Tag: astaro security gateway

[Middle] Up2Date 6.103

Urgency: Middle (low, Middle, HIGH) Size: 54 Mbyte (54,573,817 bytes) md5sum: 02bdd2e937f19feafc51c1eadf2e1a4c Up2Date 6.103 Remarks Required previous version is 6.102 Existing configuration will not be changed !! Firewall will reboot after Up2Date !! New/Changed/Improved Added configurable whitelist to HTTP Proxy Added support for Intel ICH7R chipset Improved IPsec performance on SMP machines Bugfix (please refer to the LIST OF KNOWN ISSUES on http://www.astaro.com/kb ) ID2546 PSK-based roadwarrior or L2TP connections may fail to establish ID3143 Activating compression causes problems on Roadwarrior Connections. ID3218 Windows XP/SP2 L2TP client loops during connection establishment ID3249 File extension blocking is too strict ID3257 DNAT rules with local connections not working ID3276 Daily Spam Digest mails are marked as spam ID3291 Changing setting of Dead Peer Detection seems to have not effect ID3296 Pluto crashes with mismatching phase 2 policy ID3308 Linkbeat checking also down interfaces ID3349 No network group support in IPS advanced section Download Information All Up2Dates are GNUPG-signed! The Astaro Up2Date technology makes it easy to upgrade your installed Astaro Security Linux to the latest version. There are three ways to apply an Up2Date package to the system: Log on to WebAdmin, navigate to “System -> Up2Date Service” and start a “Update now” in “System Up2Date

[Low] Up2Date 5.208

Urgency: low (low, Middle, HIGH) Size: 50 MB (50,102,297 bytes) md5sum: e3a1370fff3e64541522df1e59ee4dcf Up2Date 5.208 Remarks Required previous version is 5.207 Existing configuration will not be changed !! Firewall will reboot after Up2Date !! New/Changed/Improved Added support for Command Center Fixed PPTP vulnerability in kernel (remote DoS) Disabled SSLv2 Cipher Suite for WebAdmin (possible vulnerability) Bugfix (please refer to the known issue list on http://www.astaro.com/kb ) ID2270 Connections lost using passive FTP Download Information All Up2Dates are GNUPG-signed! The Astaro Up2Date technology makes it easy to upgrade your installed Astaro Security Linux to the latest version. There are three ways to apply an Up2Date package to the system: Log on to WebAdmin, navigate to “System -> Up2Date Service” and start a “Update now” in “System Up2Date

[Middle] Up2Date 4.028

Urgency: Middle (low, Middle, HIGH) Size: 7MB (7,555,524 byte) md5sum: d45678cb7429b80952a1c2c374954053 Up2Date 4.028 Remarks Required previous version is 4.027 Existing configuration will not be change !!! ATTENTION – FIREWALL WILL REBOOT AFTER UP2DATE !!! New/Changed/Improved PPTP Remote DoS Vulnerability fixed Bugfixes ID0390 Do not delete last interface ID0604 Delete service groups remain in system ID0554 Wrong keys show up when editing IPsec connections D ownload Information All Up2Dates are GNUPG-signed! The Astaro Up2Date technology makes it easy to upgrade your installed Astaro Security Linux to the latest version.

[Middle] Up2Date 6.004

Urgency: Middle (low, Middle, HIGH) Size: 1 Mbyte (55,068 bytes) md5sum: 6bd8f68480c68e732e44cef401828b6f Up2Date 6.004 Remarks Required previous version is 6.003 Existing configuration will not be changed Middleware will be restarted Active IP and VPN connections will be restarted Depending on the speed of the CPU the Up2Date installation will take a few minutes New/Changed/Improved This Up2Date provides a performance increase for the POP3 Proxy concerning emails of small sizes. Bugfix  (please refer to the List of Known Issues on http://www.astaro.com/kb ) Download Information All Up2Dates are GNUPG-signed! The Astaro Up2Date technology makes it easy to upgrade your installed Astaro Security Linux to the latest version.

