Aktualizacja oprogramowania dla przełączników FortiSwitch o numerze 3.6.8 wydana. W tej aktualizacji nie wprowadzono żadnych nowości, lecz zostało rozwiązanych wiele problemów z oprogramowaniem. Zachęcamy do zapoznania się z listą przedstawioną poniżej oraz do aktualizacji.
Wprowadzone poprawki:
Bug ID Description
436896 The LED status is not correct when the ports are not powered.
475561,500513 A connectivity fault prevents the firmware for a managed FortiSwitch unit from being
upgraded.
485909 During the firmware upgrade for multiple managed FortiSwitch units, some of the switches
flapped, which caused the upgrade to fail.
489064 When connecting two 224D FortiSwitch units together, the SFP ports RX alarm reports a
loss of signal, but traffic is not interrupted.
489769 In a two-tier MCLAG topology, some second tier FortiSwitch MCLAG peer groups have high
levels of STP daemon processing.
493593 When the CLI console session times out, the FortiSwitch unit does not exit the session.
494830 FortiSwitchOS v3.6.8 is no longer vulnerable to the following CVE-Reference:
CVE-2017-6214
495806 The automatic module configuration For the FS-1048D model needs to select the 10000cr
speed for DAC cables.
497248 After enabling mclag-stp-aware, there are “STP state DISCARDING” errors, and some
switches went down.
500424 When adding hosts fails, the egress objects become stale.
501876 When the primary FortiGate unit in a mutichassis LAG (MCLAG) fails, the network traffic
stops, and two of the four ports in the MCLAG are blocked or suspended.
501949 Disabling FortiSwitch Cloud causes the CLI to exit.
502058 The execute router restart command does not delete layer-3 egress objects that
are pointed to by multiple routes.
502079 Running multiple SNMP queries at the same time causes a timeout.
502280 After the FSW-124E-POE is upgraded to 3.6.6, 3.6.7, or 6.0, there is a high-pitched noise
when the switch starts.
Bug ID Description
502742 The output of the get switch modules detail command misidentifies 10G DAC
cables.
503538 Running the execute factoryresetfull command did not remove licenses.
504559 When a valid resistor is detected, a false error is logged.
505291 Segmentation faults occasionally cause the system to crash.
505336 When there is 100% line-rate traffic sent to a FortiSwitch unit, there are continuous PoErelated
messages displayed on the console.
505888 After enabling image rotation (with the set image-rotation enable command) and
running the execute factoryreset command, the FortiSwitch unit does not update
the default configuration file.
505911 IGMP snooping does not work on the FortiSwitch 2xx and 4xx models.
506573 The 448DP and 448DF models are shown as having the same model ID and name.
506604 The FortiSwitch unit forwards VLAN packets instead of blocking them.
507967 After enabling strong-crypto on a FortiSwitch unit in standalone mode, the switch cannot be
accessed by SSH.
509043 When the power consumption is more than 25.5 watts, the get switch poe inline
command returns the wrong value for power consumption.
509141 Relative file paths should not refer to external files.
510885 Error messages refer to initXXXXXXXXXXX instead of the appropriate daemon.
Znane problemy:
Bug ID Description
380239 IGMP-snooped multicast groups are not immediately flushed out of the snooping
table when the querier port is shut down.
391607 Switch does not send gratuitous ARP for IP conflict when the system boots up and
adds a new switch virtual interface (SVI).
414972 IGMP snooping might not work correctly when used with the 802.1x dynamic VLAN
functionality in the 802.1x MAC-based authentication.
416655 When using DHCP, the IPv6 address cannot be configured. Also, the automatic
configuration of the global address does not work.
424432 When MCLAG is enabled In FortiLink mode, IGMP reports are not synchronized if
the igmps-report-flood and igmps-traffic-flood options are disabled
the the FortiLink/ISL/MCLAG trunks.
438441 DHCP snooping and dynamic ARP inspection (DAI) do not work with private VLANs
(PVLANs).
464703, 508490 The PoE_Max LED does not light up when the PoE exceeds its alarm threshold.
509787 FortiSwitch Cloud is disabled when upgrading FortiSwitch firmware.
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie
