Cisco Cisco FirePOWER Appliance 7020 Notas de publicación
Version 5.3.0.3
Sourcefire 3D System Release Notes
24
Issues Resolved in Version 5.3.0.3
•
You can now reapply device configuration after editing the list of security
zones of a cluster, stack or clustered stack of devices from the Object
Management page by selecting the green apply icon for device changes on
the Device Management page (Devices > Device Management).
(143535/CSCze94906)
•
Resolved an issue where, if you disabled any access control rules
containing either an intrusion policy or a variable set different from any
enabled rules and the access control policy’s default action, policy apply
failed and the system experienced issues. (143809/CSCze94944)
•
Improved diskmanager cleanup during report generation.
(143900/CSCze94192)
•
Resolved an issue where, in some cases, if you applied an access control
policy to your Defense Center, policy apply failed and caused system
issues. (143974/CSCze95108)
•
Improved reliability of URL reputation and device detection capabilities.
(144169/CSCze94611)
•
Resolved an issue where, in some cases, if you created an intrusion policy
with the FTP preprocessor enabled, the system incorrectly identified traffic
matching rules referencing the FTP preprocessor as FTP files even if they
were not. (144315/CSCze94630)
Issues Resolved in Previous Updates
You can track defects resolved in this release using the Cisco Defect Tracking
System (CDETS). To view defects addressed in older versions, refer to the legacy
caveat tracking system. Because you can update your appliances from Version 5.3
to Version 5.3.0.3, this update also includes the changes from Version 5.3.
Previously resolved issues are listed by version.
Version 5.3.0.2
•
Security Issue
Addressed multiple cross-site scripting (XSS) vulnerabilities.
•
Security Issue
Addressed multiple cross-site request forgery (CSRF)
vulnerabilities.
•
Security Issue
Addressed multiple injection vulnerabilities, including HTML
and command line injections.
•
Security Issue
Addressed multiple vulnerability issues in cURL, Linux,
MySQL, strongSwan, and Wireshark, including those described in
CVE-2013-1944, CVE-2013-2237, CVE-2013-3783, CVE-2013-2338,
CVE-2013-5718, CVE-2013-5719, CVE-2013-5720, CVE-2013-5721, and
CVE-2013-5722.
•
Resolved an issue where the system delayed the generation of
end-of-connection events for packets transmitted via a protocol other than
TCP or UDP. (131526/CSCze89194)