Fortinet publikuje nową wersję oprogramowania z rodziny 6.0, 5.6 oraz 5.4 dla produktu FortiManager. W nowej wersji oprogramowań załatano krytyczną lukę w o której wspominaliśmy tutaj. Nowe wersje pozbawione zostały również innych błędów, o których więcej przeczytacie poniżej oraz w notatkach producenta!
Rozwiązane problemy w FortiManager 6.0.6:
| Bug ID | Description |
|---|---|
| 538934 | When configuration file is large, installing to device may delete configuration on FortiGate. |
| 540657 | There is an ordering issue on admin users where multiple wildcard users are configured on the same server. |
| 558445 | For SD-WAN Interface Member, the Per-Device Mapping option is not available on 6.0.5 GUI. |
| 558482 | User may not be able to create LDAP users on FortiManager 6.0.5. |
| 559521 | The fgdupd daemon may keep crashing. |
| 560332 | Add 'move’ option in CLI to change admin setting order. |
| 561709 | Login may not work for XML API. |
Rozwiązane problemy w FortiManager 5.6.9:
| Bug ID | Description |
|---|---|
| 522713 | ADOM upgrade may stuck at 5%. |
| 523480 | IPS Filter does not include ALL if filtered based on OS. |
| 528931 | FOS-VM may be getting invalid license from FMGR-VM-Meter. |
| 535245 | After upgrade, install may fail due to invalid VDOM snmp-index. |
| 536161 | FortiManager may have multiple fmgd crashes. |
Rozwiązane problemy w FortiManager 5.4.7:
| Bug ID | Description |
|---|---|
| 465962 | The fds-ssl-protocol for fds-setting may not work for TCP port 8890. |
Ponadto we wszystkich wersjach firmware naprawiono poniższą lukę:
| Vulnerability |
|---|
| FortiManager is no longer vulnerable to the issue described in the following link – https://fortiguard.com/psirt/FG-IR-19-144. |
Znane problemy do rozwiązania w 6.0.6:
| Bug ID | Description |
|---|---|
| 540347 | FortiManager has no option available to configure VLAN IDs under VLAN Pooling. |
| 547361 | AP Profile in AP Manager may offer redundant options for specific AP models which can lead to fail installation. |
| 548329 | WiFi Profiles SSID DHCP Server Toolbar is hidden if System Settings is set to None in an Admin Profile. |
| 549001 | Installation error after changing inspection mode from Proxy to Flow. |
| 549113 | In case FortiGate is in NGFW policy-based mode, URL or Application control profiles should not be visible on FortiManager. |
| 549615 | Users should be able to set the login-timestamp from CLI script. |
| 549638 | MAC address Access control list entries under DHCP server are duplicated when editing one of the entries. |
| 549674 | FortiManager is unable to create SD-WAN Template in Central Management Mode if System Settings is set to None in an Admin Profile. |
| 550513 | User cannot change IPSec Phase1 on an existing IPSec Phase2 interface. |
| 551072 | Assignment of object-tag from 5.6 Global ADOM to 6.0 ADOM should not fail. |
| 551077 | FortiManager may not be able to import policies from FortiGate SLBC. |
| 551237 | User without Super User Profile is unable to manage Tags from Tag Management. |
| 551701 | FortiManager is unable to Set OSPF Interface Network Type as P2MP. |
| 552110 | FortiManager cannot show where used for FortiSwitch Security Policy. |
| 552144 | Install copy fails when setting captive portal user group for FortiSwitch’s VLAN. |
| 553270 | Imported SSIDs cannot be selected within AP Profile until the SSIDs have been edited. |
| 553276 | When SSID is in bridge mode, external link to captive portal and CMCC Radius Secret are missing on AP Manager’s SSID page. |
| 553704 | Find Duplicate Objects may get stuck loading. |
| 553860 | FortiManager should have public IP for remote-gw under IPSec Phase1 interface. |
| 553926 | Split-tunneling information may not be retrieved completely for managed AP. |
| 553933 | User should be able to configure split-tunneling related information on AP profile and managed AP pages. |
| 553985 | FortiManager incorrectly sets security-external-web when external authentication is selected. |
| 553991 | When redirect after captive portal is set, verification may fail on security-redirect-url due to missing http:// prefix. |
| 554001 | Configuration may modify FQDN addresses after FortiManager and FortiGate are both upgrade to version 6.0.5. |
| 554092 | FortiManager is unable to use interface member of a zone as Source Interface filter for VIP object. |
| 554154 | FortiManager is unable to select multiple FortiExtender units for upgrade of firmware from Extender tab. |
| 554491 | Device Manager generates incorrect configuration for Filter MAC Addresses on SSID that causes installation to fail. |
| 554500 | Device Manager’s SSID page cannot save links to authentication portal and redirect after captive capital. |
| 554761 | FortiManager is missing to generate software switch related configurations for Quarantine Host for SSID. |
| 554778 | AP Manager may not be able to import AP Profile for FAP-421E/423E/S421E/S423E. |
| 554882 | 7000 series HA members may show up as unregistered after failover. |
| 554901 | EU country ID is available on FortiManager, but the ID is not part of latest geographic database. |
| 554946 | Sub-admin clicks View on where Used may lead to disappearance of dual panel. |
| 555159 | After deleting an SSID from Device Manager, AP Manager still shows the SSID. |
| 555257 | Search box for SSID selection within AP Profile may not work well. |
| 555730 | Install may fail if zone member is used in a Multicast policy. |
| 556192 | Resetting hitcount in ADOM 5.4 fails. |
| 556192 | FortiManager may fail to run execute fips kat all and diagnose system fips kat-error commands. |
| 556368 | FortiManager may show Device objects from another ADOM. |
FortiManager 6.0.6 – notatki producenta
FortiManager 5.6.9 – notatki producenta
FortiManager 5.4.7 – notatki producenta
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie
