the "Contact" button in section "Check for Updates" 

o - from a system console, log on to the appliance using SSH 

o - run the following command: 

o yum upgrade 

o 

o Process of delayed login after login failure improved (81461) 

o Load AV updates in background (81307, 81351) 

o Remove tar files after centralized update (81239) 

o Trusted Source Cloud Support (81111) 

o Single automatic AV engine restart after "cannot load AV" error 

(80819, 81252, 81256) 

o Prevent AV update being cancelled while it still downloads files 

(81121) 

o Add option to ignore base McAfee AV engine although licensed 

(81120) 

o Input validation for 'content-length greater than' whitelist 

entry (81109) 

o Handle eDirectory synchronization in background (81113) 

o AV engine: possibility to re-start AV engine via SSH implemented 

(81036) 

o Add system alert if Mailshell LiveFeed is not activated (81008) 

o Memory Defragmentation and MP ICAP servers in maintenance mode

cause "Cold Restart" SNMP Trap to be sent (80966) 

o Attempt to recover connection to AD taking longer than 3 minutes 

(80942) 

Bugs Fixed 

o MWG adding extra line between headers and body (81540) 

o Authentication server wwparam causes Ajax site to make bad 

request (81533) 

o Quota issues (81499, 81431) 

o Overload handling prints overload message mistakenly (81444) 

o Override accounts are not visiable (81491) 

o Auto-pushing failed sometimes (81472) 

o McAfee Gateway Anti-Malware on Windows does not detect Eicar 

(81432) 

o Central management deleting last ip mapping entry (81416) 

o Downloaded exe file saved as zip archive on windows 7 (81413) 

o Vulnerability CVE-2010-0405 (81399) 

o Overload issue - Enhanced IFP worker & Output threads to be 

created with custom stack size (81395) 

o Inspect certificate not working correctly (81393) 

o Respmod Bypass List not working with assignment of a policy to a 

proxy port (81361) 

o Client Certificate handling does not allow sending certificate 

chain (81282) 

o Wrong media type detection with gmail (81330, 81348, 81364) 

o High memory under low load caused by big dashboard-database 

(81312) 

o Threads in close_wait cause memory overload (81291) 

o McAfee Gateway Anti-Malware Engine fails to load on debian 

(81287) 

o Archive blocked because "content size greater than the defined 

size limit" (81274) 

o ICAP Processes fail to load URL Filter list (81264)

o FTP communication problem - MWG closes connection after entering 

pasv mode (81269) 

o Wrong media typ for embedded images in .ppt file (81258) 

o Media type detection for URLs that can result in dynamic content 

(81240) 

o MIB Browser not working on SLES 9 & 10 installation (81230) 

o Unpacked archive size grows with defined limit (81221) 

o Extended list manager unable to read "&" symbol (81201) 

o Upload of jpg to cms fails (81188) 

o Hanging actions: Cluster Node Job Queue and Persistent Quota Info 

Sync (81179) 

o Google searches do not work with safesearch enforcer enabled 

(81171) 

o Dashboard data not sticking within IE (6,7,8) (81167) 

o WW requests -web.washer- were send to next hop (81150) 

o The same CRL download url was added multiple times (81149) 

o Centralized Management: after upgrading to 6.8.7, 3 of 8 nodes 

not subscribed to master (81144) 

o Flag in the NTLMSSP_NEGOTIATE message (81143) 

o Site UI port changed by Master when joined despite being exempted 

(81124) 

o Blank known certificates authorities showing after upgrade 

(81103) 

o Cache Settings mysteriously change in web interface when 

switching between tabs using Firefox (81101) 

o LDAP authentication: spaces break ldap browser (81100) 

o Appliance crashing child process exited (termsignal=7) unable to 

start due to frequent failures (81099) 

o Webwasher-csm.install contains unnecessary check if /usr is 

writeable (81092) 

o MWG blocks a couple of LZH archives (81088) 

o DNS Cache usages causes slow web performance (81063)

o Lot of application/ogg traffic (81062) 

o Files in /opt/webwasher-csm mysteriously are deleted (81051) 

o Less than character ( Use other host or URL not working 

(80965) 

o Memory Overload occurred with minimal load (80958) 

o LDAP wizard creating "$attrlist$" and "Error: 0. Error 

description: " (80947) 

o Authentication Server redirect does not work as expected for 

HTTPS pages on first redirect (80932) 

o SQLITE database corrupted: No traffic passing through WebWasher 

(80931) 

o Corrupt timeseries.ww causes non-recoverable termsignal 11 

(80930) 

o MWG detecting cab file as corrupt, able to extract with WinZIP

80929) 

o GUI: Routes not displayed properly (80919) 

o Authentication: threads stuck in 'Status=kAuthenticate', MWG 

eventually hangs (80873) 

o FTP-over-HTTP fails with anonymous user if blank password is 

specified (80864) 

o Archive as corrupted blocked (80850) 

o MWG crashing with termsignal=11 on Suse9 (80715) 

o Safe search breaks google trends (78574) 


------------------------------------------ 


Bugs Fixed 


------------------------------------------ 


o Improved stack size handling for auth server and end user port 

(80676) 

o Change default settings for TrustedSource Web Reputation (80624) 

o Home->Support should link to McAfee (80576) 

o Improved Welcome Page functionality (80547, 79063) 

o Add new certificates and hosts to SSL Scanner lists (80352, 

80527) 

