Web Gateway 6.9.2 Build 13015 Release Notes - McAfee
Web Gateway 6.9.2 Build 13015 Release Notes - McAfee
Web Gateway 6.9.2 Build 13015 Release Notes - McAfee
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>McAfee</strong> <strong>Web</strong> <strong>Gateway</strong> 6.x<br />
======================<br />
This file contains the new features, changed features and bugs that<br />
have been fixed for version 6.x of the <strong>McAfee</strong> <strong>Web</strong> <strong>Gateway</strong> product. For<br />
additional tips and information, see the <strong>Web</strong>washer Online Help and/or<br />
User Guide.<br />
<strong>6.9.2</strong> build <strong>13015</strong>: Part Number 91-0950194-F<br />
-------------------------------------------<br />
New and Improved<br />
Bugs Fixed<br />
o MWG does not respond after client submitted quota (81713)<br />
o Node stopped working - pthread_create failed with code 12 (81778)<br />
o child process exited (termsignal=6)-Avira Engine crash during<br />
update after scan failure (81774)<br />
o Inactive epo event is logged in audit.log (81767)<br />
o multiple vulnerabilities in openssl (81777)<br />
o Question regarding Vulnerability (81792)<br />
o Vulnerability scanner detections on MWG 6.9 11735 (81787)<br />
o CVE-2011-318 (81746)<br />
o Extended List changes in the secure admin shell not synchronized<br />
with the sites (81788)<br />
o Avira engine should not throw an error on encrypted files (81811)<br />
o Whitelisting "Avira" is not working in duplicate coverage - MWG<br />
Internal Error (81810)<br />
o Nessus Scan - HTTP Proxy CONNECT Loop DoS (81764)<br />
o Wrong Alert when the DC connection status is unknown (81815)<br />
6.9.1 build 12571: Part Number 91-0950194-E<br />
-------------------------------------------<br />
New and Improved<br />
Bugs Fixed<br />
o Big sqlite database "wwwp" causes welcome page to fail (81760)
o System crash, an unhandled ACCESS_VIOLATION exception (81755)<br />
o With SafeSearch enabled, some cookied were removed from the<br />
request (81754)<br />
o Failure of log transfer over FTP may create duplicate files at<br />
the FTP server (81747)<br />
o Dashboard not shown in IE6 (81740)<br />
o Internal error while accessing a website with SSL Scanner enabled<br />
using self signed certificates (81737, 81739)<br />
o "wwauth still busy" error messages appear in the logs (81734)<br />
o Custom header gets duplicated (81733)<br />
o Incorrect command syntax in system configuration documentation<br />
for removing stale nodes (81702)<br />
o Valid archive blocked as corrupt (81689)<br />
o "Can not load CRL" messages appear in the logs (81660)<br />
o Proactive Scanning Database version in Overview always set to<br />
zero (81549)<br />
6.9.0 build 11742: Part Number 91-0950194-D<br />
-------------------------------------------<br />
New and Improved<br />
o RootCA certificate handling (81703)<br />
o New help page added explaining the update server concept (81629)<br />
Bugs Fixed<br />
o No revoked certificates for some CAs (81662)<br />
o Can not load CRL error for CRLs which work in the browser (81660)<br />
o System crash, an unhandled ACCESS_VIOLATION exception (81643)<br />
o MWG on Windows crashes frequently (81678)<br />
o POST protocol failure with 100 continue (81624)<br />
o server_ip is not logged in proxy with HTTP 502 response (81683)<br />
o max-age in 304 response not used for cache time (81701)<br />
o SpamEquator update failed: Could not find all the files (81655)
o Too many "Cannot load CRL" entries in errors.log (81676)<br />
o Valid archive blocked as corrupt (81689)<br />
o A specific file which cannot be scanned by Avira engine is not<br />
blocked (81692)<br />
o SNMP counter issue (81649)<br />
o Upgrade Trusted source library to 2.0.6.01 (81724)<br />
6.9.0 build 11282: Part Number 91-0950194-C<br />
-------------------------------------------<br />
New and Improved<br />
Bugs Fixed<br />
o After upgrade clients are not following redirect to auth server<br />
(81675)<br />
o 6.9 upgrade breaks CM site instances (81673)<br />
o Unable to Join Central Management After Upgrading to 6.9 (81670)<br />
6.9.0 build 10927: Part Number 91-0950194-B<br />
-------------------------------------------<br />
New and Improved<br />
Bugs Fixed<br />
o Cannot load legacy AV after upgrade to 6.9 (81647)<br />
o Customer Upgraded to 6.9 and Now the Application Terminates with<br />
termsignal=11 (81641)<br />
o MWG sends 502 could not connect when accessing cached file<br />
(81636)<br />
o Win7 clients NTLM auth fails through MWG 6.9 (81633)<br />
o Incorrect Behavior of "Cache Revalidation Rules" (81597)<br />
o Central Management update failing, sites unsubscribed (81572)<br />
o License change can lead to disabled AV scanning (81557)<br />
6.9.0 build 10636: Part Number 91-0950194-A<br />
-------------------------------------------<br />
New and Improved<br />
o The following procedure must be completed to install MWG 6.9.0:
o - install the repository for MWG 6.9.0:<br />
o - from a system console, log on to the appliance using SSH<br />
o - run the following command:<br />
o yum install yumconf-6.9<br />
o - perform an update on the user interface or from a system<br />
console:<br />
o - to update on the user interface:<br />
o - go to Configuration > Appliance > Update<br />
o - click the "Contact" button in section "Check for Updates"<br />
o - from a system console, log on to the appliance using SSH<br />
o - run the following command:<br />
o yum upgrade<br />
o<br />
o Process of delayed login after login failure improved (81461)<br />
o Load AV updates in background (81307, 81351)<br />
o Remove tar files after centralized update (81239)<br />
o Trusted Source Cloud Support (81111)<br />
o Single automatic AV engine restart after "cannot load AV" error<br />
(80819, 81252, 81256)<br />
o Prevent AV update being cancelled while it still downloads files<br />
(81121)<br />
o Add option to ignore base <strong>McAfee</strong> AV engine although licensed<br />
(81120)<br />
o Input validation for 'content-length greater than' whitelist<br />
entry (81109)<br />
o Handle eDirectory synchronization in background (81113)<br />
o AV engine: possibility to re-start AV engine via SSH implemented<br />
(81036)<br />
o Add system alert if Mailshell LiveFeed is not activated (81008)<br />
o Memory Defragmentation and MP ICAP servers in maintenance mode
cause "Cold Restart" SNMP Trap to be sent (80966)<br />
o Attempt to recover connection to AD taking longer than 3 minutes<br />
(80942)<br />
Bugs Fixed<br />
o MWG adding extra line between headers and body (81540)<br />
o Authentication server wwparam causes Ajax site to make bad<br />
request (81533)<br />
o Quota issues (81499, 81431)<br />
o Overload handling prints overload message mistakenly (81444)<br />
o Override accounts are not visiable (81491)<br />
o Auto-pushing failed sometimes (81472)<br />
o <strong>McAfee</strong> <strong>Gateway</strong> Anti-Malware on Windows does not detect Eicar<br />
(81432)<br />
o Central management deleting last ip mapping entry (81416)<br />
o Downloaded exe file saved as zip archive on windows 7 (81413)<br />
o Vulnerability CVE-2010-0405 (81399)<br />
o Overload issue - Enhanced IFP worker & Output threads to be<br />
created with custom stack size (81395)<br />
o Inspect certificate not working correctly (81393)<br />
o Respmod Bypass List not working with assignment of a policy to a<br />
proxy port (81361)<br />
o Client Certificate handling does not allow sending certificate<br />
chain (81282)<br />
o Wrong media type detection with gmail (81330, 81348, 81364)<br />
