McAfee Gateway Appliance Patch 7.5.3

Similar documents
McAfee epolicy Orchestrator Release Notes

McAfee Firewall Enterprise and 8.3.x

Network Security Platform 8.1

McAfee Network Security Platform 8.1

McAfee epolicy Orchestrator Release Notes

Network Security Platform 8.1

McAfee Data Loss Prevention 9.2.2

McAfee Network Security Platform

McAfee Web Gateway

Network Security Platform 8.1

McAfee Network Security Platform 8.3

========================================================================= Symantec Messaging Gateway (formerly Symantec Brightmail Gateway) version

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3

McAfee Web Gateway

McAfee Firewall Enterprise

McAfee Web Gateway

provides several new features and enhancements, and resolves several issues reported by WatchGuard customers.

McAfee epolicy Orchestrator Update 2

McAfee Data Loss Prevention 9.3.3

McAfee Security for Microsoft Exchange Hotfix Release Notes

Resolution: The DataChannel servlet no longer stops working, regardless of the state of the DataChannel extension.

Network Security Platform 8.1

McAfee Web Gateway Administration

McAfee Firewall Enterprise epolicy Orchestrator Extension

McAfee epolicy Orchestrator 5.x

SonicWALL Security 6.2 Appliance

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

McAfee Network Security Platform 9.1

Endpoint Intelligence Agent 2.2.0

McAfee Network Security Platform 9.1

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3

McAfee Data Loss Prevention Prevent 11.1.x Release Notes

Stonesoft Management Center. Release Notes Revision A

McAfee VirusScan and McAfee epolicy Orchestrator Administration Course

Network Security Platform 8.1

This Readme describes the NetIQ Access Manager 3.1 SP5 release.

Appliance Installation Guide

Fireware-Essentials. Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.

Viewing System Status, page 404. Backing Up and Restoring a Configuration, page 416. Managing Certificates for Authentication, page 418

Firewall Enterprise epolicy Orchestrator

SonicWALL Security Software

NGFW Security Management Center

Network Security Platform 8.1

McAfee Network Security Platform 8.3

Version SurfControl RiskFilter - Administrator's Guide

McAfee Web Gateway

McAfee Network Security Platform 9.1

McAfee Network Security Platform

Network Security Platform 8.1

Barracuda Firewall Release Notes 6.6.X

MOVE AntiVirus page-level reference

Network Security Platform 8.1

Network Security Platform 8.1

AppSense DataNow. Release Notes (Version 4.0) Components in this Release. These release notes include:

Release Notes McAfee Application Control 6.1.0

This document contains important information about the current release. We strongly recommend that you read the entire document.

Comodo Dome Antispam Software Version 6.0

McAfee Web Gateway

McAfee Endpoint Security

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

Improvements implemented in Panda GateDefender Performa HotFix Packs

About Symantec Encryption Management Server

NGFW Security Management Center

User's Guide Applied Functions

Release Notes for Cisco IronPort AsyncOS 7.7 for Security Management

SonicWALL Security 6.0 Software

McAfee Advanced Threat Defense 3.4.4

This release of the product includes these new features that have been added since NGFW 5.5.

McAfee Network Security Platform 8.3

============================================================

McAfee Data Loss Prevention 9.3.1

Dell Storage Compellent Integration Tools for VMware

McAfee Web Gateway

Foundstone 7.0 Patch 6 Release Notes

McAfee Network Security Platform 9.2

NGFW Security Management Center

McAfee Security for Microsoft SharePoint Hotfix

McAfee Web Gateway

Interface Reference. McAfee Application Control Windows Interface Reference Guide. Add Installer page. (McAfee epolicy Orchestrator)

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3

Boot Attestation Service 3.0.0

Release Notes Version 8.1

Support Visit mysupport.mcafee.com to find product documentation, announcements, and support.