Bugs Fixed 

o SSL Scanner bypass vulnerability on wildcard certificate check 

(80680) 

o Endless loop in Cab archive (80652) 

o SNMP traps for URL list updates not working (80648) 

o Receiving "Download Cancelled" after clicking download button in 

IE7 (80647) 

o Document Inspector System Alert will not disappear (80646)

o Prevent DOS attack to authentication server (80642) 

o WW prints internal messages to errors log (80629) 

o Advertising filter destroys JavaScript (80627) 

o MP: Inconsistent IP mapping with Multi Process mode (80623) 

o Microsoft Project file (.mpp extension) blocked as audio/mpeg 

(80622) 

o WWoB: on master blade feedback scripts (started with "2") shows 

"lsof" related warnings (80615) 

o Memory defrag script (80610) 

o Download of gmx eMail attachments failed (80609) 

o MPClusterControl unable to update nodes when Web Interface has IP 

restrictions (80608) 

o Native NTLM: Group memberships get mixed up (80607) 

o Crash when talking to ePO server (80606) 

o "Detect unsolicited POSTs" will break forms (80591) 

o Archive blocked as corrupted (80581) 

o SSL-Scanner - HSM-Agent: Root CA key cannot be loaded on startup 

(80571, 80578) 

o Must be able to handle multiple 100-Continue messages from web 

server (80567) 

o Update from 6.7.6 to 6.8.5 broke settings.xml (80540) 

o Long text causing page display issues (80539) 

o Content type "application x-ms-application" is changed to 

"text/xml" (80530) 

o Real-time classifier blocks words containing unicode characters 

(80508) 

o SNMP statistics are not accurate after multi-process is enabled 

(80479) 

o Outdated Dynablocator directory and file is copied to all ICAP 

processes in MP (80474) 

o Redirect via query string parameter on gui login page (80444) 

o Potential cross-site scripting vulnerabilities in web UI (80442,

80443) 

o Certain Generic Header Filter combination may crash MWG(80430) 

o URL Executive Summary (80398) 

o Drop downs for dashboards not displayed right in IE (80392) 

o WCCP and overload protection not playing nice together (80342) 

o Quota reset does not work from secure admin shell (80287) 

o SafeSearch enforcer produces false positives (79898) 

o Known Root CAs not synchronized in Cluster (79513) 

o Download Canceled page always displayed in English (79326) 

o eDirectory settings broken by cluster (78709) 

o HTTP links in HTTPS blockpages (78634) 

o Unwanted red warning for anonymous ldap bind (78612) 

o Time and Date in web interface is reset after reboot (78085) 

o WebUpload Filter active, even though not enabled (77079) 

o Src_ip and auth_user are not working in the security.log (76236) 

6.8.5 build 5330: Part Number 91-0949869-E 

------------------------------------------ 

Bugs Fixed 

o Native NTLM: Group memberships get mixed up (80607) 

o SSL-Scanner - HSM-Agent: Root CA key cannot be loaded on startup 

(80571) 

o Various crashes in SSH command line interface (80522, 80524, 

80523, 80616, 80621) 

6.8.5 build 5141: Part Number 91-0949869-D 

------------------------------------------ 

Bugs Fixed 

o Memory is getting filled up in 3 minutes (80535) 

o Incorrect group mapping using native NTLM-authentication (80528) 

o Authentication problem with NTLM-agent (80515)

o Problems related to TCP window scaling occur for some sites after 

upgrading (80517) 

o Problem with centralized A/V updates (80516) 

o Role allows reading logs, but Webwasher is forbidding it (80504) 

o Auto-pushing fails when using domain\user for the username field 

in the common push target (80495) 

o Escape character for shockwave-flash media type not being treated 

properly (80490) 

o Mpcluster control jumping between stati (80485) 

o Files over 4 GB shows wrong size over FTP (80412) 


------------------------------------------ 

Bugs Fixed 

o Not possible to initialise Generic Body Filter if Anti-Malware is 

not licensed (80513, 80521) 


------------------------------------------ 


o Ability to disable exploit protection against double 

Content-Length headers (80459) 

Bugs Fixed 

o FTP over FTP Client is not working after upgrade on 6.8.5 (80476) 

o Option to add leading Slash in FTP Retr Command (78400) 

o Download fails sporadically using Progress Pages (80041) 

o Log pusher attempts to push files that no longer exist (80468) 

o Problems with log rotation and merging (80473) 

o For clean installations on WW2900E cache cannot be enabled 

(80480) 

o WW500 failed to boot after upgrade (80475) 

o Sporadic Authentication Popup with Native NTLM (79684) 

o Webwasher crashes in Authenticode Filter (80487)


------------------------------------------ 


o Support Anti Malware engine with Proactive NG (79968) (NOTE: 

Requires an AV and a Proactive update after version upgrade) 

o Log Manager: Ability to configure pushed log filename (80360) 

o ICAP client: workaround for incompatible DLP servers (79839) 

o Incremental update for McAfee AV engine (80333) 

o Support WCCP "Weight" functionality (80423) 

Bugs Fixed 

o Too many 407 responses when using NTLM cache (80251, 79988) 

o Central Management: running feedback from GUI froze master and 

sites (80385) 

o Log Manager: Several improvements (80386, 80378, 80374, 80367, 

80360, 80370, 80345, 80339, 80361) 

o GUI: filter option overwrites routes (80369) 

o SSL Scanner: error behavior in case of unicode encoded cn in 

transparent environment 

o ICAP client: Reponse time increased after enabling multi 

processing (80363) 

o TrustedSource: score still applied even though domain is 

whitelisted for spam filter (8035) 

o Proxy: Improved Timeout values (79958) 

o Welcome page may incorrectly build the submit action link (80285) 

o Overload issues persist with 6.8.4 (80407, 80406, 80393) 

o Problem with custom action in Multi Process mode (80405) 

o MP Control stopped maintanance after icap server crash (80415) 

o Interrupted requests should be logged in proxy's access.log 

(80422) 

o HA cluster is not working as expected (80176, 80075) 


------------------------------------------


o Support McAfee's ePolicy Orchestrator (ePO) (79918) 

o Rebranding to McAfee (79924) 

o Increase robustness against AV update issues (79920, 79939, 

79940, 79975) 

o Log file push enhancements (79914) 

o Support cache_status and block_res in custom logfiles (78232) 

o Parent proxy policy enhancement for URL AND IP subnet (79803) 

o NTLM Cache should be a GUI option (79900) 

o Show time interval length in Dashboard (78977) 

o Default Respmod Whitelist for problematic sites (80293) 

Bugs Fixed 

o Too many 407 responses when using NTLM cache (80251, 79988) 

o SNMP variables do not reset automatically (80026) 

o Login page is missing error message when bad credentials are 

entered (80020) 

o Breaking connection to AD on error STATUS_INVALID_WORKSTATION 

(80023) 

o Authentication failing with mutilple NTLM agents (80017) 

o File incorrectly identified as audio/mpeg (79961) 

o E-Mail attachments(.XLS or .PPT) are blocked by Media Type Filter 

as mpeg (79938) 

o Cannot join WW to domain with trusted credentials (79878) 

o RADIUS password limits at 16 characters (79845) 

o Web Upload Filter: size limit without effect (79925) 

o Web Upload Filter works although Media Type Filter is switched of 

(79869) 

o SNMP: unexpected CPU idle values (79751) 

o New timeout for initial request on a connection (80066)

o Obfuscate username/password in authorized override url (80024) 

o Usernames with umlauts or rings cannot authenticate via native 

NTLM (79999) 

o FTP-Problem Webwasher loses the credentials (79989) 

o WebWasher problems due to hanging action - Mobile Code Filter 

Update (79907) 

o SSLScanner: No timeout when upstream proxy is used (79906) 

o Crash in document inspector (79902) 

o Old av updates not getting deleted (secure antimalware) (79876) 

o Not all 'Certificate Subject Alt Name' entries passed, resulting 

in certificate prompt in browser (79867) 

o AV license bug - update fails when the first AV module runs out 

of date (79826) 

o Crash during multi-threading processing of Rar archive (79814) 

o CCacheSocket::ReadPreviewData corrupts content when called more 

than once (79811) 

o webwasher delivering truncated content (79809) 

o Crash in Cache::CWebObject::~CWebObject (79793) 

o Termsignal 11 crashes related to CLI access under heavy load 

(79775) 

o WW delivers corrupt tar archive even when policy is set to block 

corrupted archives (79765) 

o asctime, ctime, gmtime && localtime not threadsafe (79761) 

o AntiVirus update didn't abort in time (79753) 

o Termsignal 11 backtrace points to CCabDecoder::GetLzxBitsBuffer 

(79748) 

o Termsignal 7: Bus error during Sophos update (79742) 

o crash (termsig=11) in std::_Rb_tree_rotate_right (79706) 

o Read-Only User Accounts can't access log files via web access 

(79701) 

o LRU blocks after restart with full cache and constant load 

(79700)

o Webwasher unable to start another thread, termsignal=6 (79665) 

o Cannot load certificate for web interface IP address (79625) 

o WW is crashing with termsignal=7 directly after start (79623) 

o HTTP Error 401.2 when NTLM Auth on Webwasher and Webserver 

(79612) 

o Content Type ".ods/mimetype" is changed to "." (79609) 

o Unwanted Mediatype not blocked when in TAR Archive (79606) 

o Secure Administration Shell fails to accept large input files 

(79544) 

o Raw post option doesn't stick (79509) 

o Webwasher changed response body (79236) 

o XML parsing error because of header modification (78989) 

o Web reputation level not always logged correctly (79897) 

o Invalid Proxy Request when downloading HTTPS file with enabled 

volume quota and transparent proxy (80034) 

o Office 2007 Excel files blocked by magic bytes (79102) 


------------------------------------------ 


o Ability to downgrade to HTTP/1.0 on a per url basis (79205) 

o SSL Scanner: Different redirect handling for CERTVERIFY requests 

when transparent authentication has expired (79841) 

o Additional RESPMOD bypass options (80001) 

Bugs Fixed 

o Policymapping: Problem with policy names (79864) 

o Proxy/ICAP Server: Hanging threads (79840) 

o AV-Update: New updates should not abort old updates too early 

(79975) 

o SSL-Scanner: No timeout when upstream proxy is used (79906) 

o Archiver: Crash during multi-threading processing of Rar-Achive 

(79814)

o Document Inspector: Crash in Document inspector (79902) 

o Filter Engine: Wewasher crashed with termsignal 11 (79945) 

o ICAP Server: "Send Body in one Frame" not always working (79978) 

o ICAP Server: Optimized 204 response messages (79890) 


------------------------------------------ 


o openssl: Address CVE-2008-5077 

Bugs Fixed 

o GUI: Problems with check boxes in user based mapping (79822) 

o Authentication: In special cases NTLM authentication causes 

browser loop (79821) 


------------------------------------------ 


o Authentication: Native NTLM support for Windows Server 2008 AD 

(79567) 

o Authentication: Better handling for wrong NTLM messages based on 

a Windows problem described in 

http://support.microsoft.com/kb/312176/en-us (79723) 

o Prevent XSS with Progress Pages (79531) 

o Proxy: Prevent connect to http://0.0.0.0:xx (79530) 

o Close download connection for proxy.pac files right after 

delivering (79709) 

o Feedback Script: New log level for collecting statistical 

information 

Bugs Fixed 

o Proxy: Webwasher crashes with Termsignal 11 (79671) 

o Proxy: FTP over HTTP can't handle some symbols in file/folder 

names (79451) 

o Proxy: Crash in IFP server for invalid request (79760)

o Proxy: Sporadic problems with early web server connection close 

(e.g. www.iltalehti.fi) (79417) 

o ICAP Server: Communication error when transparent auth session 

expired + CERTVERIFY request (79675) 

o ICAP Server: Cannot download huge files (79514, 79699) 

o ICAP Server: Download via Progress Page results to 0 Byte 

download (79556) 

o Anti Malware: Failover does not work if engine could not be 

loaded (79677) 

o Authentication: WW can't join AD domain if DCs allow only NTLMv2 

(79533) 

o Authentication: NTLM with Authserver - taking 5 seconds to 

authenticate (79508) 

o Authentication: Selecting RADIUS as "accepted authentication 

method" causes failed authorization (79101) 

o Authentication: Handle failed group lookups better for Native 

NTLM (79223) 

o Authentication: Sporadic Authentication Popup with Native NTLM 

(79684) 

o Document Inspector: Webwasher crashed, Backtrace points to 

CXMLTypeChecker (79669) 

o Document Inspector: Cab file inside of MSI blocked as corrupted 

(79560,79384) 

o Document Inspector: Endless loop in document inspector (77966) 

o Document Inspector: Special Powerpoint documents not recognized 

(78755) 

o Document Inspector: Text categorization does not work for pdf 

files (79744) 

o Document Inspector: Webwasher crashed during unload of XML parser 

(78981) 

