Fortinet opublikował aktualizację dla produktu FortiMail. W wersji 6.0.6 wyeliminowano podatność jądra systemu operacyjnego, która umożliwiała atak DoS. Oprócz tego producent standardowo eliminuje wykryte przez administratorów błędy. Zachęcamy do aktualizacji oprogramowania!
Rozwiązane problemy:
Antispam/Antivirus/Content/Session
| Bug ID | Description |
|---|---|
| 569960 | DLP with profanity setting does not work. |
| 557805 | Regular expressions in DLP rules and content monitor do not match contents in HTML links. |
| 567801 | For URI protection scan, FortiMail and FortiSandbox Cloud have communication issues. |
| 568910 | BCC action in the content profile does not work if DSN email generation is disabled. |
| 567511 | Rewrite From in the session profile does not work if Header From is missing. |
| 563130 | In some cases, header manipulation may not work properly. |
| 569416 | Impersonation Analysis should not be bypassed for ACL rule match. |
| 568281 | Impersonation Analysis is bypassed when an email message contains multiple recipients. |
| 573097 | When using a customized file filter in a content profile, the .pub files are caught by the MS PowerPoint filter, instead of the MS Publisher filter. |
Mail Receiving/Delivery
| Bug ID | Description |
|---|---|
| 553478 | In some cases, received email is not delivered. |
| 556364 | Recipient Address Verification does not work when the internal mail server responds to SMTP connections with warning messages. |
| 565422 | SMTP connections timeout on incoming mail. FortiMail should send EOM responses after receiving all data. |
| 530592 | When both URI Click Protection and MS Office/PDF CDR are enabled, there will be milter exception error. |
System
| Bug ID | Description |
|---|---|
| 561924 | Nested LDAP groups deeper than two levels cannot be found. |
| 572514 | Error message when resetting an IBE user. |
| 565860 | After system reboot, IP pools fail to answer SMTP connections. |
| 498174 | LDAP alias expansion should not be case sensitive. |
| 551045 | In some cases, mailfiltered may cause high CPU usage on HA pairs. |
| 514185 | Under certain conditions, Cyrillic alphabets from some domains show incorrect encoding. |
| 558429 | Config-only HA members should not have the same entity IDs. |
| 554636 | FortiMail can be accessed from any IP address even if the IP address is different from the trusted host. |
Admin GUI/Webmail
| Bug ID | Description |
|---|---|
| 563496 | Multiple attachments cannot be uploaded and sent properly in webmail. |
| 565536 | Under Security > Quarantine > Quarantine Report > Web release host name/IP, a port number cannot be added. |
| 556550 | Some columns of the policy table are not displayed properly. |
| 560618 | The system quarantine folder cannot be opened when the folder name contains Japanese characters. |
| 564553 | In some cases, the FotiSandbox statistics are not displayed properly under FortiView > Threat Statistics > FortiSandbox Statistics. |
| 554898 | Expired administrators are still displayed in the current administrator list if the administrators closed the browser without logging out from the admin GUI. |
Common Vulnerabilities and Exposures
| Bug ID | Description |
|---|---|
| 565946 | FortiMail 6.0.6 is no longer vulnerable to the following CVE-Reference: CVE-2019-11478 CVE-2019-11479 |
| 565904 | FortiMail 6.0.6 is no longer vulnerable to the following CVE-Reference: CVE-2019-11477 |
| 568641 | FortiMail 6.0.6 is no longer vulnerable to the following CVE-Reference: CVE-2019-0217 |
| 569759 | FortiMail 6.0.6 is no longer vulnerable to the following CVE-Reference: CVE-2019-12900 |
Znane problemy do rozwiązania:
| Bug ID | Description |
|---|---|
| 307919 | Webmail GUI for IBE users displays a paper clip for all email although the email has no attachments. |
| 381511 | IBE messages are not signed with DKIM although DKIM signing is enabled. |
Zachęcamy do lektury notatek wydanych przez producenta: Release Notes – FortiMail 6.0.6
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie