Cisco Cisco Email Security Appliance C680 Release Notes
11
Release Notes for Cisco IronPort AsyncOS 7.6.1 for Email
Resolved Issues
Upgrading to the AsyncOS 7.6 Release
For the AsyncOS 7.6 release, please use the following instructions to upgrade your Email Security
appliance.
appliance.
Step 1
Save the XML configuration file off the IronPort appliance.
Step 2
If you are using the Safelist/Blocklist feature, export the Safelist/Blocklist database off the IronPort
appliance.
appliance.
Step 3
Suspend all listeners.
Step 4
Wait for the queue to empty.
Step 5
From the System Administration tab, select the System Upgrade page.
Step 6
Click the Available Upgrades button. The page refreshes with a list of available AsyncOS upgrade
versions.
versions.
Step 7
Click the Begin Upgrade button and your upgrade will begin. Answer the questions as they appear.
Step 8
When the upgrade is complete, click the Reboot Now button to reboot your IronPort appliance.
Resume all listeners.
Resolved Issues
This section includes the following topics:
•
Resolved Issues in Version 7.6
lists the issues that were resolved in version 7.6 of AsyncOS for Email.
Table 2
Resolved Issues in AsyncOS 7.6.0 for Email
Defect ID
Description
83262
Fixed: FreeBSD telnetd Remote Code Execution Vulnerability
This hot patch fixes a vulnerability in the Cisco IronPort Email Security appliance that
could have allowed a remote, unauthenticated attacker to execute arbitrary code with
elevated privileges.
could have allowed a remote, unauthenticated attacker to execute arbitrary code with
elevated privileges.
For more information on the vulnerability, see the Cisco security advisory at
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ci
sco-sa-20120126-ironport
80810
Fixed: Email Security appliance trusts DigiNotar as a root certificate authority
In previous versions of AsyncOS for Email, the Email Security appliance trusted
DigiNotar as a root certificate authority. It also trusted DigiNotar’s intermediate
certificates issued by the State of Netherlands. These certificates are no longer
accepted.
DigiNotar as a root certificate authority. It also trusted DigiNotar’s intermediate
certificates issued by the State of Netherlands. These certificates are no longer
accepted.