========================================================== Release date: December 03, This release was developed and tested with:

Blue Coat ProxySG First Steps Solution for Controlling HTTPS SGOS 6.7

SOURCEFIRE 3D SYSTEM RELEASE NOTES

Network Security Platform 8.1

Stonesoft Management Center. Release Notes Revision C

Comodo Dome Antispam Software Version 6.0

This release of the product includes these new features that have been added since NGFW 5.5.

McAfee Network Security Platform 8.3

Product overview. McAfee Web Protection Hybrid Integration Guide. Overview

Sidewinder. Release Notes 8.3.2P10. Revision A

McAfee Network Security Platform

SOURCEFIRE 3D SYSTEM RELEASE NOTES

Integrate Cisco IronPort Security Appliance (ESA)

McAfee Network Security Platform Administration Course

Transcription:

Release Notes McAfee Email Gateway Appliance Patch 7.5.3 Contents About this release Resolved issues Installation - incremental package Installation - full images Known issues Find product documentation About this release This document contains important information about the current release. We strongly recommend that you read the entire document. Release build - MEG-7.5.3-3016.105 (built: 2014-06-09) Purpose This release adds new features and fixes problems that were reported in previous releases. Rating Vulnerabilities (total: 9, new: 3) Low severity issues (total: 84, new: 73) Recommended McAfee recommends this release for all environments. This update should be applied at the earliest convenience. For more information about ratings, refer to McAfee KnowledgeBase article KB51560. Packaging This release is available in the form of: an incremental update package a set of installable images Resolved issues

Vulnerability Update the Oracle Outside In library used on the appliance to address vulnerability CVE-2013-5879. (Low severity. Reference: KB81219, KB81220.) Updates the BIND package used on the appliance to address vulnerability CVE- 2014-0591. (Low severity. Reference: KB81380.) Updates the gnutls package to address vulnerability CVE-2014-0092. (Low severity. Reference: KB81685.) Resolves various vulnerabilities in the user interface. (Low severity. Reference: KB81872. Supersedes: 7.5h968383.) Updates the OpenSSL package to address vulnerabilities CVE-2013-6449, CVE- 2013-6450, CVE-2013-4353, CVE-2014-0076, CVE-2014-0160, CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470. (Low severity. Reference: KB81651, KB82121. Supersedes: 7.5h960401, 7.5h965187, 7.5h968383.) Updates the user interface configuration loading and saving mechanism to address vulnerabilities CVE-2013-7103 and CVE-2013-7104 by which an authenticated administrator could perform arbitrary actions using crafted HTTP requests. (Low severity. Reference: KB80059. Supersedes: 7.5h938406, 7.5h948770, 7.5h952384, 7.5h960401, 7.5h965187, 7.5h968383.) Updates the reporting system to correctly escape filter fields from the user interface. This addresses a vulnerability, CVE-2013-7092, to SQL injection by an authenticated reporting user via crafted HTTP requests. (Low severity. Reference: KB80061. Supersedes: 7.5h938406, 7.5h948770, 7.5h952384, 7.5h960401, 7.5h965187, 7.5h968383.) Updates the Secure Web Mail interface to address user data disclosure and HTTP header injection vulnerabilities. (Low severity. Reference: KB80076. Supersedes: 7.5h938406, 7.5h948770, 7.5h952384, 7.5h960401, 7.5h965187, 7.5h968383.) Updates the NTP configuration to prevent the appliance being exploited in distributed denial of service attacks using vulnerability CVE-2013-5211. (Low severity. Reference: KB81087. Supersedes: 7.5h938406, 7.5h948770, 7.5h952384, 7.5h960401, 7.5h965187, 7.5h968383.) Operating system Corrects a fault in anti-virus DAT file synchronisation on cluster appliances which sometimes left temporary files in place, progressively filling the disk. (Low severity. Reference: KB81290.) Corrects the synchronization process to ensure certificates removed on the master device are correctly removed on failover and scanning devices. (Low severity. Reference: KB79030.) Updates the Minimum Escalation Report (MER) generation to prevent the temporary session directory created for the MER being deleted, which could cause errors when a MER was being produced from the console command line with a web user interface session active at the same time. (Low severity. Reference: KB79743.) Updates the igb network driver to correct a fault causing it to lock up with a watchdog error. (Low severity. Reference: KB81048.) Adjusts default configuration to improve performance stability on Dell