o Archiver: Archive is claimed to be over allowed size limit 

(79595) 

o Archiver: Crash if zip archive larger than 2GB (79596) 

o GUI: Cannot load certificate for web interface IP address (79625) 

o Secure Administration Shell: Crash in shutdown under

circumstances (79600) 

o Mail Gateway: Inbound queue overflowed result in crash (79650) 

o Mail Gateway: Deleting parts from email (79319) 

o Embedded Objects: ActiveX controls not getting blocked (79648) 

o Central Management: Hanging Cluster Node Job Queue action (79641) 

o Central Management: Cluster Node Job Queue action hangs (79683) 

o Mediatype Filter: Detection of streaming media improved (79594) 

o SSL Scanner: Send whole certificate chain for incoming 

TLS connections (79591) 

o SSL Scanner: Timeout for tunneled SSL connections (79603) 

o URL Filter: Ignored if policy has spaces in it (79332) 

o URL Filter: Safe Search Enforcer does not handle 

video.google correctly(79487) 

o Termsignal 11 on Solaris 10 (79472) 



o Feedback Script: New parameter to prevent pausing Webwasher while 

getting backtrace 

Bugs Fixed 

o Anti Virus: Crash during update of McAfee engine (79160) 

o ICAP Client: Termsignal 11 or 6 while recreating "internal" ICAP 

service (79559, 79475, 79111) 


------------------------------------------ 

Bugs Fixed 


------------------------------------------ 

Bugs Fixed 

o Anti Virus: Crash during update of McAfee engine (79160, 79315) 

o Proxy: Under circumstances threads will not be ended if the 

server connection dies (79224)


------------------------------------------ 

Bugs Fixed 

o SMTP Gateway: TLS email delivery fails (79463) 

o Authentication: 6.8 Native ntlm auth fails (79452) 

o Authentication: Native NTLM user in too many groups (79412) 

o Proxy: HTTP 1.0 without host header does not work for WCCP 

(79456) 

o Archiver: Crash in Microsoft CAB archives under circumstances 

(79443) 

o SMTP Gateway: Mails delivered but mailbody was changed to Cannot 

Load AV Engine (79232) 


------------------------------------------ 


o SSL Scanner: Tunnel SSL on expression to enhance transparent 

deployments 

o SSL Scanner: Enhancements for interoparability with Sidewinder 

o Authentication: LDAP/V3 support with SLDAP (73779) 

o Authentication: Security setting that allows to turn SMB signing 

off if server doesn't support it (79157, 79235) 

o Authentication: Support for NTLM: Local Nested Groups (79087) 

o Authentication: Support for NTLM: Trusted Domains 

o Authentication: Support for NTLM: Possibility to search Domain 

Controllers via DNS lookup 

o Filter: Enhancement for file size limit (78182) 

o Filter: Whitelist by ContentLenght Header (74820) 

o Anti Malware: Option to completely fail open when AV cannot load 

(79272) 

o Configuration: Distribution of configuration for Secure Mobile 

Web Filter 

o Reporting: New log file field "auth_group" to print the group

name (73656, 75031, 76928) 

o Reporting: Write custom parameters as result of Generic Header 

Filter (79126) 

o Reporting: Log FTP Proxy Username in proxy access log (79286) 

o Reporting: Optionally add domain as prefix to user name in access 

log when authenticating via NTLM (79070, 76832) 

o Safe Search Enforcer: reduce false positives 

Bugs Fixed 

o Proxy: Not possible to do a redirect for site 

http://www.intierra.com/ (79057) 

o Proxy: FTP-over-HTTP error message without Slash at the end 

(79188) 

o Filter Engine: Action 'Library Cache' is hanging (79164) 

o ICAP Server: URL Filter feedback does not send any URLs (78396) 

o ICAP Server: Fetch group name from HTTP header (79127) 

o SSL Scanner: Entries disappearing (78718) 

o URL FIlter: Sometimes Smartfilter update has to be triggered 

twice (78951) 

o Mediatype Filter: mp3 file handling (79007) 

o Mediatype Filter: XHTML Mobile not detected properly (78063) 

o Mediatype Filter: Problem with type detection for special gif 

images (78909) 

o Mediatype Filter: Office 2007 Excel files (xlsx)blocked by magic 

bytes (79102) 

o Settings are getting changed on the site without changes on 

master (79097) 

o Central Management: Administrator SSH public keys are not 

completely synchronized in cluster (79058) 

o Configuration: Wrong location of "authorized_keys" file results 

in losing admin keys (79084) 

o Configuration: Wrong file permissions after configuration restore 

and ww restart (75362) 

o Authentication: Add domain name to group name disappears (79248)

o Subject Filter broken (79065) 

o Addressing Internet Explorer bug that can lead to ICAP 

communication problem (79214) 

o HTML Filter: in rare cases crashes Webwasher (79189) 

o Archiver: multipart archive was detected as corrupted (79159) 

o Secure Administration Shell: Action "SSH Idle Connection Cleanup" 

hangs (79297) 

o Generic Header Filter: Illegal HTTP header when custom param 

creation is intended (79350) 

o Engine Update failed if customer set archive size limit to 1 Mb 

(79317) 

o URL Filter: Safe Search Enforcer breaks google-insight (79403) 

o Anti Malware: JPEG exploit is not getting blocked anymore (79337, 

79360) 


------------------------------------------ 

Bugs Fixed 

o Proxy: ICAP errors with web reputation disabled (79122) 

o Native NTLM: SMB connection will fail if DC not support SMB 

signing (79235) 

o ProActive: Crash downloading ISO > 4 GB (79268) 

o Proxy: Crash due to hanging threads (79224) 

o Webcache: Crash under circumstances (79239) 


------------------------------------------ 

Bugs Fixed 

o Proxy: POST request fails, connection is reseted (79095, 79055, 

78819) 

o ProActive: Streaming of flash videos vidoe/flv broken (79182) 

o Authentication: Username not written to Logfiles if NTLM Cache is 

activated (79141) 