o High memory under low load caused by big dashboard-database<br />
(81312)<br />
o Threads in close_wait cause memory overload (81291)<br />
o <strong>McAfee</strong> <strong>Gateway</strong> Anti-Malware Engine fails to load on debian<br />
(81287)<br />
o Archive blocked because "content size greater than the defined<br />
size limit" (81274)<br />
o ICAP Processes fail to load URL Filter list (81264)
o FTP communication problem - MWG closes connection after entering<br />
pasv mode (81269)<br />
o Wrong media typ for embedded images in .ppt file (81258)<br />
o Media type detection for URLs that can result in dynamic content<br />
(81240)<br />
o MIB Browser not working on SLES 9 & 10 installation (81230)<br />
o Unpacked archive size grows with defined limit (81221)<br />
o Extended list manager unable to read "&" symbol (81201)<br />
o Upload of jpg to cms fails (81188)<br />
o Hanging actions: Cluster Node Job Queue and Persistent Quota Info<br />
Sync (81179)<br />
o Google searches do not work with safesearch enforcer enabled<br />
(81171)<br />
o Dashboard data not sticking within IE (6,7,8) (81167)<br />
o WW requests -web.washer- were send to next hop (81150)<br />
o The same CRL download url was added multiple times (81149)<br />
o Centralized Management: after upgrading to 6.8.7, 3 of 8 nodes<br />
not subscribed to master (81144)<br />
o Flag in the NTLMSSP_NEGOTIATE message (81143)<br />
o Site UI port changed by Master when joined despite being exempted<br />
(81124)<br />
o Blank known certificates authorities showing after upgrade<br />
(81103)<br />
o Cache Settings mysteriously change in web interface when<br />
switching between tabs using Firefox (81101)<br />
o LDAP authentication: spaces break ldap browser (81100)<br />
o Appliance crashing child process exited (termsignal=7) unable to<br />
start due to frequent failures (81099)<br />
o <strong>Web</strong>washer-csm.install contains unnecessary check if /usr is<br />
writeable (81092)<br />
o MWG blocks a couple of LZH archives (81088)<br />
o DNS Cache usages causes slow web performance (81063)
o Lot of application/ogg traffic (81062)<br />
o Files in /opt/webwasher-csm mysteriously are deleted (81051)<br />
o Less than character ( Use other host or URL not working<br />
(80965)<br />
o Memory Overload occurred with minimal load (80958)<br />
o LDAP wizard creating "$attrlist$" and "Error: 0. Error<br />
description: " (80947)<br />
o Authentication Server redirect does not work as expected for<br />
HTTPS pages on first redirect (80932)<br />
o SQLITE database corrupted: No traffic passing through <strong>Web</strong>Washer<br />
(80931)<br />
o Corrupt timeseries.ww causes non-recoverable termsignal 11<br />
(80930)<br />
o MWG detecting cab file as corrupt, able to extract with WinZIP
80929)<br />
o GUI: Routes not displayed properly (80919)<br />
o Authentication: threads stuck in 'Status=kAuthenticate', MWG<br />
eventually hangs (80873)<br />
o FTP-over-HTTP fails with anonymous user if blank password is<br />
specified (80864)<br />
o Archive as corrupted blocked (80850)<br />
o MWG crashing with termsignal=11 on Suse9 (80715)<br />
o Safe search breaks google trends (78574)<br />
6.8.7 build 5820: Part Number 91-0950194-A<br />
------------------------------------------<br />
New and Improved<br />
Bugs Fixed<br />
6.8.6 build 5788: Part Number 91-0950032-A<br />
------------------------------------------<br />
New and Improved<br />
o Improved stack size handling for auth server and end user port<br />
(80676)<br />
o Change default settings for TrustedSource <strong>Web</strong> Reputation (80624)<br />
o Home->Support should link to <strong>McAfee</strong> (80576)<br />
o Improved Welcome Page functionality (80547, 79063)<br />
o Add new certificates and hosts to SSL Scanner lists (80352,<br />
80527)<br />
Bugs Fixed<br />
o SSL Scanner bypass vulnerability on wildcard certificate check<br />
(80680)<br />
o Endless loop in Cab archive (80652)<br />
o SNMP traps for URL list updates not working (80648)<br />
o Receiving "Download Cancelled" after clicking download button in<br />
IE7 (80647)<br />
o Document Inspector System Alert will not disappear (80646)
o Prevent DOS attack to authentication server (80642)<br />
o WW prints internal messages to errors log (80629)<br />
o Advertising filter destroys JavaScript (80627)<br />
o MP: Inconsistent IP mapping with Multi Process mode (80623)<br />
o Microsoft Project file (.mpp extension) blocked as audio/mpeg<br />
(80622)<br />
o WWoB: on master blade feedback scripts (started with "2") shows<br />
"lsof" related warnings (80615)<br />
o Memory defrag script (80610)<br />
o Download of gmx eMail attachments failed (80609)<br />
o MPClusterControl unable to update nodes when <strong>Web</strong> Interface has IP<br />
restrictions (80608)<br />
o Native NTLM: Group memberships get mixed up (80607)<br />
o Crash when talking to ePO server (80606)<br />
o "Detect unsolicited POSTs" will break forms (80591)<br />
o Archive blocked as corrupted (80581)<br />
o SSL-Scanner - HSM-Agent: Root CA key cannot be loaded on startup<br />
(80571, 80578)<br />
o Must be able to handle multiple 100-Continue messages from web<br />
server (80567)<br />
o Update from 6.7.6 to 6.8.5 broke settings.xml (80540)<br />
o Long text causing page display issues (80539)<br />
o Content type "application x-ms-application" is changed to<br />
"text/xml" (80530)<br />
o Real-time classifier blocks words containing unicode characters<br />
(80508)<br />
o SNMP statistics are not accurate after multi-process is enabled<br />
(80479)<br />
o Outdated Dynablocator directory and file is copied to all ICAP<br />
processes in MP (80474)<br />
o Redirect via query string parameter on gui login page (80444)<br />
o Potential cross-site scripting vulnerabilities in web UI (80442,
80443)<br />
o Certain Generic Header Filter combination may crash MWG(80430)<br />
o URL Executive Summary (80398)<br />
o Drop downs for dashboards not displayed right in IE (80392)<br />
o WCCP and overload protection not playing nice together (80342)<br />
o Quota reset does not work from secure admin shell (80287)<br />
o SafeSearch enforcer produces false positives (79898)<br />
o Known Root CAs not synchronized in Cluster (79513)<br />
o Download Canceled page always displayed in English (79326)<br />
o eDirectory settings broken by cluster (78709)<br />
o HTTP links in HTTPS blockpages (78634)<br />
o Unwanted red warning for anonymous ldap bind (78612)<br />
o Time and Date in web interface is reset after reboot (78085)<br />
o <strong>Web</strong>Upload Filter active, even though not enabled (77079)<br />
o Src_ip and auth_user are not working in the security.log (76236)<br />
6.8.5 build 5330: Part Number 91-0949869-E<br />
------------------------------------------<br />
Bugs Fixed<br />
o Native NTLM: Group memberships get mixed up (80607)<br />
o SSL-Scanner - HSM-Agent: Root CA key cannot be loaded on startup<br />
(80571)<br />
o Various crashes in SSH command line interface (80522, 80524,<br />
80523, 80616, 80621)<br />
6.8.5 build 5141: Part Number 91-0949869-D<br />
------------------------------------------<br />
Bugs Fixed<br />
o Memory is getting filled up in 3 minutes (80535)<br />
o Incorrect group mapping using native NTLM-authentication (80528)<br />
o Authentication problem with NTLM-agent (80515)
o Problems related to TCP window scaling occur for some sites after<br />
upgrading (80517)<br />
o Problem with centralized A/V updates (80516)<br />
o Role allows reading logs, but <strong>Web</strong>washer is forbidding it (80504)<br />
o Auto-pushing fails when using domain\user for the username field<br />
