Cisco Cisco Email Security Appliance C680 Notas de publicación
11
Release Notes for Cisco IronPort AsyncOS 7.6.1 for Email
Resolved Issues
Step 6
Click the Available Upgrades button. The page refreshes with a list of available AsyncOS upgrade
versions.
versions.
Step 7
Click the Begin Upgrade button and your upgrade will begin. Answer the questions as they appear.
Step 8
When the upgrade is complete, click the Reboot Now button to reboot your IronPort appliance.
Resume all listeners.
Resolved Issues
This section includes the following topics:
•
Resolved Issues in Version 7.6
lists the issues that were resolved in version 7.6 of AsyncOS for Email.
Table 2
Resolved Issues in AsyncOS 7.6.0 for Email
Defect ID
Description
83262
Fixed: FreeBSD telnetd Remote Code Execution Vulnerability
This hot patch fixes a vulnerability in the Cisco IronPort Email Security appliance that
could have allowed a remote, unauthenticated attacker to execute arbitrary code with
elevated privileges.
could have allowed a remote, unauthenticated attacker to execute arbitrary code with
elevated privileges.
For more information on the vulnerability, see the Cisco security advisory at
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ci
sco-sa-20120126-ironport
80810
Fixed: Email Security appliance trusts DigiNotar as a root certificate authority
In previous versions of AsyncOS for Email, the Email Security appliance trusted
DigiNotar as a root certificate authority. It also trusted DigiNotar’s intermediate
certificates issued by the State of Netherlands. These certificates are no longer
accepted.
DigiNotar as a root certificate authority. It also trusted DigiNotar’s intermediate
certificates issued by the State of Netherlands. These certificates are no longer
accepted.
72743
AsyncOS 7.6 Updated to Use OpenSSH 5.4
AsyncOS 7.6 has been updated to use OpenSSH 5.4 in order to fix the
CVE-2008-5161 vulnerability.
CVE-2008-5161 vulnerability.
72524
Fixed: Disclaimers Cannot Be Added to Non-US-ASCII Message Body
Previously, mail agents such as Outlook and Thunderbird displayed a disclaimer as an
attachment and not inline with the message because the message body was not
encoded as US-ASCII. This issue has been resolved. This disclaimer is now displayed
inline with the message even if the message body is encoded in a format other than
US-ASCII.
attachment and not inline with the message because the message body was not
encoded as US-ASCII. This issue has been resolved. This disclaimer is now displayed
inline with the message even if the message body is encoded in a format other than
US-ASCII.