Fortinet wydał aktualizację oprogramowania dla urządzeń FortiMail o numerze wersji 6.0.14. W aktualizacji naprawiono błędy związane z wielokrotnym wysyłaniem maili do personalnej kwarantanny oraz przy połączeniu wielu domen LDAP, gdy jedna miała problem z połączeniem, reszta domen także nie działała prawidłowo. Naprawiono również problem wydajności procesora i jego zużycia podczas skanowania plików PDF wysłanych jako załącznik. Po więcej ciekawych informacji zachęcamy do przeczytania dalszej części artykułu.
Aktualnie wspierane modele:
- FortiMail 60D
- FortiMail 200D
- FortiMail 200E
- FortiMail 200F
- FortiMail 400E
- FortiMail 400F
- FortiMail 900F
- FortiMail 1000D
- FortiMail 2000E
- FortiMail 3000D
- FortiMail 3000E
- FortiMail 3200E
- FortiMail VM (VMware vSphere Hypervisor ESX/ESXi 5.0 and higher)
- FortiMail VM (Microsoft Hyper-V Server 2008 R2, 2012 and 2012 R2, 2016)
- FortiMail VM (KVM qemu 0.12.1 and higher)
- FortiMail VM (Citrix XenServer v5.6sp2, 6.0 and higher; Open Source XenServer 7.4 and higher)
- FortiMail VM (AWS BYOL and On-Demand)
- FortiMail VM (Azure BYOL and On-Demand)
Rozwiązane problemy:
Antispam/Antivirus
| Bug ID | Description |
|---|---|
| 707494 | In some cases, FortiMail gets no results from FortiSandbox for some email. |
| 740683 | SPF records using macros are not handled properly. |
| 754271 | Outbound email from FortiMail Cloud occasionally fails DKIM check. |
| 756824 | Return code from DNSBL events of spamhaus.org is not handled properly. |
| 758378 | Disclaimer Insertion action is logged but no disclaimer is inserted in the email. |
| 660873 | Too many impersonation analysis false positives under certain conditions. |
| 735742 | DKIM check failure caused by DKIM signature format. |
| 709825 | Fail to detect files with .js extension included in BZIP2 archives. |
Mail delivery
| Bug ID | Description |
|---|---|
| 747525 | Authentication-Results header placement doesn’t follow RFC7601. |
| 752912 | In some cases, a single email may be sent to personal quarantine numerous times. |
System
| Bug ID | Description |
|---|---|
| 757174 | When some LDAP profiles have network connection issues, all LDAP profiles may not work properly. |
| 720374 | When importing users from a .csv file, users cannot log in to their accounts. |
| 755862 | If the mail data is scheduled to be backed up with one copy only, the new backup does not overwrite the old ones. |
| 743949 | When the full config file is backed up via TFTP, the file cannot be decompressed correctly. |
| 712577 | PDF attachment scan may cause High CPU usage. |
| 725014 | Same as above. |
| 681597 | Same as above. |
Log and Report
| Bug ID | Description |
|---|---|
| 733781 | When the relay server is unreachable, the log message „relay=” field displays the domain name, instead of the relay host name or IP address. |
| 718183 | Too many „Cannot resolve remote server” log messages. |
| 755988 | Header From and To fields in history log only support a maximum of 128 characters. |
| 758521 | Missing event log and SNMP trap for RAID events. |
Admin GUI and Webmail
| Bug ID | Description |
|---|---|
| 756496 | SNMP trap and query options are missing from the GUI when adding SNMP communities and users. |
| 724125 | In some cases, mail bodies may not be displayed in system quarantine or webmail. |
Common vulnerabilites and exposures
Visit https://fortiguard.com/psirt for more information.
| Bug ID | Description |
|---|---|
| 690201 | CWE-20: Improper Input Validation |
| 697129 | CWE-287: Improper Authentication |
| 692463 | CWE-89: Improper Neutralization of Special Elements used in an SQL Command (’SQL Injection’) |
Znane problemy:
| Bug ID | Description |
|---|---|
| 307919 | Webmail GUI for IBE users displays a paper clip for all email although the email has no attachments. |
| 381511 | IBE messages are not signed with DKIM although DKIM signing is enabled.
Note: This issue has been fixed in 6.4.0 release. |
| 594547 | Due to more confining security restrictions imposed by the iOS system, email attachments included in IBE PUSH notification messages can no longer be opened properly on iOS devices running version 10 and up. Therefore, users cannot view the encrypted email messages on these iOS devices. Users should download and open the attachments on their PCs as a workaround. |
Notatki producenta: FortiMail 6.0.12
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie
