Cisco Cisco Web Security Appliance S170 릴리즈 노트
26
C I S C O I R O N P O R T A S Y N C O S 6 . 3 . 8 F O R W E B R E L E A S E N O T E S
Fixed: Web Proxy generates a core file when HTTPS Proxy and secure client
authentication are disabled in some cases
authentication are disabled in some cases
Previously, the Web Proxy generated a core file when the HTTPS Proxy and secure client
authentication were disabled and a CONNECT request was made to the “Redirect Hostname”
configured on the appliance. This no longer occurs. [Defect ID: 55352]
authentication were disabled and a CONNECT request was made to the “Redirect Hostname”
configured on the appliance. This no longer occurs. [Defect ID: 55352]
Fixed: Native FTP using Raptor format authentication fails when proxy authentication is
not required
not required
Previously, native FTP using the Raptor format authentication failed when proxy
authentication was not required. This no longer occurs. [Defect ID: 55379]
authentication was not required. This no longer occurs. [Defect ID: 55379]
Fixed: Cannot restrict M1 network interface to management only when VLANS are
configured in some cases
configured in some cases
Previously, you could not restrict the M1 port to management only when VLANS were
configured on the P1 network interface. This no longer occurs. [Defect ID: 55893]
configured on the P1 network interface. This no longer occurs. [Defect ID: 55893]
Fixed: TLS/SSL Man-in-the-Middle Vulnerability
Previously, an industry-wide vulnerability that existed in the TLS protocol potentially
impacted any Cisco product using any version of TLS /SSL. The vulnerability existed in how
the protocol handled session re-negotiation and exposed users to a potential Man-in-the-
middle attack. This issue has been fixed. [Defect ID: 55972]
impacted any Cisco product using any version of TLS /SSL. The vulnerability existed in how
the protocol handled session re-negotiation and exposed users to a potential Man-in-the-
middle attack. This issue has been fixed. [Defect ID: 55972]
Fixed: Web Proxy erroneously sends two requests to a server instead of one in some
cases
cases
Previously, the Web Proxy erroneously sent two requests to a server instead of one when the
requested object existed in the web cache, but had expired. The Web Proxy always returned
the object to the client as retrieved from the server in the second request. This no longer
occurs. Now, the Web Proxy returns the object from the web cache if the server indicates the
object has not been modified, or it returns the object from the server if it has been modified.
[Defect ID: 55973]
requested object existed in the web cache, but had expired. The Web Proxy always returned
the object to the client as retrieved from the server in the second request. This no longer
occurs. Now, the Web Proxy returns the object from the web cache if the server indicates the
object has not been modified, or it returns the object from the server if it has been modified.
[Defect ID: 55973]
Fixed: Web Proxy erroneously includes duplicate HTTP headers to web servers in some
cases
cases
Previously, the Web Proxy erroneously included duplicate “Connection: keep-alive” HTTP
headers to web servers when requesting expired cached objects. This caused some web
servers to not properly service the request. This no longer occurs. [Defect ID: 55974]
headers to web servers when requesting expired cached objects. This caused some web
servers to not properly service the request. This no longer occurs. [Defect ID: 55974]
Fixed: Web Proxy stops authenticating users when the Active Directory server is
unavailable in some cases
unavailable in some cases
Previously, the Web Proxy stopped authenticating users when the Active Directory server was
shut down either for long periods of time or multiple times. This caused an internal process to
leak sockets and no longer respond to authentication requests until the Web Proxy restarted.
This no longer occurs. [Defect ID: 56207]
shut down either for long periods of time or multiple times. This caused an internal process to
leak sockets and no longer respond to authentication requests until the Web Proxy restarted.
This no longer occurs. [Defect ID: 56207]