Fix: Fixes an Ingress Gateway issue related to large-volume bursty TLS traffic where the Gateway could issue an incorrect certificate to the client. This scenario is rare and is a downstream issue that could occur in Gateway releases 22.10-05 and earlier. This fix addresses the downstream issue by ensuring it is never reached and is a safeguard to ensure the issue never occurs.
Fix: Disabled TLS renegotiation to address vulnerability related to CVE-2009-3555
Fix: Fixes an issue where the FQDN Filtering Events would show reversed source/destination IP/Port information
Fix: Fixes an issue with Reverse Proxy to ensure the backend connection remains active when the response is delayed by more than 60 seconds. The response delay timeout for the proxy has been increased to 180 seconds.
Fix: Fixes an issue with Forward Proxy to ensure the backend connection remains active when the response is delayed by more than 60 seconds. The response delay timeout for the proxy has been increased to 180 seconds.
Fix: Fixes an issue where backend flows in an Egress SNAT scenario were not being properly flushed, which could result in eventual traffic processing issues
Fix: Fixes an issue where Traffic Summary Log shows Allow action for an FQDN that is denied by FQDN Filtering Profile
Fix: Corrects a policy change issue where the Anti-Malware security profile was being applied to a small form factor (2-core and 4-core) instance types where Anti-Malware is only available in large form factor (8-core) instance types
Fix: Fixes an issue where an incorrectly configured L7DOS profile applied to a Gateway could result in a restart cycle
Fix: Fixes an issue where a Gateway restart would result in a potential to bypass the URL Filtering Profile
Fix: Fixes an issue with L7DOS Profile where a rate limit and burst size setting of 1 would not block HTTP requests with with method of type POST
Fix: Enhances Gateway stability by fixing various issues for Egress Gateways deployed in all CSPs