Cisco Cisco Email Security Appliance C690
3
Release Notes for Cisco IronPort AsyncOS 7.5.2 for Email
OL-25139-02
What’s New in Cisco IronPort AsyncOS 7.5.2 for Email
Table 1
Resolved Issues in Version 7.5.2
Defect ID
Description
72743
Fixed: OpenSSH Vulnerability Could Expose Plain Text Data
Previously, a remote attacker could have recovered certain plaintext data in an SSH
session by exploiting OpenSSH CBC Mode Information Disclosure Vulnerability
CVE-2008-5161. This vulnerability has been fixed.
session by exploiting OpenSSH CBC Mode Information Disclosure Vulnerability
CVE-2008-5161. This vulnerability has been fixed.
84068
Fixed: Content Scanning Engine Stops Scanning Due to Memory Leak
Previously, the Email Security appliance’s content scanning engine would go out of
operation and stop scanning documents and attachments if it leaked memory and the
leaked memory and memory usage reached 400 MB. The scanning engine would
instead log, “no filter available for this file type.” This issue has been resolved.
operation and stop scanning documents and attachments if it leaked memory and the
leaked memory and memory usage reached 400 MB. The scanning engine would
instead log, “no filter available for this file type.” This issue has been resolved.
81190
83861
Fixed: Office 2010 Files Detected as ZIP Files
Previously, the Email Security appliance detected Office 2010 .files as .zip files
instead of document filetype. This affected DLP scanning and content filters. This
issue has been resolved.
instead of document filetype. This affected DLP scanning and content filters. This
issue has been resolved.
74457
Fixed: Proxy Server Setting Erroneously Used for Feature Key Updates in Some
Cases
Cases
Previously, when a proxy server was configured for the update settings and was then
removed, AsyncOS still tried to connect through the proxy server when trying to
retrieve feature key updates. This no longer occurs.
removed, AsyncOS still tried to connect through the proxy server when trying to
retrieve feature key updates. This no longer occurs.
64885
Email Security Appliance Now Uses AES-256 Encryption with CRES
The Email Security appliance now supports encrypting messages using the AES-256
algorithm when using CRES as a key server.
algorithm when using CRES as a key server.
82139
Email Security Appliance No Longer Trusts DigiCert Sdn. Bhd. as an
Intermediate Certificate Authority
Intermediate Certificate Authority
Previously, the Email Security appliance trusted intermediate CA certificates issued
to “Digicert Sdn. Bhd” by Entrust and GTE CyberTrust. This no longer occurs. The
Email Security appliance has blacklisted these intermediate certificates. For more
information, see the following Cisco PSIRT article:
to “Digicert Sdn. Bhd” by Entrust and GTE CyberTrust. This no longer occurs. The
Email Security appliance has blacklisted these intermediate certificates. For more
information, see the following Cisco PSIRT article:
http://tools.cisco.com/security/center/viewAlert.x?alertId=24031