Cisco Cisco Email Security Appliance C190
13
Release Notes for Cisco IronPort AsyncOS 7.6.3 for Email
7.6.3
Resolved Issues
Cisco IronPort AsyncOS 7.6 for Email
The following is a list of resolved issues in the Cisco IronPort AsyncOS 7.6 for Email release.
•
FreeBSD telnetd Remote Code Execution Vulnerability. This hot patch fixes a vulnerability in
the Cisco IronPort Email Security appliance that could have allowed a remote, unauthenticated
attacker to execute arbitrary code with elevated privileges. For more information on the
vulnerability, see the Cisco security advisory at
the Cisco IronPort Email Security appliance that could have allowed a remote, unauthenticated
attacker to execute arbitrary code with elevated privileges. For more information on the
vulnerability, see the Cisco security advisory at
.
•
Email Security appliance trusts DigiNotar as a root certificate authority. In previous versions
of AsyncOS for Email, the Email Security appliance trusted DigiNotar as a root certificate authority.
It also trusted DigiNotar’s intermediate certificates issued by the State of Netherlands. These
certificates are no longer accepted.
of AsyncOS for Email, the Email Security appliance trusted DigiNotar as a root certificate authority.
It also trusted DigiNotar’s intermediate certificates issued by the State of Netherlands. These
certificates are no longer accepted.
•
AsyncOS 7.6 Updated to Use OpenSSH 5.4. AsyncOS 7.6 has been updated to use OpenSSH 5.4
in order to fix the CVE-2008-5161 vulnerability.
in order to fix the CVE-2008-5161 vulnerability.
•
Disclaimers Cannot Be Added to Non-US-ASCII Message Body. Previously, mail agents such as
Outlook and Thunderbird displayed a disclaimer as an attachment and not inline with the message
because the message body was not encoded as US-ASCII. This issue has been resolved. This
disclaimer is now displayed inline with the message even if the message body is encoded in a format
other than US-ASCII.
Outlook and Thunderbird displayed a disclaimer as an attachment and not inline with the message
because the message body was not encoded as US-ASCII. This issue has been resolved. This
disclaimer is now displayed inline with the message even if the message body is encoded in a format
other than US-ASCII.
•
AsyncOS Upgrades and Service Updates Use Same Update Server. In AsyncOS 7.5, AsyncOS
upgrades used the same update server as all of the service updates, whether it was an IronPort update
server or a local update server. This prevented users from using a local server for AsyncOS upgrades
and an IronPort update server for all other service updates unless they configure the appliance to use
a manifest on a local appliance for an AsyncOS upgrade and then re-configure the appliance to use
an IronPort update server for the other services after the upgrade is complete. This issue has been
resolved. AsyncOS 7.6 allows you to specify a different update server for AsyncOS upgrades than
the one used for other service updates, such as feature key updates, outbreak filters, and time zone
rules.
upgrades used the same update server as all of the service updates, whether it was an IronPort update
server or a local update server. This prevented users from using a local server for AsyncOS upgrades
and an IronPort update server for all other service updates unless they configure the appliance to use
a manifest on a local appliance for an AsyncOS upgrade and then re-configure the appliance to use
an IronPort update server for the other services after the upgrade is complete. This issue has been
resolved. AsyncOS 7.6 allows you to specify a different update server for AsyncOS upgrades than
the one used for other service updates, such as feature key updates, outbreak filters, and time zone
rules.
•
Using a Virtual Gateway Hostname for a Received Header May Prevent DKIM Signing.
Previously, AsyncOS for Email may not have signed outgoing messages using DKIM if the
appliance uses a Virtual Gateway hostname in the received header.
Previously, AsyncOS for Email may not have signed outgoing messages using DKIM if the
appliance uses a Virtual Gateway hostname in the received header.
•
GUI Sometimes Displays Fewer Query Results Per Page Than Expected. Previously, when you
performed a query, the GUI sometimes displayed fewer results per page than expected. For example,
if you selected to view 50 items of your query results per page, the GUI may have displayed only
20 per page, even though the page may have said “Displaying 1-50 of 120 items.”
performed a query, the GUI sometimes displayed fewer results per page than expected. For example,
if you selected to view 50 items of your query results per page, the GUI may have displayed only
20 per page, even though the page may have said “Displaying 1-50 of 120 items.”