Gateway Release: 22.06¶
22.06-08 - November 8, 2022¶
- Enhancement: Enhances the TLS_ERROR messaging to be clear and actionable
- Fix: Fixes an issue with IDS/IPS where traffic containing a CSV/Formula injection is not being detected
- Fix: Fixes stability issues with the Gateway under various traffic and configuration scenarios
- Fix: Fixes an issue where URL Filtering Rules might produce incorrect URL matching
- Fix: Fixes an issue where AV was not detecting HTML-based malware present in an unencrypted HTTP session
- Fix: Fixes an issue where an AV detection was denying traffic properly, but was not reporting an action of Deny in the traffic summary
- Fix: Fixes a stability issue specific to Azure Egress / East-West Gateways
- Fix: Fixes an issue where traffic without an SNI match is processed by the Rule and allowed rather than Denied
- Fix: Fixes an issue where backend TLS_LOG events where showing a reversed source and destination IP/Port information
- Fix: Fixes an issue where return path UDP traffic that was processed by a SNAT rule would not be handled properly by the Gateway
- Fix: Fixes the FQDN and URL Filtering messages when traffic is processed by the default ANY rule
- Fix: Fixes a stability issue with very large FQDN Filtering Profiles that would cause a datapath restart
- Fix: Fixes an issue in a URL Filtering Profile where a top-level domain containing an end "/" does not match a configuration where the RegEx ends in "/.*"
- Fix: Fixes and issue where the forward proxy could open an upstream connection using an incorrect destination port
- Fix: Fixes an issue where the FQDN was not being populated in the WAF Security Event
- Fix: Fixes a stability issue in an ICMP rule that would cause a datapath restart
22.06-07 - September 3, 2022¶
- Fix: Updated Mellanox DPDK driver to address vulnerability related to CVE-2022-28199
22.06-06 - August 25, 2022¶
- Fix: Removes any references to samba-common-libs in the Gateway image that could trigger a vulnerability false alarm
- Fix: Fixes a stability issue in related to small form factor instance type in Azure
- Fix: Fixes an issue with Forward Proxy to ensure the backend connection remains active when the response is delayed by more than 10 seconds. The response delay timeout for the proxy has been increased to 30 seconds.
- Fix: Fixes an issue where packets received by the Gateway with checksum errors would cause traffic processing issues
22.06-04 - July 25, 2022¶
- Fix: Fixes an issue where packets received by the Gateway with checksum errors would cause traffic processing issues
- Fix: Fixes an issue where no System Log message were being recorded for Gateway auto-scale in events
22.06-03 - July 20, 2022¶
- Fix: Fixes an issue where a Gateway deployment would not become ACTIVE when deployed in an orchestrated NAT Gateway-enabled AWS Service VPC
22.06-02 - July 14, 2022¶
- Fix: Fixes an issue with TLS 1.3 traffic where an incorrect certificate was presented to the client
- Fix: Fixes a stability issue related to TLS 1.3 traffic that would cause Gateway auto-scaling
22.06-01 - July 6, 2022¶
- Enhancement: Adds support for sending a TCP Reset for a Forwarding rule when Rule Action is Deny or FQDN Filtering action is Deny
- Enhancement: Removes the HTTP Server Response Header sent by the Ingress Gateway. The header is sent, but as an empty field.
-
Enhancement: Adds support for TLS 1.3
-
Fix: Optimizes the performance of FQDN to ensure no performance reduction when enabling FQDN Filtering profiles
- Fix: Fixes an issue where a TLS proxy listener was not mapping traffic to the correct backend target
- Fix: Fixes an issue where a TCP proxy and TLS proxy could be configured for the same listener port
- Fix: Fixes a stability issue when attaching an FQDN Filtering Profile configured with 32 rows and more than 8 FQDNs per row
- Fix: Fixes an issue when a Service Object name change pushed to the Gateway would result in the Policy Status as always Updating
- Fix: Fixes an issue where a Gateway instance would not become active when deployed with a large number of Policy Rules configured