8 Replies Latest reply on Mar 28, 2011 4:02 PM by rsteven2

    Firmware 4.0.9 - release notes

      Just noticed that your have released firmware 4.0.9 on the download / registration website.

      Files are dated 2010 / 03 / 14

       

      There are no release notes to explain what is FIXED in this release over 4.0.8

       

      Mark

        • 1. Re: Firmware 4.0.9 - release notes

          sincas wrote:

           

          Just noticed that your have released firmware 4.0.9 on the download / registration website.

          Files are dated 2010 / 03 / 14

           

          There are no release notes to explain what is FIXED in this release over 4.0.8

           

          Mark

           

          Sorry, the IT folks that copy up the files for us missed that somehow.  I had already noticed and have asked for it to be fixed.  In the meantime, here are the release notes for 4.0.9:

           

          15026 The 'Require User Authentication' option now works again when using

                Content Filtering.

           

          15027 The 'Bypass Content Filtering' ACL now works again.

           

          15031 Remove delay in updating firewall rules when using LT2P and Access

                Control.

           

          15032 Fix operation of User ACLs in conjunction with RADIUS authentication.

           

          15053 Always use a random IV when using ciphers in CBC mode.

           

          15057 Fix memory leak in services that perform authentication.

           

          15063 Fix failure to flush large route tables, resulting in stale routes.

           

          Cheers,

          Rick.

          • 2. Re: Firmware 4.0.9 - release notes

            I applied this update to our Snapgear SG 580 and now I have an error connecting to https administration (firefox):

             

            An error occurred during a connection to 192.168.96.1.

             

            SSL peer reports incorrect Message Authentication Code.

             

            (Error code: ssl_error_bad_mac_alert)

            Google Chrome reports the error as:

             

            Error 126 (net::ERR_SSL_BAD_RECORD_MAC_ALERT): Unknown error.

             

            I think this is due to an Apache2 bug with multiple worker processes. (see http://serverfault.com/questions/63167/ssl-error-bad-mac-alert-error-in-firefox ) I tried adding '-x' to the command line for /bin/httpd in /etc/config/inetd.conf but there is something on reboot that resets that file...

             

            Basically I've lost most of the administrative control of this thing and I have no idea how to fix this...

            • 3. Re: Firmware 4.0.9 - release notes

              If there is a way to fix this with a different image (downgrade or fix to 4.0.9), if I knew how to use netflash via terminal connection I might be able to do that (I can ssh in just fine).

              • 4. Re: Firmware 4.0.9 - release notes

                Sorry, Troy.  We just found that issue too.  It only affects some devices so we missed it.  We'll post a fixed release ASAP.  In the meantime, you should be able to work around the problem by modifying your browser settings.  I expect Ross will post some instructions soon.

                 

                Cheers,

                Rick.

                • 5. Re: Firmware 4.0.9 - release notes

                  Browser based

                      * Open "about:config" in your browser

                   

                      * type "ssl" into the filter box

                   

                      * Double click on the following to set them to true (enable them):

                   

                        security.enable_ssl2

                        security.ssl2.rc2_128

                        security.ssl2.rc2_40

                        security.ssl2.rc4_128

                        security.ssl2.rc4_40

                   

                      * Double click on the following to set it to false (not enabled)

                   

                        security.enable_ssl3

                   

                      * You may need to close the browser and restart it to ensure these

                        settings take effect.  Reversing the above setting will restore the

                        browser back to defaults.

                  • 6. Re: Firmware 4.0.9 - release notes

                    You guys retired the update from the website? Its not at http://go.mcafee.com/utm/downloads.cfm

                     

                    Do you have a date when it will be posted?

                    • 7. Re: Firmware 4.0.9 - release notes

                      There should be a new release in a day or two.

                      • 8. Re: Firmware 4.0.9 - release notes

                        4.0.10 is up now.

                         

                        Cheers,

                        Rick.