6.7.4 build 3534: Part Number 91-0948913-A

------------------------------------------ 

Bugs Fixed 

o Anti Spam: Memory leak in Mailshell library (78680) 

o SSL Scanner: SSL handshake error (79151, 79185) 

o SNMP: Authentication bypass in net-snmp/wwsnmp (79201) 

o Webcache: Webwasher crashes under circumstances (79054) 


------------------------------------------ 

Bugs Fixed 

o Document Inspector: False Positive in XML files for McAFee virus 

scanner (79086) 

o Authentication: Encrypted file cannot be loaded if file length is 

exactly X kb (79153) 

o Authentication: Segfault occured if server returned RPC packet of 

FAULT type (79139) 


------------------------------------------ 


o SSL Scanner: Preinstalled root CA's updated 

o Media Type Detection: Detection of quicktime containers enhanced 

(78988) 

o Proxy.pac file with customizable caching age (78749) 

o Authentication: Multi packet response support for Native NTLM 

(79061) 

o Authentication: NTLM machine name field limited to 15 characters 

for compatibility reasons (79015) 

o Authentication: Test page for NTLM configuration in GUI 

o SSL Scanner: Problem with new SSL Scanner licensing (78945, 

78946) 

Bugs Fixed 

o ICAP client error (79036) 

o Inconsistent progress page interface (78998)

o Trusted Source: Rating under Solaris always 50 (78584) 

o Proxy: Proxy.pac file corrupted when delivered to site instance 

(78681) 

o Proxy: HTTP pipelining not working (79010) 

o GUI: Correct use of certificate chain for webinterface (77784) 

o Document Inspector: PDF file is blocked when "Embedded Script" 

enabled (78982, 79035) 

o Document Inspector: Error with scanning PDFs in certain 

circumstances (78273, 79032, 78901, 78448, 79046) 

o SMTP Gateway: Crash in mail queue handling (78980) 

o SMTP Gateway: Queue overview link doesn't contain port (78904) 

o URL Filter: SafeSearch Enforcer blocks Google Maps (79033) 

o Authentication: LDAP E-mail mapping and attributes with commas 

(78626) 


------------------------------------------ 

Bugs Fixed 

o Document Inspector: Not Working with MSOOXML (78916, 78866) 

o Migration: Some Whitelist entries are deleted after update 

(79020) 

o Authentication: IP-mapping mixed up or lost under load (78793, 

78943) 

o Authentication: eDirectory only uses first result for 

authenticating a User by IP address (78940) 

o Authentication: Native NTLM limited to 10 group memberships 

(79011) 

o Authentication: NativeNTLMv2 broken (79031) 

o Authentication: Native NTLM Setup fails under circumstances 

(79009, 79042) 

6.7.0 build 3295 : Part Number 91-0948352-A 

------------------------------------------- 

New and Improved

o Available under Red Hat Enterprise Linux 5.0 and Suse Linux 

Enterprise Server 10 

o Native NTLM support 

o Enhancements for "Ensured Streaming Media May Bypass AV" 

o Proactive: Enhancements to decrease false positives in script 

code 

o Authentication: Support of Radius fallback server 

o Authentication: Support of Radius group mapping 

o Authentication: Promptless authentication outside Webwasher 

subnet (78545) 

o Reporting: Sort log files alphabetically (76663) 

o SMTP Gateway: Different languages for digests depending on 

domains (78614) 

o Authentication: RADIUS fallback enhancement for Admin 

authentication (78476) 

o Archiver: Support for non-standard tar files (78783) 

o SmartFilter SDK 4.3.1.06 

Bugs Fixed 

o SMTP Gateway: "Tab" character inside header field causes address 

mapping to fail (78516) 

o SMTP Gateway: Attachment broken when Mail Footer is added by 

Webwasher (78729) 

o Document Inspector: Thread needs 79% CPU (78649) 

o Exceptions for TLS cannot be defined (78659) 

o Logging: unix_epoch variables for blockpages display incorrectly 

(78665) 

o GUI: Backup fails because of too many server certs (78677) 

o RealAudio streaming not working (78596) 

o GUI: Backup includes addressmapping.txt (78720) 

o SSL Scanner: Common Name displayed weird when inspecting 

certificate (78695) 

o SSL Scanner: IP address is truncated when inserted in the

certificate list (78802) 

o Upload Filter: Malformed multipart/form-data upload crashes 

Webwasher (78722) 

o Media Type Detector: HTML file detected as text/xml (78708) 

o Media Type Detector: WebWasher does not recognize Powerpoint 

document (78755) 

o Centralized Management: Cluster does not synchronize (78591) 

o Proxy: Webwasher closes connection even though it sends 

"Proxy-Connection: keep-alive" (78889) 

o Anti Malware: Settings are active though not licensed (78896) 

o Unable to download large .exe file (78856) 

o Proxy: Change FTP Command Filter for partial downloads when "REST 

0 (78817) 

o Proxy: Problem if 2 authentication methods are configured for FTP 

proxy(78660) 

o Anti Spam: Mail Footer modifies Outlook Calendar entries (77238) 

o Authentication: LDAP login prompt freezes after entering the 

credentials (78803) 

o URL Filter: Faulting module sfcontrol.dll (78655, 78927, 78652) 

o Central Management: Radius "Shared Secret" breaks on site (78824) 

o Reporting: Log file structure set back to default for site 

instances (78883, 78829) 


------------------------------------------ 

Bugs Fixed 

o Linux vulnerability fixed (78837) 

o Authentication: LDAP login prompt freezes after entering the 

credentials (78803) 


------------------------------------------ 

Bugs Fixed 

o Proxy: Illegally closing connection breaks web server NTLM 

authentication (78742)


------------------------------------------ 


o Reporting: Feedback generation without certain logs (78519) 

o Reporting: Sort logfiles alphabetically (76663) 

o OS sanity check for restore function (78468) 

o Ad-aware updates through webwasher fail (78492) 