[Middle] Up2Date 6.002

Urgency: Middle (low, Middle, HIGH) Size: 29MB (29,724,836 bytes) md5sum: 8a98b4101826fe6281af6faacf069ffe Up2Date 6.002 Remarks Required previous version is 6.001 Existing configuration will not be changed Middleware will be restarted Active IP and VPN connections will be restarted Depending on the speed of the CPU the Up2Date installation will take a few minutes Bugfix (please refer to the LIST OF KNOWN ISSUES on http://www.astaro.com/kb ) ID2090 Windows Update does not work with NTLM authentication ID2802 Some reports stop working after deleting local logfiles ID2849 IPsec policies with DH/PFS group X 4096 don't work ID2870 LDAP authentication does not work in a special case ID2874 Factory Reset may not work correctly on slow machines ID2883 PPP Modem disconnect not properly detected ID2917 Problems using PPPoE interfaces with static gateway IP ID2922 IPS cannot be enabled on some firewalls Fix for the “HTTP CONNECT Unauthorized Access Weakness” reported on Bugtraq Download Information All Up2Dates are GNUPG-signed! The Astaro Up2Date technology makes it easy to upgrade your installed Astaro Security Linux to the latest version. There are three ways to apply an Up2Date package to the system: Log on to WebAdmin, navigate to “System -> Up2Date Service” and start a “Update now” in “System Up2Date

[Low] Up2Date 5.206

Urgency: low (low, Middle, HIGH) Size: 1MB (1,925,280 bytes) md5sum: 2897078819759b96d733b71970e85aeb Up2Date 5.206 Remarks Required previous version is 5.205 Existing configuration will not be changed Middleware will not be restarted Active IP and VPN connections will not be restarted New/Changed/Improved Added the possibility to upgrade from ASL V5 to ASL V6. This feature, however, is only applicable for ASG appliances

[Low] Up2Date 5.205

Urgency: low (low, Middle, HIGH) Size: 14MB ( 14,496,382bytes) md5sum: 86947657f9173994f8d193662779d8db Up2Date 5.205 Remarks Required previous version is 5.204 Existing configuration will not be changed Middleware will be restarted Active IP and VPN connections will be restarted Depending on the speed of the CPU the Up2Date installation will take a few minutes New/Changed/Improved Added the possibility to upgrade from ASL V5 to ASL V6.

[Middle] Up2Date 4.027

Urgency: Middle (low, Middle, HIGH) Size: 6MB (6,538,583 byte) md5sum: e6dc52b3c8269a0abda56fcd591a3d3d Up2Date 4.027 Remarks Required previous version is 4.026 Existing configuration will not be changed !!! ATTENTION – FIREWALL WILL REBOOT AFTER UP2DATE !!! New/Changed/Improved PPP-DoS-Patch (CAN-2005-0384) Download Information All Up2Dates are GNUPG-signed! The Astaro Up2Date technology makes it easy to upgrade your installed Astaro Security Linux to the latest version.

Next ASL V6 BETA ISO

Astaro is pleased to announce the availability of the second Astaro Security Linux V6 BETA and invites you to test it! Please check here the detailed first announcement . New eDirectory Support (completed now, including group and container support, HTTP profile assignments based on eDirectory groups) Fixed Reporting not working completely IPsec encryption/hash algorithms incomplete IPsec Connections – Status viewer PPTP/L2TP Roadwarriors using DHCP Server eDirectory support not yet completed NTLM/LDAP/Radius Authentication for HTTP Proxy ASC Config export Lots of small fixes in WebAdmin and backend (all known issue stuff and a lot more…) Changed Redirect for Allowed Networks in Transparent HTTP Proxy Removed most of the debugging code Policy Routing for local services enabled (needs SNAT) Hardware detection – We are highly interested in your feedback about your used hardware!!! Limitations With the provided ISO image there are maybe some limitations (remember: its a BETA 🙂 Please check the Known Issue List (http://docs.astaro.org) before you test ASL V6 BETA! Astaro does not recommend to use ASL V6 BETA in productive environments but for home use. There is no manual for ASL V6 BETA and the Online Help may still contain some gaps.  It is possible to import configuration backup files from ASL V5.2X and in the end we will support a config import from ASL V6 BETA into the GA version.

Try the ASL V6 BETA!

Astaro is pleased to announce the availability of the Astaro Security Linux V6 BETA and invites you to test it! Highlights of the BETA release Transparent Firewall Mode Packets can traverse the firewall without modifying any of the source or destination information in the IP packet header (acting like a layer 2 switch or bridge). There is no need to reconfigure IP space from currently assigned addresses