Cisco Cisco Email Security Appliance C170

Release Notes for Hot Patch 3 for AsyncOS 8.5.6 for Email

Upgrade Paths

You can upgrade to release 8.5.6-10

6 from the following versions:

•

7.6.3-019

•

8.0.1-023

•

8-5-6-074

•

8-5-6-092

•

8-5-6-095

Resolved Issues

Click a Defect ID in the table for more information about the defect.

Documentation Updates

Cisco AsyncOS 8.5.6 for Email User Guide is revised to include the following changes:

•

Added information about certificates for URL Filtering features. See

Certificates for URL Filtering

Features

in the

URL Filtering

chapter.

•

Added recommendation about LDAP cache value. See

Creating LDAP Server Profiles to Store

Information About the LDAP Server

in the

LDAP Queries

chapter.

Revised user guide is available at

http://www.cisco.com/c/en/us/support/security/email-security-appliance/products-user-guide-list.html

Note

These updates will not be available in the Cisco AsyncOS 8.5.6 for Email Online Help.

Defect ID

Description

CSCuj75454

Filters do not recognize body inside multipart/mixed > multipart/related

CSCuo96011

Weak hardening of support account credential algorithm

CSCup07934

Cisco Email Security Appliance ZIP Inspection Bypass Vulnerability

CSCup55731

com.postx.util.TableImage doesn't work with Java 1.7

CSCup76500

GCJ pxdaemon corrupts content with certain MIME

CSCup81263

Postx glitches prevent email encryption and delivery

CSCuq45779

Workqueue backups consume 50% of memory

CSCuq18649

694 SDK needs 690 error handling for To Address RFC-822 violations

CSCuq88496

Email Security appliance may be vulnerable to CVE-2004-0230, allowing denial of
service

CSCur44447

Filter action:

edit-header-text

tracebacks internationalized headers

CSCzv35183

DLP applying wrong action to violations