Cisco Cisco Email Security Appliance C370D
What’s New in Cisco IronPort AsyncOS 7.3.1 for Email
6
Release Notes for Cisco IronPort AsyncOS 7.3.1 for Email
OL-23626-02
74268
Fixed: Use of persistent cookies by the web interface creates a security
vulnerability
vulnerability
Persistent cookies stored on the user’s hard disk included a session identifier and
whether or not the user was logged in. The Email Security appliance web user
interface now uses temporary (session) cookies for this information, which do not
present the same risk.
whether or not the user was logged in. The Email Security appliance web user
interface now uses temporary (session) cookies for this information, which do not
present the same risk.
70598
Fixed: Message Filter Does Not Modify Some Headers Properly
Fixed an issue where a message filter designed to modify message headers did not
modify structured message headers such as To: and From: correctly. Mail user agents
like Outlook, Thunderbird, Gmail, and Yahoo Mail could not decode these headers.
This issue has been resolved.
modify structured message headers such as To: and From: correctly. Mail user agents
like Outlook, Thunderbird, Gmail, and Yahoo Mail could not decode these headers.
This issue has been resolved.
51946
Fixed: LDAP Masquerade Query Cannot Process To: Headers that Do Not
Conform to RFC 2047
Conform to RFC 2047
Previously, an LDAP masquerade query would not be able to process a message with
a non-English “To:” header where the email address is also encoded and does not
conform to RFC 2047. The message would get stuck in the queue. This issue has been
resolved. Now, the appliance decodes and re-encodes a non-compliant To: header and
performs the correct LDAP masquerade query.
a non-English “To:” header where the email address is also encoded and does not
conform to RFC 2047. The message would get stuck in the queue. This issue has been
resolved. Now, the appliance decodes and re-encodes a non-compliant To: header and
performs the correct LDAP masquerade query.
45990
Fixed: PDF with no document open password triggers attachment-protected rule
in message filter
in message filter
If a message filter was set up to catch messages with attachments that require a
password in order to open them, messages with PDF attachments that did not include
password protection, but may have included other restrictions, were caught by the
filter. This no longer occurs.
password in order to open them, messages with PDF attachments that did not include
password protection, but may have included other restrictions, were caught by the
filter. This no longer occurs.
81754
Fixed: TLS Traffic Causing Email Processing to Restart or Become Unresponsive
The DigiNotar blacklist solution added in the previous 7.5.1 hot patch contained a
defect that resulted in the email process restarting or becoming unresponsive due to
certain types of TLS traffic. This issue has been resolved and the email process errors
no longer occurs.
defect that resulted in the email process restarting or becoming unresponsive due to
certain types of TLS traffic. This issue has been resolved and the email process errors
no longer occurs.
Table 1
Fixed Issues in Version 7.3.1 (continued)
Defect ID
Description