Cisco Cisco Web Security Appliance S390
9
Release Notes for Cisco IronPort AsyncOS 7.7.5 for Web
Resolved Issues in Release 7.7.0
85383
CSCzv21238
Although support for Secure Sockets Layer (SSL) version 2 was removed from AsyncOS, client
to proxy communication still allowed for SSL version 2. Client to proxy requests using SSL
version 2 now fail, which is the expected behavior. This is fixed.
to proxy communication still allowed for SSL version 2. Client to proxy requests using SSL
version 2 now fail, which is the expected behavior. This is fixed.
85085
CSCzv56404
The Status command was reporting incorrect system resource values. This is fixed.
84195
CSCzv73908
Transaction requests were sometimes resulting in HTTP 503 errors due to DNS caching
problems. This is fixed.
problems. This is fixed.
83666
CSCzv68184
With Safe Search enabled, for URLs that included a question mark (?) in the first position after
the domain name, for example, "example.com/?abc", transaction requests were resulting in an
HTTP 404 error message. This is fixed.
the domain name, for example, "example.com/?abc", transaction requests were resulting in an
HTTP 404 error message. This is fixed.
83479
CSCzv78744
When the disk reported a high temperature, AsyncOS was sending out frequent, redundant
alerts. This is fixed.
alerts. This is fixed.
82946
CSCzv27807
Non-UTF-8 characters in transaction header fields were resulting in unnecessary UTF-8 errors
on the appliance. This is fixed.
on the appliance. This is fixed.
82857
CSCzv85035
External authentication failed with a Juniper SBR RADIUS server when RADIUS users were
mapped to different Web Security appliance user role types using a RADIUS CLASS attribute.
This is fixed.
mapped to different Web Security appliance user role types using a RADIUS CLASS attribute.
This is fixed.
82809
CSCzv44630
Host Header spoofing in HTTP and HTTPS Requests was not prevented. Now, there is a CLI
option in
option in
adminaccessconfig
to allow only hostnames/IP addresses of existing interfaces. This
allows restricting specific machines to a specific domain name. By default, this option is
disabled.
disabled.
82780
CSCzv58956
Expired certificates were sometimes not detected by the appliance due to the order in which
AsyncOS checked for errors and different actions assigned to different types of errors. AsyncOS
now checks for all errors and applies the most restrictive action that applies.
AsyncOS checked for errors and different actions assigned to different types of errors. AsyncOS
now checks for all errors and applies the most restrictive action that applies.
82662
CSCzv27661
SNMP erroneously returned appliance information from the previous version of AsyncOS after
upgrading. This is fixed.
upgrading. This is fixed.
82415
CSCzv95909
Large Objects were taking too long to load in some cases when the client made a universal range
request. This is fixed.
request. This is fixed.
81661
CSCzv78679
On Appliances using WebRoot scanning, requests for web pages that included javascript were
sometimes taking too long. This is fixed.
sometimes taking too long. This is fixed.
81156
CSCzv95258
Attempting to navigate from Web Security Manager to the Outbound Malware Scanning page
was, in rare cases, producing an application fault. This is fixed.
was, in rare cases, producing an application fault. This is fixed.
81055
CSCzv50828
Processing client requests sometimes took too long after updating new anti-malware rules.This
is fixed.
is fixed.
77935
CSCzv40418
The Dynamic Content Analysis engine was erroneously overwriting the effective category used
in policy decisions for new requests. This is fixed.
in policy decisions for new requests. This is fixed.
76250
CSCzv13897
Requires change to the user guide -- the new mask functionality. Network>Transparent
Redirection> WCCP> Service > Advanced > Load Balancing.
Redirection> WCCP> Service > Advanced > Load Balancing.
73467
CSCzv63552
Rebooting the appliance without proper shutdown sometimes caused irreparable damage to the
appliance. This is fixed.
appliance. This is fixed.
71012
CSCzv42816
Fixed: Clients cannot connect to HTTPS servers that do not support TLS Hello during the
SSL handshake.
SSL handshake.
Previously, clients could not connect to HTTPS servers that did not support TLS Hello during
the SSL handshake. This is fixed.
the SSL handshake. This is fixed.
Previous
Defect ID
Defect ID
Bug Toolkit ID
Description