Cisco Cisco Email Security Appliance X1050 릴리즈 노트
3
Release Notes for Cisco IronPort AsyncOS 7.1.5 for Email Release
OL-22161-05
What’s New in Cisco IronPort AsyncOS 7.1.5 for Email
Fixed Issues
Table 1
Resolved Issues in Version 7.1.5
Defect ID
Description
83262
Fixed: FreeBSD telnetd Remote Code Execution Vulnerability
This hot patch fixes a vulnerability in the Cisco IronPort Email Security appliance that
could have allowed a remote, unauthenticated attacker to execute arbitrary code with
elevated privileges.
could have allowed a remote, unauthenticated attacker to execute arbitrary code with
elevated privileges.
For more information on the vulnerability, see the Cisco security advisory at
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2012
0126-ironport
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2012
0126-ironport
81754
Fixed: TLS Traffic Causing Email Processing to Restart or Become Unresponsive
The DigiNotar blacklist solution added in the previous 7.5.1 hot patch contained a
defect that resulted in the email process restarting or becoming unresponsive due to
certain types of TLS traffic. This issue has been resolved and the email process errors
no longer occurs.
defect that resulted in the email process restarting or becoming unresponsive due to
certain types of TLS traffic. This issue has been resolved and the email process errors
no longer occurs.
80810
Fixed: Email Security appliance trusts DigiNotar as a root certificate authority
Previously, the Email Security appliance trusted DigiNotar as a root certificate
authority. It also trusted DigiNotar’s intermediate certificates issued by the State of
Netherlands. This no longer occurs. The Email Security appliance no longer includes
DigiNotar in the list of trusted certificate authorities. It has also blacklisted
DigiNotar’s intermediate certificates.
authority. It also trusted DigiNotar’s intermediate certificates issued by the State of
Netherlands. This no longer occurs. The Email Security appliance no longer includes
DigiNotar in the list of trusted certificate authorities. It has also blacklisted
DigiNotar’s intermediate certificates.
22164
Fixed: Regular Expression that Exceeds Data Limit Invalidates Message Filter
Previously, if certain data caused a failure when evaluating a message filter’s regular
expression, an application fault occurred and the message filter became invalidated.
This issue has been resolved. Now, the appliance skips the message filter for that
message without invalidating the filter for subsequent messages.
expression, an application fault occurred and the message filter became invalidated.
This issue has been resolved. Now, the appliance skips the message filter for that
message without invalidating the filter for subsequent messages.
74473
Fixed: version Command Displays RAID Type as ‘NA’
Fixed an issue where the
version
command would display the RAID type as
NA
due
to improper RAID controller parsing heuristics. This issue affects the following areas:
•
CLI: the
version
command didn’t display the correct RAID volume state.
•
SNMP: would mark all disks down at boot and fire notifications for all disks, due
to an invalid state change.
to an invalid state change.