Bugs Fixed 

o Generic Body Filter: UI has problems with specific chars(78490) 

o SSL Scanner: CN mismatch if CN is in unicode (78534) 

o Proxy: Server authentication problem if authentication canceled 

(78480) 

o Proactive: Update is greyed out if AV but not AntiMalware is 

licensed (78532) 

o Problem with parameters in URL redirect custom action (78375) 

o Reporting: %BR field not working for syslog action (78565) 

o Reporting: Corrupted log file structure definition (76449, 78357, 

78538) 

o Web Reputation: Whitelist entry for sun.com does not work (78564) 

o Whitelist: Not working for office documents and form data (78315) 

o Authentication: Issues when admin account uses RADIUS 


o Authentication: Allow Internet access when auth server is down" 

does not work (78557) 

o Document Inspector: Thread needs 79% CPUand webwasher is not 

responding (78649) 

o Document Inspector: Endless loop in corrupted Excel document 

(78592) 

o Anti Malware: Problems with Sophos engine (78550, 78540, 78513) 

o Upload Filter: Crash under special circumstances (78606) 

6.6.2 build 2970: Part Number 91-0947890-C

------------------------------------------ 

Bugs Fixed 

o GUI: Not possible to use full stops in administartor names 

(77331) 

o LDAP: Problems with support for "Umlaute" (78537) 


------------------------------------------ 

Bugs Fixed 

o Anti Spam: Memory leak during update (78453, 78357) 

o Anti Spam: Webwasher crashes if there are no spamfingerprint*.dat 

files (78525) 

o LDAP: Problems with "Umlaut" (78461) 


------------------------------------------ 


o Logging: write update log information also to syslog (78351) 

o GUI: hit rate displayed in "webwasher" dashboard (78348) 

o Transparent IP based authentication with eDirectory 

o Secure Admin Shell: Add function to reload policy (78159) 

Bugs Fixed 

o If custom hostname is used, ports are not added (78399) 

o Action for known CAs not executed (78402) 

o Content-Length Header not updated upon POST body modification 

(78344) 

o Wrong helpfile for mail footer (78397) 

o Broken files cached when bigger download is canceled (78172) 

o Java application not working via Webwasher (78366) 

o SSL Scanner: problems with time server certificate (78373) 

o Cannot add proxy ports in Windows (78361) 

o Media Type mismatch on 302 redirect (78320)

o Logging: writing garbage into access log (78289) 

o Problem white listing embedded objects (78324) 

o Fixed crashing bug (78325) 

o "Send to Support" not working when HTTP GUI disabled (76433) 

o Malformed executable causes a crash in PEParser (78391) 

o Proactive Scanning: Scrambled letters on some multi-byte 

character set web pages (78129, 78090) 

o Deleting email from digest web interface doesn't move it to trash 

queue (78318) 

o Problems with more than one Content-length header (78352) 

o Documentinspector: Deadlocks / Crashes on Windows (77995, 78003, 

78161, 78274) 

o GUI response slow or doesnt work (78425, 78439) 

o Anti Spam: wrong Mailshell results if online query fails (78000) 


------------------------------------------ 


o Possibility to whitelist web reputation filter 

o Possibility to whitelist media type adaptation (fixes: 78277, 

78257, 78291) 

o Dashboard: New tab "Webwasher" (77463) 

o Actions: New option to set HTTP status code 

o Add settings to adapt to thread/connection usage in a URL Filter 

only deployment 

Bugs Fixed 

o Web reputation and enabled cache break streaming (e.g. youtube) 

(78262) 

o Document Inspector: Malformed Word document causes crash (78255) 

o Centralized Mmgt: routing rules not sync'd completely (77932) 

o Logging: Webwasher looses or forgets log lines (78170)

o Map does not load (78184) 

o Anti Spam: TrustedSource ratings too high (78271) 

o Anti Spam: Mail Footer modifies Outlook Calendar entries (77238) 

o Progress Pages for HTTPS requests: Links to embedded objects are 

http (78278) 

o Dashboard: Corrupt display when lists contain very long URLs 

(78163) 

o Web Cache: problems when setup as transparent proxy (78340, 

78296) 


------------------------------------------ 


o Own "DNS Cache" implementation 

o Radius Authentication 

o Support for scanning of large files (> 2GB) (only Appliance, 

Deb4.0 and RHEL 4 ) 

o Additional SmartFilter options (CGI parameters, categorizing 

embedded URLs, categorization of a search engine requests by 

keywords) 

o SmartFilter SDK 4.3.1.02 

o Generic Body Filter on Raw POST bodies (78034) 

o Integrated authentication with vista against UserDB (77981) 

Bugs Fixed 

o Incremental update of the URL Filter doesn't work (78253) 

o Connection to NTLM Agent are closed too often (77926) 

o Cluster: Problems in Master/Submaster configuration (77905) 

o Archiver: *.ram attachment in email is blocked by "Magic Byte 

Mismatch" (77965) 

o SMTP Gateway: Multiple recipient mail gets released/deleted for 

all recipients over Digest Interface (77976) 

o Progress Page: The Browser save dialog presents wrong name of PDF 

files (77992)

o SMTP Gateway: eMail crashing Webwasher 6.5.3 (78022) 

o Authentication Pop-Up doesn't show up through Webwasher (75951, 

76988) 

o SSL Scanner: CERTVERIFY error with www.viqtest.com (endless loop) 

(77889) 

o NTLM-Agent: Crash on shutdown (78014) 

o NTLM Agent: timeout issue (78087) 

o Proxy does not log auth_user when using transparent 


o New media type application/xml (78199) 

o NTLM Agent: timeout issue (78087) 

o ldap libraries not installed with webwasher debian 4.0 package 

(78082) 

o Problem with libxml2 under solaris (78038) 

o Clean up obsolete lib dependencies under solaris 10 (78032) 

o Stream not passing webwasher (78115) 


-------------------------------------------- 


o Roles: Support delegated creation of new admin accounts 

o Secure Admin Shell: interface to User Database (77817) 

o Cluster: possible to make Web / E-Mail mapping private 

o GUI: Added "Add Domain Name to Group Name" box on policy mapping 

rules page (77835) 

o Improved performance for download of pages with numerous objects 

via IE 

o GUI function to various Url Filter features added (77788) 

o Media Type Filter: Added Media Type application/xhtml+xml to 

Media Type Catalogue (77743) 

o URL Filter: Enhanced mapping of Unicode URL parameters to Basic 

Access Control Filter list 

o Language Packs: Support for error message templates in Korean,

Portuguese, Chinese, Spanish, Italian 

o Support for Debian 4.0 

Bugs Fixed 

o Dashboard: Empty Anti Malware Quick Snapshot (77907) 

o Roles for manipulating WW UserDB (77844) 

o Roles: Second administrator is not able to apply certain settings 

(77733) 

o Roles: Way to bypass read only queue access (77837) 

o Document Inspector: Detection of embedded excel files (77823) 

o Embedded Object Filter: reason written for mail blocked by 

embedded scripts filter (77673, 76702) 

o HTTP(S) Proxies: RFC compliance for Via header (77867) 

o Document Inspector: Endless loop for certain PDF files (77849) 

o WW stops parsing HTTP headers when a header starts with "--" 

(77816) 

o Prefix Filter: Webwasher freezes due to hanging threads (77863) 

o GUI: Correct handling of list entries with blank fields (77762) 

o ProActive Scanning:: allow actions with comma in name (77732) 

o Embedded Scripts Filter: Scripts with Language="JavaScript1.1" 

are not regognized as JavaScript (77740) 

o Logging: Invalid category entry in access.log for certain data 

(77748) 

o Logging: Log file push can lead to never ending timed action 

(77815) 

o Logging: Tab not working as delimiter in logfile definition 

(77834) 

o Archiver: Content Type does not match only when file is zipped 

(77806) 

o Policy Mapping: Usermapping applies to Username and Domainname 

(77808) 

o URL Filter updates with Anti Spam only license fail (77783) 

o URL Filter: volume quota not counted (77819)

o URL Filter: Block during work hours does not work (77758) 

o exiting WW during update of Smartfilter results in hanging WW 

(77957) 

o Rare crash (77683) 

o UTF 16 encoded xml file not detected correctly (77795) 

o Anti Spam: Own Hostname broken for End user Requests (77821) 

o Java Application does not work over WebWasher with authentication 

(74390) 

o Feedback Script: strange problem with feedback.cmd (75662) 


-------------------------------------------- 


o Improve next proxy handling with HTTP 1.0 next-hop proxies 

(77674) 

o SmartFilter SDK 4.3.02 

o Logging: Support logging of filter engine information in proxy 

log file (includes all custom parameters and filter results) 

(77720) 

o Updated Default Settings in clean installations to enhance out-of 

the box security policy while being compliant to common data 

protection requirements 

o RBL check for intermediate mail server not working (77193) 

Bugs Fixed 

o Centralized Mmgt: Reboot in cluster not working (77355) 

o Centralized Mmgt: Inconsequent behaviour of centralized update 

(77678) 

o ShellExpression Error (77193) 

o URL Filter: Inappropriate Category Scheme notification (77672) 

o Dashboard: System alerts are not correct (77707) 

o Progress Page: Force Invalid Proxy Request notification (77702) 

o FTP Proxy: Multi-line FTP replies through proxy (77679)

o Archiver: AES-encrypted Zip-archive was detected as corrupted 

(76880) 

o Archiver: Incomplete detection of spanned zip archive (77715) 

o high values in dashboard - Network Utilization (77603) 

o Bypass streaming media does not work for URLs without extension 

(77716) 


-------------------------------------------- 


o Centralized Mmgt: site can be configured to periodically request 

full configuration from master (77261 ) 

Bugs Fixed 

o Centralized Mmgt: Cluster out of sync after changing account 

password (77312) 

o Centralized Mmgt: Exception for Ports in Clusterdistribution 

(74419) 

o progresspage only shows 2Gb (77628) 

o UUE encoded file handled incorrectly (77532) 

o Dashboard: read-only GUI account is allowed to reset 

"Quicksnapshot" stats and Live Reports (77561, 77564) 

o SMTP Gateway will not be started if HTTP and FTP proxy is 

disabled (77601) 

o SSL Scanner: "Inspect Certificate" produces error when next-hop 

proxy is TSP, Sidewinder or ISA Server (77505) 

o Post request results in 407 Proxy Authentication Required (77472) 

o Wrong system alert "Progressive Lockout is used in an action but 

is not activated yet" (77595) 

o HEAD response with content lenght header (77615) 

o TimeScheme "Non-working hours" (77653) 

o Centralized update: Spamequator update broken on sites (77400) 

o Mail Gateway: Plain text mails are getting blocked (77625, 77620) 

o Mail Gateway: Mails with content type message/delivery-status not 

recognized (77620)

o Generic Header Filter: Could not be used to detect missing header 

(77652) 


-------------------------------------------- 


o GUI: Dashboard and Quick Snapshots 

o Initial Streaming media support 

o URL Reputation System 

o Welcome page 

o URL Filter: Adoption of the SmartFilter SDK 

o New action "Delay" 

o New action "Progressive lock-out" 

o New action "Authorized Override" 

o Proxy: Allow actions on HTTP/FTP commands and methods 

o Proxy: Proxy.pac support 

o Proxy: Multiple listener ports per protocol 

o Proxy: Allow to substitute IP address in FTP Port command 

o Authentication: Support nested Active Directory groups 

o Add URL Feedback system for uncategorized URL 

o Document Inspector: XML Parser 

o Document Inspector: Support Open Document Format 

o Document Inspector: Support Microsoft Office Open XML 

o Document Inspector: Support SOAP 

o Logging: more information on actions in audit.log 

Bugs Fixed 

o Webwasher looses configuration (76494) 

o Embedded Scripts: Executable script content was not stripped out 

of emails and web pages if nested tags were used (77373)

o Crash with termsignal 11 (77159, 77310) 

o missing session information in incident manager (77482) 

o Crash because of special cab file (77452) 

o Setting (Enduser) User Interface Port to 80 does not work (77445) 

o Small pdf blocked by Webwasher with error File is Larger Than 2 

GB (77410) 

o Released mail does not go through release policy (77397) 

o Multiple recipient spam emails do not get released properly 

(77396) 

o no values for spam_res+spam_level in smtpfilter.log (77053) 

o URI in Service Name List gets truncated when ending in any 

combination of 0 & 1s (77210) 

o Centralized updates seems to avoid spamequator update on sites 

(77400) 

o Policy mapping via IP Mapping based on X-Client-IP (77556) 

o Mp3 media type detection false positives (77520) 


-------------------------------------------- 

Bugs Fixed 

o Setting (Enduser) User Interface Port to 80 does not work (77445) 


-------------------------------------------- 

Bugs Fixed 

o sporadic crashes when SSLScanner not licensed 

(77129,77134,77243,77270,77273) 

o Handling of encapsulated postscripts (77327) 


-------------------------------------------- 


o Detect malformed MIME parts in text attachments 


--------------------------------------------


o Next Hop Proxy handling 

o GUI improvements 

o New ssl libs, fixes CVE-2006-2937 and CVE-2006-2940 

o Read-only admin can now change his own pwd (76863) 

o Support to bind End User Port to port 443 (77058) 

o Progress Pages resize window if a download popup to small 

o Enhance Progress Page to work with Internet Explorer 7 

Bugs Fixed 

o Quotas not synced in cluster (76972) 

o Fixed NTLM authentication at a webserver (76988) 

o Wrong status code 500 instead of 502/504 if server can't be 

reached (76976) 

o SSL Scanner: Rare crashes with Progress Pages (76931) 

o IFP Server implementation more robust (77007) 

o SMTP Gateway: A malformed mail contained an attachment of type 

message/rfc822 that had a sinle section of type message/rfc822 

that had a single section of type message/rfc822 4771 times 

causes a crash (77017) 

o GUI: Secure/Unsecure mix of images in internal request and error 

messages (77040) 

o GUI: limited administrator role not correct (77173) 

o SSL-Scanner: SSL handshake fails on server with pkcs1 padding 

error (76057) 

o Fixed "Use other host or URL" on Queue View (77051) 

o URL Filter: Filter by Expression list looses it's settings 

(77065) 

o Links in Overal Summary Reports lead to empty Policy Reports 

(77066) 

o Smtp Gateway: Digest buttons show sometimes wrong deposited URL's 

(77063)

o Crash if embedded object is referenced by a large URL > 1023 with 

whitelisted Mediatype Filter (77064) 

o Next Proxy settings not reachable when Next Proxies down (77078) 

o Un-justified System Alert on Site when using "Centralized Update" 

(77080) 

o Improved stability under Solaris 10 

o 

6.0 build 2455 : Part Number 91-0946256-A 

------------------------------------------ 


o New product Anti Malware including Secure Anti-Malware engine 

o User Database added to support authentication without need of 

external directory services 

o User Database: Allow new users to add themselves if they can 

authenticate at the LDAP Server 

o Support transparent authentication with internal 

challenge/response method, basic authentication, basic 

authentication over SSL or login page (76081) 

o Support of the Internet Filtering Protocol IFP 

o Proactive: Enhanced heuristic for Windows executables 

o Proactive: Execution Path Disassembler (PE parser) 

o Proactive: Identify client computers that may have Potentially 

Unwanted Programs (PUP) installed 

o Proactive: Enhanced VB and Java Script detection 

o Proactive: Split rules set for JavaApplets and Java Application 

o Proactive: Special rules for Trusted Sites to avoid false 

positives (75932) 

o Proactive: Script engine for special rules (e.g. jpeg, WMF 

vulnerability) 

o Anti Spam: Fingerprinting of mails to avoid misclassification 

o Anti Spam: Automatic whitelisting of sender information (74376) 

o Anti Spam: Automatic whitelisting on release from Spam Queue 

(74780)

o Anti Spam: More MailShell options in GUI 

o Anti Spam: On site training of MailShell filter by customer spam 

and ham messages 

o Anti Spam: Support of TrustedSource as new Spam method 

o Mail Gateway: Support of TrustedSource in the SMTP dialog to 

reject mail directly 

o Mail Gateway: Centralized queue management (e.g. 

replication/fallback) 

o Mail Gateway: Centralized queue view in cluster 

o Mail Gateway: Resend Digest 

o Mail Gateway: TLS Support for SMTP 

o Mail Gateway: Address mapping for sender and recipients in 

incoming and outgoing mails 

o Message Filter: Offer filter action "Remove Attachments" 

o Message Filter: Enhanced Phishing Filter 

o GUI: Redesigned for improved usability 

o GUI: Ajax support for realtime values (e.g. Life Reports, update 

status, statistics) 

o GUI: Sessions support with automatic logout (73948) 

o GUI: Audit logging to track configuration changes 

o GUI: Click history for smarter GUI navigation 

o GUI: Import/Export for error templates 

o GUI: Alert when leaving a page without "Apply Changes" 

o GUI: Improved list views 

o GUI: Optional display of Web and/or Mail settings 

o Cluster: Synchronization of Quota data (74977) 

o Queue based feedback system for Spam and Malware 

o Content Security: Improved detection of unknown embedded scripts 

(75515) 

o Own port for end user operations like Digest or password changes

in User Database (74782) 

o Proxies: Failover and routing rules for all parent proxies 

o Proxies: Individual authentication processes for each proxy 

(76343) 

o Secure Administration Shell: Different public key for every admin 

(76342) 

o Archive Handler: Can be switched off (76344) 

o Distributed Updates for all subscription based data in cluster 

(74515,76040) 

o Increased granularity in White List for Content Security filters 

(76396) 

Bugs Fixed 

o Crashes with termsignal 6 and 11 in CHTTPSConnection (76281) 

o Archive Handler: Email attachment is filtered from Archive 

Handler Web section (76316) 

o Archive Handler: Zip Files perilously detected as corrupted 

Archive (76391) 

o Logging: "spam-res" and "spam-level" print mail subject in custom 

log file (76418) 

o Password containing "Umlauts" do not work - No Access (76428) 

o Document Inspector: Encrypted PowerPoint documents are treated as 

simple OLE2 Structured Storage files (76476) 

o ProActive: damages PDF file (76567) 

o Error message with wrong language (76613) 

o smtp helo displays tailing ";" on the helo name (76652) 

o Progress Page: download of big files named with blanks (76740)

Web Gateway 6.9.2 Build 13015 Release Notes - McAfee

Create successful ePaper yourself

Delete template?

Save as template?