Cisco Cisco FirePOWER Appliance 8370 릴리즈 노트
Version 5.3.0.4
Sourcefire 3D System Release Notes
19
Resolved Issues
•
You can now reapply device configuration after editing the list of security
zones of a cluster, stack or clustered stack of devices from the Object
Management page by selecting the green apply icon for device changes on
the Device Management page (Devices > Device Management).
(143535/CSCze94906)
•
Resolved an issue where, if you disabled any access control rules
containing either an intrusion policy or a variable set different from any
enabled rules and the access control policy’s default action, policy apply
failed and the system experienced issues. (143809/CSCze94944)
•
Improved diskmanager cleanup during report generation.
(143900/CSCze94192)
•
Resolved an issue where, in some cases, if you applied an access control
policy to your Defense Center, policy apply failed and caused system
issues. (143974/CSCze95108)
•
Improved reliability of URL reputation and device detection capabilities.
(144169/CSCze94611)
•
Resolved an issue where, in some cases, if you created an intrusion policy
with the FTP preprocessor enabled, the system incorrectly identified traffic
matching rules referencing the FTP preprocessor as FTP files even if they
were not. (144315/CSCze94630)
Version 5.3.0.2
•
Security Issue
Addressed multiple cross-site scripting (XSS) vulnerabilities.
•
Security Issue
Addressed multiple cross-site request forgery (CSRF)
vulnerabilities.
•
Security Issue
Addressed multiple injection vulnerabilities, including HTML
and command line injections.
•
Security Issue
Addressed multiple vulnerability issues in cURL, Linux,
MySQL, strongSwan, and Wireshark, including those described in
CVE-2013-1944, CVE-2013-2237, CVE-2013-3783, CVE-2013-2338,
CVE-2013-5718, CVE-2013-5719, CVE-2013-5720, CVE-2013-5721, and
CVE-2013-5722.
•
Resolved an issue where the system delayed the generation of
end-of-connection events for packets transmitted via a protocol other than
TCP or UDP. (131526/CSCze89194)
•
Resolved an issue where, in some cases, the intrusion event packet view
displayed a rule message that did not match the rule that generated the
event. (138011/CSCze90972)
•
Resolved an issue where you could not import an intrusion rule that
referenced a custom variable. (138077/CSCze90689)