Email PowerEdge 2950 platforms. (Low severity. Reference: KB81339.) Amends NTP system test so that it does not show misleading error messages when all NTP servers are local. (Low severity. Reference: KB80067.) Addresses a problem with the Intelligent Platform Management Interface (IPMI) on Dell PE1950 hardware which caused intermittent symptoms including slow bootup, failure to display the hardware status, and failure in remote access card configuration. (Low severity. Reference: PD24844. Supersedes: 7.5h965187, 7.5h968383.) Amends the interface with McAfee Quarantine Manager (MQM) so that quarantined email attachments are named correctly. (Low severity. Reference: KB78689.) Correct a fault which, when logical virtual hosting was enabled and configuration was pushed from another appliance, caused the domain given in the SMTP EHLO command to be that of the other appliance rather than the correct virtual domain. (Low severity. Reference: KB79456.) Corrects the handling of email delivery in cases where the policy specifies encrypted delivery with Transport Layer Security (TLS) prioritized over Secure Web Mail (SWM) and there are multiple recipient domains of which some support TLS and some do not. (Low severity. Reference: KB81420.) Corrects the Secure Socket Layer (SSL) negotiation code to prevent proxies failing with segmentation violations on some SSL negotiation errors. (Low severity. Reference: KB79976.) Corrects the signal sent to SMTP processes for gathering debug information during Minimum Escalation Report (MER) generation with the option 'Run network tests' enabled. The signal previously sent would terminate the processes, which would then be restarted by the health monitor. (Low severity. Reference: KB81562.) Corrects the "From" address on notification emails generated by an encryptiononly appliance, so that email originally received with a BATV (Bounce Address Tag Validation) tagged address will show the original address rather than the BATV tagged one, which would not be recognizable to the recipient. (Low severity. Reference: KB79945.) Corrects a problem when domain relay configuration is pushed to the appliance from a McAfee epo server. It was possible for the DNS server on the appliance to not load the zone files corresponding to the domain relays which caused the emails to these domains to be queued with a 442 'Unable to determine IP address for delivery' error. (Low severity. Reference: KB78084.) Corrects the message-id on email sent via the Secure Web Mail client to conform to RFC2822. (Low severity. Reference: KB81152.) Corrects the handling of Secure Web Mail (SWM) templates so that unsupported '$' escape tokens do not cause delivery failure. (Low severity. Reference: KB79206.) Amends the Secure Web Mail purge to correct an encoding error in file paths, and prevent its selection when another instance of purge is already running, either of which could cause occasional failures. (Low severity. Reference: KB79891.)