in the common push target (80495)<br />
o Escape character for shockwave-flash media type not being treated<br />
properly (80490)<br />
o Mpcluster control jumping between stati (80485)<br />
o Files over 4 GB shows wrong size over FTP (80412)<br />
6.8.5 build 5094: Part Number 91-0949869-C<br />
------------------------------------------<br />
Bugs Fixed<br />
o Not possible to initialise Generic Body Filter if Anti-Malware is<br />
not licensed (80513, 80521)<br />
6.8.5 build 5051: Part Number 91-0949869-B<br />
------------------------------------------<br />
New and Improved<br />
o Ability to disable exploit protection against double<br />
Content-Length headers (80459)<br />
Bugs Fixed<br />
o FTP over FTP Client is not working after upgrade on 6.8.5 (80476)<br />
o Option to add leading Slash in FTP Retr Command (78400)<br />
o Download fails sporadically using Progress Pages (80041)<br />
o Log pusher attempts to push files that no longer exist (80468)<br />
o Problems with log rotation and merging (80473)<br />
o For clean installations on WW2900E cache cannot be enabled<br />
(80480)<br />
o WW500 failed to boot after upgrade (80475)<br />
o Sporadic Authentication Popup with Native NTLM (79684)<br />
o <strong>Web</strong>washer crashes in Authenticode Filter (80487)
6.8.5 build 4971: Part Number 91-0949869-A<br />
------------------------------------------<br />
New and Improved<br />
o Support Anti Malware engine with Proactive NG (79968) (NOTE:<br />
Requires an AV and a Proactive update after version upgrade)<br />
o Log Manager: Ability to configure pushed log filename (80360)<br />
o ICAP client: workaround for incompatible DLP servers (79839)<br />
o Incremental update for <strong>McAfee</strong> AV engine (80333)<br />
o Support WCCP "Weight" functionality (80423)<br />
Bugs Fixed<br />
o Too many 407 responses when using NTLM cache (80251, 79988)<br />
o Central Management: running feedback from GUI froze master and<br />
sites (80385)<br />
o Log Manager: Several improvements (80386, 80378, 80374, 80367,<br />
80360, 80370, 80345, 80339, 80361)<br />
o GUI: filter option overwrites routes (80369)<br />
o SSL Scanner: error behavior in case of unicode encoded cn in<br />
transparent environment<br />
o ICAP client: Reponse time increased after enabling multi<br />
processing (80363)<br />
o TrustedSource: score still applied even though domain is<br />
whitelisted for spam filter (8035)<br />
o Proxy: Improved Timeout values (79958)<br />
o Welcome page may incorrectly build the submit action link (80285)<br />
o Overload issues persist with 6.8.4 (80407, 80406, 80393)<br />
o Problem with custom action in Multi Process mode (80405)<br />
o MP Control stopped maintanance after icap server crash (80415)<br />
o Interrupted requests should be logged in proxy's access.log<br />
(80422)<br />
o HA cluster is not working as expected (80176, 80075)<br />
6.8.4 build 4798: Part Number 91-0949750-A<br />
------------------------------------------
New and Improved<br />
o Support <strong>McAfee</strong>'s ePolicy Orchestrator (ePO) (79918)<br />
o Rebranding to <strong>McAfee</strong> (79924)<br />
o Increase robustness against AV update issues (79920, 79939,<br />
79940, 79975)<br />
o Log file push enhancements (79914)<br />
o Support cache_status and block_res in custom logfiles (78232)<br />
o Parent proxy policy enhancement for URL AND IP subnet (79803)<br />
o NTLM Cache should be a GUI option (79900)<br />
o Show time interval length in Dashboard (78977)<br />
o Default Respmod Whitelist for problematic sites (80293)<br />
Bugs Fixed<br />
o Too many 407 responses when using NTLM cache (80251, 79988)<br />
o SNMP variables do not reset automatically (80026)<br />
o Login page is missing error message when bad credentials are<br />
entered (80020)<br />
o Breaking connection to AD on error STATUS_INVALID_WORKSTATION<br />
(80023)<br />
o Authentication failing with mutilple NTLM agents (80017)<br />
o File incorrectly identified as audio/mpeg (79961)<br />
o E-Mail attachments(.XLS or .PPT) are blocked by Media Type Filter<br />
as mpeg (79938)<br />
o Cannot join WW to domain with trusted credentials (79878)<br />
o RADIUS password limits at 16 characters (79845)<br />
o <strong>Web</strong> Upload Filter: size limit without effect (79925)<br />
o <strong>Web</strong> Upload Filter works although Media Type Filter is switched of<br />
(79869)<br />
o SNMP: unexpected CPU idle values (79751)<br />
o New timeout for initial request on a connection (80066)
o Obfuscate username/password in authorized override url (80024)<br />
o Usernames with umlauts or rings cannot authenticate via native<br />
NTLM (79999)<br />
o FTP-Problem <strong>Web</strong>washer loses the credentials (79989)<br />
o <strong>Web</strong>Washer problems due to hanging action - Mobile Code Filter<br />
Update (79907)<br />
o SSLScanner: No timeout when upstream proxy is used (79906)<br />
o Crash in document inspector (79902)<br />
o Old av updates not getting deleted (secure antimalware) (79876)<br />
o Not all 'Certificate Subject Alt Name' entries passed, resulting<br />
in certificate prompt in browser (79867)<br />
o AV license bug - update fails when the first AV module runs out<br />
of date (79826)<br />
o Crash during multi-threading processing of Rar archive (79814)<br />
o CCacheSocket::ReadPreviewData corrupts content when called more<br />
than once (79811)<br />
o webwasher delivering truncated content (79809)<br />
o Crash in Cache::C<strong>Web</strong>Object::~C<strong>Web</strong>Object (79793)<br />
o Termsignal 11 crashes related to CLI access under heavy load<br />
(79775)<br />
o WW delivers corrupt tar archive even when policy is set to block<br />
corrupted archives (79765)<br />
o asctime, ctime, gmtime && localtime not threadsafe (79761)<br />
o AntiVirus update didn't abort in time (79753)<br />
o Termsignal 11 backtrace points to CCabDecoder::GetLzxBitsBuffer<br />
(79748)<br />
o Termsignal 7: Bus error during Sophos update (79742)<br />
o crash (termsig=11) in std::_Rb_tree_rotate_right (79706)<br />
o Read-Only User Accounts can't access log files via web access<br />
(79701)<br />
o LRU blocks after restart with full cache and constant load<br />
(79700)
o <strong>Web</strong>washer unable to start another thread, termsignal=6 (79665)<br />
o Cannot load certificate for web interface IP address (79625)<br />
o WW is crashing with termsignal=7 directly after start (79623)<br />
o HTTP Error 401.2 when NTLM Auth on <strong>Web</strong>washer and <strong>Web</strong>server<br />
(79612)<br />
o Content Type ".ods/mimetype" is changed to "." (79609)<br />
o Unwanted Mediatype not blocked when in TAR Archive (79606)<br />
o Secure Administration Shell fails to accept large input files<br />
(79544)<br />
o Raw post option doesn't stick (79509)<br />
o <strong>Web</strong>washer changed response body (79236)<br />
o XML parsing error because of header modification (78989)<br />
o <strong>Web</strong> reputation level not always logged correctly (79897)<br />
o Invalid Proxy Request when downloading HTTPS file with enabled<br />
volume quota and transparent proxy (80034)<br />
o Office 2007 Excel files blocked by magic bytes (79102)<br />
6.8.3 build 4533: Part Number 91-0949361-C<br />
------------------------------------------<br />
New and Improved<br />
o Ability to downgrade to HTTP/1.0 on a per url basis (79205)<br />
o SSL Scanner: Different redirect handling for CERTVERIFY requests<br />
when transparent authentication has expired (79841)<br />
o Additional RESPMOD bypass options (80001)<br />
Bugs Fixed<br />
o Policymapping: Problem with policy names (79864)<br />
o Proxy/ICAP Server: Hanging threads (79840)<br />
o AV-Update: New updates should not abort old updates too early<br />
(79975)<br />
o SSL-Scanner: No timeout when upstream proxy is used (79906)<br />
o Archiver: Crash during multi-threading processing of Rar-Achive<br />
(79814)
o Document Inspector: Crash in Document inspector (79902)<br />
o Filter Engine: Wewasher crashed with termsignal 11 (79945)<br />
o ICAP Server: "Send Body in one Frame" not always working (79978)<br />
o ICAP Server: Optimized 204 response messages (79890)<br />
6.8.3 build 4311: Part Number 91-0949361-B<br />
------------------------------------------<br />
New and Improved<br />
o openssl: Address CVE-2008-5077<br />
Bugs Fixed<br />
o GUI: Problems with check boxes in user based mapping (79822)<br />
o Authentication: In special cases NTLM authentication causes<br />
browser loop (79821)<br />
6.8.3 build 4214: Part Number 91-0949361-A<br />
------------------------------------------<br />
New and Improved<br />
o Authentication: Native NTLM support for Windows Server 2008 AD<br />
(79567)<br />
o Authentication: Better handling for wrong NTLM messages based on<br />
a Windows problem described in<br />
http://support.microsoft.com/kb/312176/en-us (79723)<br />
o Prevent XSS with Progress Pages (79531)<br />
o Proxy: Prevent connect to http://0.0.0.0:xx (79530)<br />
o Close download connection for proxy.pac files right after<br />
delivering (79709)<br />
o Feedback Script: New log level for collecting statistical<br />
information<br />
Bugs Fixed<br />
o Proxy: <strong>Web</strong>washer crashes with Termsignal 11 (79671)<br />
o Proxy: FTP over HTTP can't handle some symbols in file/folder<br />
names (79451)<br />
o Proxy: Crash in IFP server for invalid request (79760)
o Proxy: Sporadic problems with early web server connection close<br />
(e.g. www.iltalehti.fi) (79417)<br />
o ICAP Server: Communication error when transparent auth session<br />
expired + CERTVERIFY request (79675)<br />
o ICAP Server: Cannot download huge files (79514, 79699)<br />
o ICAP Server: Download via Progress Page results to 0 Byte<br />
download (79556)<br />
o Anti Malware: Failover does not work if engine could not be<br />
loaded (79677)<br />
o Authentication: WW can't join AD domain if DCs allow only NTLMv2<br />
(79533)<br />
o Authentication: NTLM with Authserver - taking 5 seconds to<br />
authenticate (79508)<br />
o Authentication: Selecting RADIUS as "accepted authentication<br />
method" causes failed authorization (79101)<br />
o Authentication: Handle failed group lookups better for Native<br />
NTLM (79223)<br />
o Authentication: Sporadic Authentication Popup with Native NTLM<br />
(79684)<br />
o Document Inspector: <strong>Web</strong>washer crashed, Backtrace points to<br />
CXMLTypeChecker (79669)<br />
o Document Inspector: Cab file inside of MSI blocked as corrupted<br />
(79560,79384)<br />
o Document Inspector: Endless loop in document inspector (77966)<br />
o Document Inspector: Special Powerpoint documents not recognized<br />
(78755)<br />
o Document Inspector: Text categorization does not work for pdf<br />
files (79744)<br />
o Document Inspector: <strong>Web</strong>washer crashed during unload of XML parser<br />
(78981)<br />
o Archiver: Archive is claimed to be over allowed size limit<br />
(79595)<br />
o Archiver: Crash if zip archive larger than 2GB (79596)<br />
o GUI: Cannot load certificate for web interface IP address (79625)<br />
o Secure Administration Shell: Crash in shutdown under
circumstances (79600)<br />
o Mail <strong>Gateway</strong>: Inbound queue overflowed result in crash (79650)<br />
o Mail <strong>Gateway</strong>: Deleting parts from email (79319)<br />
o Embedded Objects: ActiveX controls not getting blocked (79648)<br />
o Central Management: Hanging Cluster Node Job Queue action (79641)<br />
o Central Management: Cluster Node Job Queue action hangs (79683)<br />
o Mediatype Filter: Detection of streaming media improved (79594)<br />
o SSL Scanner: Send whole certificate chain for incoming<br />
TLS connections (79591)<br />
o SSL Scanner: Timeout for tunneled SSL connections (79603)<br />
o URL Filter: Ignored if policy has spaces in it (79332)<br />
o URL Filter: Safe Search Enforcer does not handle<br />
video.google correctly(79487)<br />
o Termsignal 11 on Solaris 10 (79472)<br />
6.8.2 build 3994: Part Number 91-0949324-C<br />
New and Improved<br />
o Feedback Script: New parameter to prevent pausing <strong>Web</strong>washer while<br />
getting backtrace<br />
Bugs Fixed<br />
o Anti Virus: Crash during update of <strong>McAfee</strong> engine (79160)<br />
o ICAP Client: Termsignal 11 or 6 while recreating "internal" ICAP<br />
service (79559, 79475, 79111)<br />
6.8.2 build 3963: Part Number 91-0949324-B<br />
------------------------------------------<br />
Bugs Fixed<br />
6.8.2 build 3889: Part Number 91-0949324-A<br />
------------------------------------------<br />
Bugs Fixed<br />
o Anti Virus: Crash during update of <strong>McAfee</strong> engine (79160, 79315)<br />
o Proxy: Under circumstances threads will not be ended if the<br />
server connection dies (79224)
6.8.1 build 3859: Part Number 91-0949290-A<br />
------------------------------------------<br />
Bugs Fixed<br />
o SMTP <strong>Gateway</strong>: TLS email delivery fails (79463)<br />
o Authentication: 6.8 Native ntlm auth fails (79452)<br />
o Authentication: Native NTLM user in too many groups (79412)<br />
o Proxy: HTTP 1.0 without host header does not work for WCCP<br />
(79456)<br />
o Archiver: Crash in Microsoft CAB archives under circumstances<br />
(79443)<br />
o SMTP <strong>Gateway</strong>: Mails delivered but mailbody was changed to Cannot<br />
Load AV Engine (79232)<br />
6.8.0 build 3780: Part Number 91-0948991-A<br />
------------------------------------------<br />
New and Improved<br />
o SSL Scanner: Tunnel SSL on expression to enhance transparent<br />
deployments<br />
o SSL Scanner: Enhancements for interoparability with Sidewinder<br />
o Authentication: LDAP/V3 support with SLDAP (73779)<br />
o Authentication: Security setting that allows to turn SMB signing<br />
off if server doesn't support it (79157, 79235)<br />
o Authentication: Support for NTLM: Local Nested Groups (79087)<br />
o Authentication: Support for NTLM: Trusted Domains<br />
o Authentication: Support for NTLM: Possibility to search Domain<br />
Controllers via DNS lookup<br />
o Filter: Enhancement for file size limit (78182)<br />
o Filter: Whitelist by ContentLenght Header (74820)<br />
o Anti Malware: Option to completely fail open when AV cannot load<br />
(79272)<br />
o Configuration: Distribution of configuration for Secure Mobile<br />
<strong>Web</strong> Filter<br />
o Reporting: New log file field "auth_group" to print the group
name (73656, 75031, 76928)<br />
o Reporting: Write custom parameters as result of Generic Header<br />
Filter (79126)<br />
o Reporting: Log FTP Proxy Username in proxy access log (79286)<br />
o Reporting: Optionally add domain as prefix to user name in access<br />
log when authenticating via NTLM (79070, 76832)<br />
o Safe Search Enforcer: reduce false positives<br />
Bugs Fixed<br />
o Proxy: Not possible to do a redirect for site<br />
http://www.intierra.com/ (79057)<br />
o Proxy: FTP-over-HTTP error message without Slash at the end<br />
(79188)<br />
o Filter Engine: Action 'Library Cache' is hanging (79164)<br />
o ICAP Server: URL Filter feedback does not send any URLs (78396)<br />
o ICAP Server: Fetch group name from HTTP header (79127)<br />
o SSL Scanner: Entries disappearing (78718)<br />
o URL FIlter: Sometimes Smartfilter update has to be triggered<br />
twice (78951)<br />
o Mediatype Filter: mp3 file handling (79007)<br />
o Mediatype Filter: XHTML Mobile not detected properly (78063)<br />
o Mediatype Filter: Problem with type detection for special gif<br />
images (78909)<br />
o Mediatype Filter: Office 2007 Excel files (xlsx)blocked by magic<br />
bytes (79102)<br />
o Settings are getting changed on the site without changes on<br />
master (79097)<br />
o Central Management: Administrator SSH public keys are not<br />
completely synchronized in cluster (79058)<br />
o Configuration: Wrong location of "authorized_keys" file results<br />
in losing admin keys (79084)<br />
o Configuration: Wrong file permissions after configuration restore<br />
and ww restart (75362)<br />
o Authentication: Add domain name to group name disappears (79248)
o Subject Filter broken (79065)<br />
o Addressing Internet Explorer bug that can lead to ICAP<br />
communication problem (79214)<br />
o HTML Filter: in rare cases crashes <strong>Web</strong>washer (79189)<br />
o Archiver: multipart archive was detected as corrupted (79159)<br />
o Secure Administration Shell: Action "SSH Idle Connection Cleanup"<br />
hangs (79297)<br />
o Generic Header Filter: Illegal HTTP header when custom param<br />
creation is intended (79350)<br />
o Engine Update failed if customer set archive size limit to 1 Mb<br />
(79317)<br />
o URL Filter: Safe Search Enforcer breaks google-insight (79403)<br />
o Anti Malware: JPEG exploit is not getting blocked anymore (79337,<br />
79360)<br />
6.7.6 build 3649: Part Number 91-0949014-A<br />
------------------------------------------<br />
Bugs Fixed<br />
o Proxy: ICAP errors with web reputation disabled (79122)<br />
o Native NTLM: SMB connection will fail if DC not support SMB<br />
signing (79235)<br />
o ProActive: Crash downloading ISO > 4 GB (79268)<br />
o Proxy: Crash due to hanging threads (79224)<br />
o <strong>Web</strong>cache: Crash under circumstances (79239)<br />
6.7.5 build 3601: Part Number 91-0948965-A<br />
------------------------------------------<br />
Bugs Fixed<br />
o Proxy: POST request fails, connection is reseted (79095, 79055,<br />
78819)<br />
o ProActive: Streaming of flash videos vidoe/flv broken (79182)<br />
o Authentication: Username not written to Logfiles if NTLM Cache is<br />
activated (79141)<br />
6.7.4 build 3534: Part Number 91-0948913-A
------------------------------------------<br />
Bugs Fixed<br />
o Anti Spam: Memory leak in Mailshell library (78680)<br />
o SSL Scanner: SSL handshake error (79151, 79185)<br />
o SNMP: Authentication bypass in net-snmp/wwsnmp (79201)<br />
o <strong>Web</strong>cache: <strong>Web</strong>washer crashes under circumstances (79054)<br />
6.7.3 build 3507: Part Number 91-0948855-A<br />
------------------------------------------<br />
Bugs Fixed<br />
o Document Inspector: False Positive in XML files for McAFee virus<br />
scanner (79086)<br />
o Authentication: Encrypted file cannot be loaded if file length is<br />
exactly X kb (79153)<br />
o Authentication: Segfault occured if server returned RPC packet of<br />
FAULT type (79139)<br />
6.7.2 build 3448: Part Number 91-0948711-A<br />
------------------------------------------<br />
New and Improved<br />
o SSL Scanner: Preinstalled root CA's updated<br />
o Media Type Detection: Detection of quicktime containers enhanced<br />
(78988)<br />
o Proxy.pac file with customizable caching age (78749)<br />
o Authentication: Multi packet response support for Native NTLM<br />
(79061)<br />
o Authentication: NTLM machine name field limited to 15 characters<br />
for compatibility reasons (79015)<br />
o Authentication: Test page for NTLM configuration in GUI<br />
o SSL Scanner: Problem with new SSL Scanner licensing (78945,<br />
78946)<br />
Bugs Fixed<br />
o ICAP client error (79036)<br />
o Inconsistent progress page interface (78998)
o Trusted Source: Rating under Solaris always 50 (78584)<br />
o Proxy: Proxy.pac file corrupted when delivered to site instance<br />
(78681)<br />
o Proxy: HTTP pipelining not working (79010)<br />
o GUI: Correct use of certificate chain for webinterface (77784)<br />
o Document Inspector: PDF file is blocked when "Embedded Script"<br />
enabled (78982, 79035)<br />
o Document Inspector: Error with scanning PDFs in certain<br />
circumstances (78273, 79032, 78901, 78448, 79046)<br />
o SMTP <strong>Gateway</strong>: Crash in mail queue handling (78980)<br />
o SMTP <strong>Gateway</strong>: Queue overview link doesn't contain port (78904)<br />
o URL Filter: SafeSearch Enforcer blocks Google Maps (79033)<br />
o Authentication: LDAP E-mail mapping and attributes with commas<br />
(78626)<br />
6.7.1 build 3376: Part Number 91-0948643-A<br />
------------------------------------------<br />
Bugs Fixed<br />
o Document Inspector: Not Working with MSOOXML (78916, 78866)<br />
o Migration: Some Whitelist entries are deleted after update<br />
(79020)<br />
o Authentication: IP-mapping mixed up or lost under load (78793,<br />
78943)<br />
o Authentication: eDirectory only uses first result for<br />
authenticating a User by IP address (78940)<br />
o Authentication: Native NTLM limited to 10 group memberships<br />
(79011)<br />
o Authentication: NativeNTLMv2 broken (79031)<br />
o Authentication: Native NTLM Setup fails under circumstances<br />
(79009, 79042)<br />
6.7.0 build 3295 : Part Number 91-0948352-A<br />
-------------------------------------------<br />
New and Improved
o Available under Red Hat Enterprise Linux 5.0 and Suse Linux<br />
Enterprise Server 10<br />
o Native NTLM support<br />
o Enhancements for "Ensured Streaming Media May Bypass AV"<br />
o Proactive: Enhancements to decrease false positives in script<br />
code<br />
o Authentication: Support of Radius fallback server<br />
o Authentication: Support of Radius group mapping<br />
o Authentication: Promptless authentication outside <strong>Web</strong>washer<br />
subnet (78545)<br />
o Reporting: Sort log files alphabetically (76663)<br />
o SMTP <strong>Gateway</strong>: Different languages for digests depending on<br />
domains (78614)<br />
o Authentication: RADIUS fallback enhancement for Admin<br />
authentication (78476)<br />
o Archiver: Support for non-standard tar files (78783)<br />
o SmartFilter SDK 4.3.1.06<br />
Bugs Fixed<br />
o SMTP <strong>Gateway</strong>: "Tab" character inside header field causes address<br />
mapping to fail (78516)<br />
o SMTP <strong>Gateway</strong>: Attachment broken when Mail Footer is added by<br />
<strong>Web</strong>washer (78729)<br />
o Document Inspector: Thread needs 79% CPU (78649)<br />
o Exceptions for TLS cannot be defined (78659)<br />
o Logging: unix_epoch variables for blockpages display incorrectly<br />
(78665)<br />
o GUI: Backup fails because of too many server certs (78677)<br />
o RealAudio streaming not working (78596)<br />
o GUI: Backup includes addressmapping.txt (78720)<br />
o SSL Scanner: Common Name displayed weird when inspecting<br />
certificate (78695)<br />
o SSL Scanner: IP address is truncated when inserted in the
certificate list (78802)<br />
o Upload Filter: Malformed multipart/form-data upload crashes<br />
<strong>Web</strong>washer (78722)<br />
o Media Type Detector: HTML file detected as text/xml (78708)<br />
o Media Type Detector: <strong>Web</strong>Washer does not recognize Powerpoint<br />
document (78755)<br />
o Centralized Management: Cluster does not synchronize (78591)<br />
o Proxy: <strong>Web</strong>washer closes connection even though it sends<br />
"Proxy-Connection: keep-alive" (78889)<br />
o Anti Malware: Settings are active though not licensed (78896)<br />
o Unable to download large .exe file (78856)<br />
o Proxy: Change FTP Command Filter for partial downloads when "REST<br />
0 (78817)<br />
o Proxy: Problem if 2 authentication methods are configured for FTP<br />
proxy(78660)<br />
o Anti Spam: Mail Footer modifies Outlook Calendar entries (77238)<br />
o Authentication: LDAP login prompt freezes after entering the<br />
credentials (78803)<br />
o URL Filter: Faulting module sfcontrol.dll (78655, 78927, 78652)<br />
o Central Management: Radius "Shared Secret" breaks on site (78824)<br />
o Reporting: Log file structure set back to default for site<br />
instances (78883, 78829)<br />
6.6.3 build 3150: Part Number 91-0948278-C<br />
------------------------------------------<br />
Bugs Fixed<br />
o Linux vulnerability fixed (78837)<br />
o Authentication: LDAP login prompt freezes after entering the<br />
credentials (78803)<br />
6.6.3 build 3102: Part Number 91-0948278-B<br />
------------------------------------------<br />
Bugs Fixed<br />
o Proxy: Illegally closing connection breaks web server NTLM<br />
authentication (78742)
6.6.3 build 3023: Part Number 91-0948278-A<br />
------------------------------------------<br />
New and Improved<br />
o Reporting: Feedback generation without certain logs (78519)<br />
o Reporting: Sort logfiles alphabetically (76663)<br />
o OS sanity check for restore function (78468)<br />
o Ad-aware updates through webwasher fail (78492)<br />
Bugs Fixed<br />
o Generic Body Filter: UI has problems with specific chars(78490)<br />
o SSL Scanner: CN mismatch if CN is in unicode (78534)<br />
o Proxy: Server authentication problem if authentication canceled<br />
(78480)<br />
o Proactive: Update is greyed out if AV but not AntiMalware is<br />
licensed (78532)<br />
o Problem with parameters in URL redirect custom action (78375)<br />
o Reporting: %BR field not working for syslog action (78565)<br />
o Reporting: Corrupted log file structure definition (76449, 78357,<br />
78538)<br />
o <strong>Web</strong> Reputation: Whitelist entry for sun.com does not work (78564)<br />
o Whitelist: Not working for office documents and form data (78315)<br />
o Authentication: Issues when admin account uses RADIUS<br />
authentication (78645)<br />
o Authentication: Allow Internet access when auth server is down"<br />
does not work (78557)<br />
o Document Inspector: Thread needs 79% CPUand webwasher is not<br />
responding (78649)<br />
o Document Inspector: Endless loop in corrupted Excel document<br />
(78592)<br />
o Anti Malware: Problems with Sophos engine (78550, 78540, 78513)<br />
o Upload Filter: Crash under special circumstances (78606)<br />
6.6.2 build 2970: Part Number 91-0947890-C
------------------------------------------<br />
Bugs Fixed<br />
o GUI: Not possible to use full stops in administartor names<br />
(77331)<br />
o LDAP: Problems with support for "Umlaute" (78537)<br />
6.6.2 build 2933: Part Number 91-0947890-B<br />
------------------------------------------<br />
Bugs Fixed<br />
o Anti Spam: Memory leak during update (78453, 78357)<br />
o Anti Spam: <strong>Web</strong>washer crashes if there are no spamfingerprint*.dat<br />
files (78525)<br />
o LDAP: Problems with "Umlaut" (78461)<br />
6.6.2 build 2924: Part Number 91-0947890-A<br />
------------------------------------------<br />
New and Improved<br />
o Logging: write update log information also to syslog (78351)<br />
o GUI: hit rate displayed in "webwasher" dashboard (78348)<br />
o Transparent IP based authentication with eDirectory<br />
o Secure Admin Shell: Add function to reload policy (78159)<br />
Bugs Fixed<br />
o If custom hostname is used, ports are not added (78399)<br />
o Action for known CAs not executed (78402)<br />
o Content-Length Header not updated upon POST body modification<br />
(78344)<br />
o Wrong helpfile for mail footer (78397)<br />
o Broken files cached when bigger download is canceled (78172)<br />
o Java application not working via <strong>Web</strong>washer (78366)<br />
o SSL Scanner: problems with time server certificate (78373)<br />
o Cannot add proxy ports in Windows (78361)<br />
o Media Type mismatch on 302 redirect (78320)
o Logging: writing garbage into access log (78289)<br />
o Problem white listing embedded objects (78324)<br />
o Fixed crashing bug (78325)<br />
o "Send to Support" not working when HTTP GUI disabled (76433)<br />
o Malformed executable causes a crash in PEParser (78391)<br />
o Proactive Scanning: Scrambled letters on some multi-byte<br />
character set web pages (78129, 78090)<br />
o Deleting email from digest web interface doesn't move it to trash<br />
queue (78318)<br />
o Problems with more than one Content-length header (78352)<br />
o Documentinspector: Deadlocks / Crashes on Windows (77995, 78003,<br />
78161, 78274)<br />
o GUI response slow or doesnt work (78425, 78439)<br />
o Anti Spam: wrong Mailshell results if online query fails (78000)<br />
6.6.1 build 2883: Part Number 91-0947799-A<br />
------------------------------------------<br />
New and Improved<br />
o Possibility to whitelist web reputation filter<br />
o Possibility to whitelist media type adaptation (fixes: 78277,<br />
78257, 78291)<br />
o Dashboard: New tab "<strong>Web</strong>washer" (77463)<br />
o Actions: New option to set HTTP status code<br />
o Add settings to adapt to thread/connection usage in a URL Filter<br />
only deployment<br />
Bugs Fixed<br />
o <strong>Web</strong> reputation and enabled cache break streaming (e.g. youtube)<br />
(78262)<br />
o Document Inspector: Malformed Word document causes crash (78255)<br />
o Centralized Mmgt: routing rules not sync'd completely (77932)<br />
o Logging: <strong>Web</strong>washer looses or forgets log lines (78170)
o Map does not load (78184)<br />
o Anti Spam: TrustedSource ratings too high (78271)<br />
o Anti Spam: Mail Footer modifies Outlook Calendar entries (77238)<br />
o Progress Pages for HTTPS requests: Links to embedded objects are<br />
http (78278)<br />
o Dashboard: Corrupt display when lists contain very long URLs<br />
(78163)<br />
o <strong>Web</strong> Cache: problems when setup as transparent proxy (78340,<br />
78296)<br />
6.6.0 build 2856: Part Number 91-0947717-A<br />
------------------------------------------<br />
New and Improved<br />
o Own "DNS Cache" implementation<br />
o Radius Authentication<br />
o Support for scanning of large files (> 2GB) (only Appliance,<br />
Deb4.0 and RHEL 4 )<br />
o Additional SmartFilter options (CGI parameters, categorizing<br />
embedded URLs, categorization of a search engine requests by<br />
keywords)<br />
o SmartFilter SDK 4.3.1.02<br />
o Generic Body Filter on Raw POST bodies (78034)<br />
o Integrated authentication with vista against UserDB (77981)<br />
Bugs Fixed<br />
o Incremental update of the URL Filter doesn't work (78253)<br />
o Connection to NTLM Agent are closed too often (77926)<br />
o Cluster: Problems in Master/Submaster configuration (77905)<br />
o Archiver: *.ram attachment in email is blocked by "Magic Byte<br />
Mismatch" (77965)<br />
o SMTP <strong>Gateway</strong>: Multiple recipient mail gets released/deleted for<br />
all recipients over Digest Interface (77976)<br />
o Progress Page: The Browser save dialog presents wrong name of PDF<br />
files (77992)
o SMTP <strong>Gateway</strong>: eMail crashing <strong>Web</strong>washer 6.5.3 (78022)<br />
o Authentication Pop-Up doesn't show up through <strong>Web</strong>washer (75951,<br />
76988)<br />
o SSL Scanner: CERTVERIFY error with www.viqtest.com (endless loop)<br />
(77889)<br />
o NTLM-Agent: Crash on shutdown (78014)<br />
o NTLM Agent: timeout issue (78087)<br />
o Proxy does not log auth_user when using transparent<br />
authentication (78197)<br />
o New media type application/xml (78199)<br />
o NTLM Agent: timeout issue (78087)<br />
o ldap libraries not installed with webwasher debian 4.0 package<br />
(78082)<br />
o Problem with libxml2 under solaris (78038)<br />
o Clean up obsolete lib dependencies under solaris 10 (78032)<br />
o Stream not passing webwasher (78115)<br />
6.5.3 build 2760 : Part Number 91-0947174-A<br />
--------------------------------------------<br />
New and Improved<br />
o Roles: Support delegated creation of new admin accounts<br />
o Secure Admin Shell: interface to User Database (77817)<br />
o Cluster: possible to make <strong>Web</strong> / E-Mail mapping private<br />
o GUI: Added "Add Domain Name to Group Name" box on policy mapping<br />
rules page (77835)<br />
o Improved performance for download of pages with numerous objects<br />
via IE<br />
o GUI function to various Url Filter features added (77788)<br />
o Media Type Filter: Added Media Type application/xhtml+xml to<br />
Media Type Catalogue (77743)<br />
o URL Filter: Enhanced mapping of Unicode URL parameters to Basic<br />
Access Control Filter list<br />
o Language Packs: Support for error message templates in Korean,
Portuguese, Chinese, Spanish, Italian<br />
o Support for Debian 4.0<br />
Bugs Fixed<br />
o Dashboard: Empty Anti Malware Quick Snapshot (77907)<br />
o Roles for manipulating WW UserDB (77844)<br />
o Roles: Second administrator is not able to apply certain settings<br />
(77733)<br />
o Roles: Way to bypass read only queue access (77837)<br />
o Document Inspector: Detection of embedded excel files (77823)<br />
o Embedded Object Filter: reason written for mail blocked by<br />
embedded scripts filter (77673, 76702)<br />
o HTTP(S) Proxies: RFC compliance for Via header (77867)<br />
o Document Inspector: Endless loop for certain PDF files (77849)<br />
o WW stops parsing HTTP headers when a header starts with "--"<br />
(77816)<br />
o Prefix Filter: <strong>Web</strong>washer freezes due to hanging threads (77863)<br />
o GUI: Correct handling of list entries with blank fields (77762)<br />
o ProActive Scanning:: allow actions with comma in name (77732)<br />
o Embedded Scripts Filter: Scripts with Language="JavaScript1.1"<br />
are not regognized as JavaScript (77740)<br />
o Logging: Invalid category entry in access.log for certain data<br />
(77748)<br />
o Logging: Log file push can lead to never ending timed action<br />
(77815)<br />
o Logging: Tab not working as delimiter in logfile definition<br />
(77834)<br />
o Archiver: Content Type does not match only when file is zipped<br />
(77806)<br />
o Policy Mapping: Usermapping applies to Username and Domainname<br />
(77808)<br />
o URL Filter updates with Anti Spam only license fail (77783)<br />
o URL Filter: volume quota not counted (77819)
o URL Filter: Block during work hours does not work (77758)<br />
o exiting WW during update of Smartfilter results in hanging WW<br />
(77957)<br />
o Rare crash (77683)<br />
o UTF 16 encoded xml file not detected correctly (77795)<br />
o Anti Spam: Own Hostname broken for End user Requests (77821)<br />
o Java Application does not work over <strong>Web</strong>Washer with authentication<br />
(74390)<br />
o Feedback Script: strange problem with feedback.cmd (75662)<br />
6.5.2 build 2676 : Part Number 91-0946963-A<br />
--------------------------------------------<br />
New and Improved<br />
o Improve next proxy handling with HTTP 1.0 next-hop proxies<br />
(77674)<br />
o SmartFilter SDK 4.3.02<br />
o Logging: Support logging of filter engine information in proxy<br />
log file (includes all custom parameters and filter results)<br />
(77720)<br />
o Updated Default Settings in clean installations to enhance out-of<br />
the box security policy while being compliant to common data<br />
protection requirements<br />
o RBL check for intermediate mail server not working (77193)<br />
Bugs Fixed<br />
o Centralized Mmgt: Reboot in cluster not working (77355)<br />
o Centralized Mmgt: Inconsequent behaviour of centralized update<br />
(77678)<br />
o ShellExpression Error (77193)<br />
o URL Filter: Inappropriate Category Scheme notification (77672)<br />
o Dashboard: System alerts are not correct (77707)<br />
o Progress Page: Force Invalid Proxy Request notification (77702)<br />
o FTP Proxy: Multi-line FTP replies through proxy (77679)
o Archiver: AES-encrypted Zip-archive was detected as corrupted<br />
(76880)<br />
o Archiver: Incomplete detection of spanned zip archive (77715)<br />
o high values in dashboard - Network Utilization (77603)<br />
o Bypass streaming media does not work for URLs without extension<br />
(77716)<br />
6.5.1 build 2652 : Part Number 91-0946864-A<br />
--------------------------------------------<br />
New and Improved<br />
o Centralized Mmgt: site can be configured to periodically request<br />
full configuration from master (77261 )<br />
Bugs Fixed<br />
o Centralized Mmgt: Cluster out of sync after changing account<br />
password (77312)<br />
o Centralized Mmgt: Exception for Ports in Clusterdistribution<br />
(74419)<br />
o progresspage only shows 2Gb (77628)<br />
o UUE encoded file handled incorrectly (77532)<br />
o Dashboard: read-only GUI account is allowed to reset<br />
"Quicksnapshot" stats and Live Reports (77561, 77564)<br />
o SMTP <strong>Gateway</strong> will not be started if HTTP and FTP proxy is<br />
disabled (77601)<br />
o SSL Scanner: "Inspect Certificate" produces error when next-hop<br />
proxy is TSP, Sidewinder or ISA Server (77505)<br />
o Post request results in 407 Proxy Authentication Required (77472)<br />
o Wrong system alert "Progressive Lockout is used in an action but<br />
is not activated yet" (77595)<br />
o HEAD response with content lenght header (77615)<br />
o TimeScheme "Non-working hours" (77653)<br />
o Centralized update: Spamequator update broken on sites (77400)<br />
o Mail <strong>Gateway</strong>: Plain text mails are getting blocked (77625, 77620)<br />
o Mail <strong>Gateway</strong>: Mails with content type message/delivery-status not<br />
recognized (77620)
o Generic Header Filter: Could not be used to detect missing header<br />
(77652)<br />
6.5.0 build 2643 : Part Number 91-0946613-A<br />
--------------------------------------------<br />
New and Improved<br />
o GUI: Dashboard and Quick Snapshots<br />
o Initial Streaming media support<br />
o URL Reputation System<br />
o Welcome page<br />
o URL Filter: Adoption of the SmartFilter SDK<br />
o New action "Delay"<br />
o New action "Progressive lock-out"<br />
o New action "Authorized Override"<br />
o Proxy: Allow actions on HTTP/FTP commands and methods<br />
o Proxy: Proxy.pac support<br />
o Proxy: Multiple listener ports per protocol<br />
o Proxy: Allow to substitute IP address in FTP Port command<br />
o Authentication: Support nested Active Directory groups<br />
o Add URL Feedback system for uncategorized URL<br />
o Document Inspector: XML Parser<br />
o Document Inspector: Support Open Document Format<br />
o Document Inspector: Support Microsoft Office Open XML<br />
o Document Inspector: Support SOAP<br />
o Logging: more information on actions in audit.log<br />
Bugs Fixed<br />
o <strong>Web</strong>washer looses configuration (76494)<br />
o Embedded Scripts: Executable script content was not stripped out<br />
of emails and web pages if nested tags were used (77373)
o Crash with termsignal 11 (77159, 77310)<br />
o missing session information in incident manager (77482)<br />
o Crash because of special cab file (77452)<br />
o Setting (Enduser) User Interface Port to 80 does not work (77445)<br />
o Small pdf blocked by <strong>Web</strong>washer with error File is Larger Than 2<br />
GB (77410)<br />
o <strong>Release</strong>d mail does not go through release policy (77397)<br />
o Multiple recipient spam emails do not get released properly<br />
(77396)<br />
o no values for spam_res+spam_level in smtpfilter.log (77053)<br />
o URI in Service Name List gets truncated when ending in any<br />
combination of 0 & 1s (77210)<br />
o Centralized updates seems to avoid spamequator update on sites<br />
(77400)<br />
o Policy mapping via IP Mapping based on X-Client-IP (77556)<br />
o Mp3 media type detection false positives (77520)<br />
6.0.1 build 2583 : Part Number 91-0946423-A<br />
--------------------------------------------<br />
Bugs Fixed<br />
o Setting (Enduser) User Interface Port to 80 does not work (77445)<br />
6.0.1 build 2572 : Part Number 91-0946423-A<br />
--------------------------------------------<br />
Bugs Fixed<br />
o sporadic crashes when SSLScanner not licensed<br />
(77129,77134,77243,77270,77273)<br />
o Handling of encapsulated postscripts (77327)<br />
6.0.1 build 2533 : Part Number 91-0946423-A<br />
--------------------------------------------<br />
New and Improved<br />
o Detect malformed MIME parts in text attachments<br />
6.0.1 build 2512 : Part Number 91-0946423-A<br />
--------------------------------------------
New and Improved<br />
o Next Hop Proxy handling<br />
o GUI improvements<br />
o New ssl libs, fixes CVE-2006-2937 and CVE-2006-2940<br />
o Read-only admin can now change his own pwd (76863)<br />
o Support to bind End User Port to port 443 (77058)<br />
o Progress Pages resize window if a download popup to small<br />
o Enhance Progress Page to work with Internet Explorer 7<br />
Bugs Fixed<br />
o Quotas not synced in cluster (76972)<br />
o Fixed NTLM authentication at a webserver (76988)<br />
o Wrong status code 500 instead of 502/504 if server can't be<br />
reached (76976)<br />
o SSL Scanner: Rare crashes with Progress Pages (76931)<br />
o IFP Server implementation more robust (77007)<br />
o SMTP <strong>Gateway</strong>: A malformed mail contained an attachment of type<br />
message/rfc822 that had a sinle section of type message/rfc822<br />
that had a single section of type message/rfc822 4771 times<br />
causes a crash (77017)<br />
o GUI: Secure/Unsecure mix of images in internal request and error<br />
messages (77040)<br />
o GUI: limited administrator role not correct (77173)<br />
o SSL-Scanner: SSL handshake fails on server with pkcs1 padding<br />
error (76057)<br />
o Fixed "Use other host or URL" on Queue View (77051)<br />
o URL Filter: Filter by Expression list looses it's settings<br />
(77065)<br />
o Links in Overal Summary Reports lead to empty Policy Reports<br />
(77066)<br />
o Smtp <strong>Gateway</strong>: Digest buttons show sometimes wrong deposited URL's<br />
(77063)
o Crash if embedded object is referenced by a large URL > 1023 with<br />
whitelisted Mediatype Filter (77064)<br />
o Next Proxy settings not reachable when Next Proxies down (77078)<br />
o Un-justified System Alert on Site when using "Centralized Update"<br />
(77080)<br />
o Improved stability under Solaris 10<br />
o<br />
6.0 build 2455 : Part Number 91-0946256-A<br />
------------------------------------------<br />
New and Improved<br />
o New product Anti Malware including Secure Anti-Malware engine<br />
o User Database added to support authentication without need of<br />
external directory services<br />
o User Database: Allow new users to add themselves if they can<br />
authenticate at the LDAP Server<br />
o Support transparent authentication with internal<br />
challenge/response method, basic authentication, basic<br />
authentication over SSL or login page (76081)<br />
o Support of the Internet Filtering Protocol IFP<br />
o Proactive: Enhanced heuristic for Windows executables<br />
o Proactive: Execution Path Disassembler (PE parser)<br />
o Proactive: Identify client computers that may have Potentially<br />
Unwanted Programs (PUP) installed<br />
o Proactive: Enhanced VB and Java Script detection<br />
o Proactive: Split rules set for JavaApplets and Java Application<br />
o Proactive: Special rules for Trusted Sites to avoid false<br />
positives (75932)<br />
o Proactive: Script engine for special rules (e.g. jpeg, WMF<br />
vulnerability)<br />
o Anti Spam: Fingerprinting of mails to avoid misclassification<br />
o Anti Spam: Automatic whitelisting of sender information (74376)<br />
o Anti Spam: Automatic whitelisting on release from Spam Queue<br />
(74780)
o Anti Spam: More MailShell options in GUI<br />
o Anti Spam: On site training of MailShell filter by customer spam<br />
and ham messages<br />
o Anti Spam: Support of TrustedSource as new Spam method<br />
o Mail <strong>Gateway</strong>: Support of TrustedSource in the SMTP dialog to<br />
reject mail directly<br />
o Mail <strong>Gateway</strong>: Centralized queue management (e.g.<br />
replication/fallback)<br />
o Mail <strong>Gateway</strong>: Centralized queue view in cluster<br />
o Mail <strong>Gateway</strong>: Resend Digest<br />
o Mail <strong>Gateway</strong>: TLS Support for SMTP<br />
o Mail <strong>Gateway</strong>: Address mapping for sender and recipients in<br />
incoming and outgoing mails<br />
o Message Filter: Offer filter action "Remove Attachments"<br />
o Message Filter: Enhanced Phishing Filter<br />
o GUI: Redesigned for improved usability<br />
o GUI: Ajax support for realtime values (e.g. Life Reports, update<br />
status, statistics)<br />
o GUI: Sessions support with automatic logout (73948)<br />
o GUI: Audit logging to track configuration changes<br />
o GUI: Click history for smarter GUI navigation<br />
o GUI: Import/Export for error templates<br />
o GUI: Alert when leaving a page without "Apply Changes"<br />
o GUI: Improved list views<br />
o GUI: Optional display of <strong>Web</strong> and/or Mail settings<br />
o Cluster: Synchronization of Quota data (74977)<br />
o Queue based feedback system for Spam and Malware<br />
o Content Security: Improved detection of unknown embedded scripts<br />
(75515)<br />
o Own port for end user operations like Digest or password changes
in User Database (74782)<br />
o Proxies: Failover and routing rules for all parent proxies<br />
o Proxies: Individual authentication processes for each proxy<br />
(76343)<br />
o Secure Administration Shell: Different public key for every admin<br />
(76342)<br />
o Archive Handler: Can be switched off (76344)<br />
o Distributed Updates for all subscription based data in cluster<br />
(74515,76040)<br />
o Increased granularity in White List for Content Security filters<br />
(76396)<br />
Bugs Fixed<br />
o Crashes with termsignal 6 and 11 in CHTTPSConnection (76281)<br />
o Archive Handler: Email attachment is filtered from Archive<br />
Handler <strong>Web</strong> section (76316)<br />
o Archive Handler: Zip Files perilously detected as corrupted<br />
Archive (76391)<br />
o Logging: "spam-res" and "spam-level" print mail subject in custom<br />
log file (76418)<br />
o Password containing "Umlauts" do not work - No Access (76428)<br />
o Document Inspector: Encrypted PowerPoint documents are treated as<br />
simple OLE2 Structured Storage files (76476)<br />
o ProActive: damages PDF file (76567)<br />
o Error message with wrong language (76613)<br />
o smtp helo displays tailing ";" on the helo name (76652)<br />
o Progress Page: download of big files named with blanks (76740)