Increases the default timeout for uploading to McAfee Quarantine Manager (MQM) to allow for large files. (Low severity. Reference: KB81237.) Corrects a segmentation fault in rmdclean when no database connection is available. (Low severity. Reference: KB81461.) Ensures that ws_retryer process doesn't run when McAfee Quarantine Manager (MQM) is not enabled. (Low severity. Reference: KB81680.) Updates the Secure Web Mail service to prevent the possibility of it going offline entirely when restarted at the same time on both master and failover appliances in a cluster. (Low severity. Reference: KB81577.) Improves the appliance memory management to address various issues caused by running out of memory, including poor performance and resource usage alerts. (Low severity. Reference: KB81543.) Amends the user interface certificate validation so that a valid TLS certificate chain will be verified correctly in cases where the CA certificate in the chain is not among the default CA certificates on the appliance. (Low severity. Reference: KB81860.) Updates the Sender Policy Framework (SPF) library to correctly handle several kinds of erroneous SPF records found in the Domain Name System (DNS). (Low severity. Reference: KB81581, KB81686, KB81774, KB81859.) Disables Transport Layer Security (TLS) certificate caching in the SMTP proxy to prevent certificate errors causing connection failures. (Low severity. Reference: KB81297. Supersedes: 7.5h948770, 7.5h952384, 7.5h960401, 7.5h965187, 7.5h968383.) Content scanning The appliance offers content scanning into the text of certain file types by means of a third party plugin. Update this plugin to address false detections when particular emails were scanned. (Low severity. Reference: KB81155.) Amends the credit card numbers dictionary to prevent false detections on emails with certain spreadsheet attachments. (Low severity. Reference: KB81612.) Updates the anti-spam engine replication to failover and scanning appliances to show the correct status on the user interface, which was always shown as failed. (Low severity. Reference: KB81561.) Removes the constraint on character set mapping so it will work with disclaimer text addition and encoding other than 8bit. This resolves issues with garbled multi-byte characters resulting from clients specifying an incorrect character set encoding, which can now be addressed by character set mapping. (Low severity. Reference: KB81791.) The appliance offers content scanning into the text of certain file types by means of a third party plugin. Update this plugin to resolve issues which caused the SMTP proxy to fail with a segmentation violation when particular attachment files were scanned. (Low severity. Reference: KB81508, KB81676, KB81679, KB81683.) The appliance offers content scanning into the text of certain file types by means of a third party plugin. Update this plugin to resolve issues which caused the SMTP proxy to consume system resources to excess when particular

attachment files were scanned. (Low severity. Reference: KB81157, KB81431, KB81666.) Quarantine Replaces the quarantine digest manager module to address excessive time and resource consumption with large user black and white lists. (Low severity. Reference: KB81681.) Ensures that only one instance of quarantine digest manager runs at any given point in time. (Low severity. Reference: KB81682.) User interface The appliance administrator can create additional user interface accounts with custom roles. Amend the replication process so that such added users can login on the failover device of a blade or cluster system. (Low severity. Reference: KB77886.) Correctly identifies the user who has made a change when prompting others logged on to the user interface to reload configuration. (Low severity. Reference: KB78913.) Amends the spam update network to work with a FTP proxy server which does not proxy FTP over HTTP. (Low severity. Reference: KB79166.) Updates the automatic configuration backup to correctly escape special characters in the FTP password, to prevent failures with some passwords. (Low severity. Reference: KB79454.) Corrects the user interface so that creating a user role with no access privileges does not deny all users access to the Quarantine Configuration pages. (Low severity. Reference: KB79838.) When an IP address is assigned to a cluster appliances, if the number of addresses in the subnet is small, the user interface displays a warning that this will limit the number of scanning devices which can be used. This warning will not now be shown for normal appliances as it is not relevant. (Low severity. Reference: KB81226.) Corrects the httpd configuration to properly block other IP addresses when only specified IP addresses are configured to have access. (Low severity. Reference: KB79990.) Amends the user interface to allow access for users whose role name includes non-ascii characters. (Low severity. Reference: KB80100.) Corrects a fault preventing import of the Commtouch Command Anti Virus engine/database from another McAfee Email Gateway appliance. (Low severity. Reference: KB81242.) Extends the configuration push feature to provide the ability to push component updates to machines of the same version. (Low severity. Reference: KB79953.) Amends the process for inserting statistics into the database so that multiple instances will not run, which could consume all available database connections and prevent the user interface dashboard loading. (Low severity. Reference: KB81537.) The appliance allows a secondary Commtouch Command anti-virus engine to be used for scanning. The user interface component management page is now amended to show the update status correctly when this engine is not used and updates for it disabled. (Low severity. Reference: KB81288.)

Amend the user interface so that generating a Minimum Escalation Report (MER) alone does not enable the "Apply Changes" button. (Low severity. Reference: KB81667.) The user interface gives the ability to view conversation logs for emails appearing in message search. This patch corrects a fault which prevented viewing of the logs for some emails which had been refused after inspecting the data. (Low severity. Reference: KB81631.) Amends the user interface so as not to enable the "Apply Changes" button when forwarding quarantined emails with no configuration change. (Low severity. Reference: KB81516.) Corrects a fault in the configuration push mechanism which prevented Secure Web Mail user and system data from being pushed as it should. (Low severity. Reference: KB81453.) Updates the cron service to address a fault which could cause many instances of the same job to be run on transition to daylight saving time, potentially bringing the system down by exhausting resources. (Low severity. Reference: KB81485.) Makes event 210012 (link state change) available for reports. (Low severity. Reference: KB81635.) Amends network driver counter so that proxy mode throughput is measured correctly, rather than being always zero. (Low severity. Reference: KB81523.) Amends the user interface so that when the TLS domains are spread over multiple pages they can still be re-ordered as required. (Low severity. Reference: KB81843.) Corrects the rejected recipient email count on the dashboard, which was wrongly including emails for recipients not on the permitted recipient list but accepted by LDAP checking. (Low severity. Reference: KB81821. Supersedes: 7.5h965187, 7.5h968383.) Configuration Corrects the epo merge process which corrupted the user black and while list file causing synchronization of the list from McAfee Quarantine Manager (MQM) to fail. (Low severity. Reference: KB81064.) Amends the SMTP proxy so that it logs an error rather than failing to deliver when configured to send audit copies of emails to an address which is not RFC compliant. (Low severity. Reference: KB81678.) Correct an error in the user interface so that users can add email/network groups after clicking on the "Add user group" or "Add network group" link when adding email policies. (Low severity. Reference: KB81229.) Provides for epo distribution of updates, such as anti-virus and anti-spam data, to managed appliances which do not have sufficient network access to retrieve updates themselves in the usual way. (Low severity. Reference: KB81296.) Updates epo configuration conversion to allow editing in epo of protocol presets which point to a network group. (Low severity. Reference: KB79962.) Resolves problems in hotfix 7.5h938406 with editing TLS lists in the user interface. (Low severity. Reference: KB81406, KB81424. Supersedes: 7.5h952384,

7.5h960401, 7.5h965187, 7.5h968383.) Reporting Updates the events system to prevent the unscheduled sending of aggregated events which was sometimes caused by significant configuration changes. (Low severity. Reference: KB78094.) Corrects the parsing of realtime counters which were being shown as always 0 in scheduled reports. (Low severity. Reference: KB77622.) Corrects the recording of CM scan events in the database so that the reason will appear in email reports. (Low severity. Reference: KB77823.) Amends scheduled report generation to show the correct information on quarantine queues when MQM is disabled. (Low severity. Reference: KB78586.) Updates the counting of quarantined items for the dashboard so that the count remains accurate during periods of high traffic. (Low severity. Reference: KB78245.) Updates the SNMP trap to make the object order match that in the MIB. (Low severity. Reference: KB79196.) Amends the health monitor not to generate alerts on restart when a monitored subsystem status changes to available from its initial, unknown, state. (Low severity. Reference: KB81745, KB81822.) Corrects CSV (comma separated values) file export to prevent corruption of multi-line fields. (Low severity. Reference: KB81839.) Updates the SMTP proxy URL reputation detection to prevent cases where the 'Too many URLs found in the message' alert was produced incorrectly. (Low severity. Reference: KB80080.) Amends the aggregated email notification generation to show the correct count of SMTP messages received, rather than always zero. (Low severity. Reference: KB81705.) Corrects the Commtouch Command Anti Virus update so that it does not include any proxy server password in log messages. (Low severity. Reference: KB81684.) Amends the Uninterruptible Power Supply (UPS) monitoring system to ensure that alert emails are sent properly for UPS events. (Low severity. Reference: KB81249.) Corrects timezone offset handling in email reports filtered using Period: Hour to address cases where the Total View tab showed 0 when the Detail and Itemized view tabs showed emails had been processed. (Low severity. Reference: KB81611.) Updates the reporting system to allow correct filtering on user names which include non-ascii characters. (Low severity. Reference: KB79829. Supersedes: 7.5h938406, 7.5h948770, 7.5h952384, 7.5h960401, 7.5h965187, 7.5h968383.) Other issues Corrects an error in Minimum Escalation Report (MER) generation when run from the command line. (Low severity. Reference: KB81558.) Issues resolved in previous releases

For information on issues resolved in earlier releases not included above, consult their release notes: Patch 7.5.1 (see KnowledgeBase article KB78536) Patch 7.5.2 (see KnowledgeBase article KB79289) Installation - incremental package The incremental update package may be installed on a running appliance with the least possible disruption of service. In due course this package, or one superseding it, will be made available for download and install with the appliance auto-update system. For information on using auto-update refer to KnowledgeBase article KB74923. Installation requirements You must have the following McAfee Email Gateway software installed on the appliance you intend to update with this package: Version 7.5 Patch 7.5.1 Patch 7.5.2 Superseded releases The incremental package incorporates and supersedes the following earlier releases: Hotfix 7.5h938406 Hotfix 7.5h948770 Hotfix 7.5h952384 Hotfix 7.5h960401 Hotfix 7.5h965187 Hotfix 7.5h968383 Actions on installation At the end of the installation process the following actions will occur automatically: Task The user interface will log off. The appliance will reboot. To install this package: 1. Create a temporary directory on a computer on your network which can access your McAfee Email Gateway appliance 2. Download the MEG-7.5.3-3016.105.zip file, and save it to the temporary directory. 3. Open your internet browser, and log on to the McAfee Email Gateway appliance. If installing on a Content Security Blade Server, go first to the Failover Management blade to do the following steps, then repeat them on the

Management blade (the content scanning blades will be updated automatically). If installing on an appliance cluster the steps must be done on all the appliances in the cluster, starting with the Failover Management appliance, then the Management appliance, then the remainder. If installing on an appliance managed by epolicy Orchestrator, follow the procedure in KnowledgeBase article KB79376. 4. On the navigation bar, select System Component Management Package Installer. 5. Under Manual Package Install, click Update from file. 6. In the Import package window, click Browse, find the location of the file "MEG-7.5.3-3016.105.zip", click Open, and then click OK. A window displays the package description. 7. Click OK to install the package. Upon completion of the installation the actions noted above will be performed automatically. 8. Clear the browser cache. 9. Log on to the McAfee Email Gateway appliance, then click About the appliance to check that "7.5.3-3016.105" is displayed. Installation - full images Installable images are available for the various types of appliance. For information on installing these images refer to KnowledgeBase article KB71956. When using this method to upgrade an existing appliance, there may be an option to install software while retaining the existing operational data (option "c", "d", or "e" on the install menu). This option is available where one of the following compatible versions is already installed: This release or any superseded releases, but not any later release other than hotfixes Version 7.0 with 7.0.2 or later releases Superseded releases The installable images incorporate and supersede the following earlier releases: Version 7.5 Patch 7.5.1 Hotfix 7.5h913625 Hotfix 7.5h917231 Hotfix 7.5h928497 Patch 7.5.2 Hotfix 7.5h938406 Hotfix 7.5h948770 Hotfix 7.5h952384 Hotfix 7.5h960401 Hotfix 7.5h965187

Hotfix 7.5h968383 Known issues For a list of known issues in this release, refer to McAfee KnowledgeBase article KB79724. Find product documentation McAfee provides the imformation you need during each phase of product implementation, from installation to daily use and troubleshooting. After a product is released, information about the product is entered into the McAfee online KnowledgeBase. Task 1. go to the McAfee Technical Support ServicePortal at https://mysupport.mcafee.com. 2. Under Self Service, access the type of information you need: To Access... Do this... User documentation KnowledgeBase 1. Click Product Documentation 2. Select a product, then select a version 3. Select a product document Click Search the KnowledgeBase for answers to your product questions. Click Browse the KnowledgeBase for articles listed by procuct and version. Copyright 2014 McAfee, Inc. Do not copy without permission. McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other names and brands may be claimed as the property of others.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback