Resolved issues
The resolved issues listed below may not list every bug that has been corrected with this release. For inquiries about a particular bug, please visit the Fortinet Support website.
Bug ID | Description |
---|---|
527119 | OCSP shows incorrect certificate status. |
537510 | Increase the VM_Base certificate table size. |
537413 | The DH parameters are not updated when upgrading firmware to version 5.4 or higher. |
528680 | Guest portals created from the migration of the legacy MAC address captive portal do not preserve the disclaimer setting. |
526455 | FortiToken Mobile transfer email message displays an incorrect expiration time. |
526820 | Push notifications aren't sent out to remote users when another user with the same username (but different realm) is present. |
528211 | SYSLOG SSO stops working after upgrade to firmware version 5.5.0. |
529463 | FortiAuthenticator randomly drops all FSSOMA sessions. |
537945 | Support multiple username attributes in FSSO LDAP user lookup when multiple remote LDAP servers in the same domain are configured. |
517959 | Duplicate DCs appear under domain in FSSO if FQDN is configured in LDAP. |
526095 | SAML authentication fails when signing the service provider request with a local certificate. |
506294 | FortiAuthenticator truncates SSO groups in long SAML attributes resulting in log on failures. |
525263 | SAML SP using Azure does not work. |
535754 | Username case sensitivity is removed from RADIUS authentication, but not from FSSO. |
532689 | FortiAuthenticator FSSO usernames containing spaces are ignored in event polling. |
503366 | Monitor SSO Domains shows a domain controller as red on HA Master and green on HA backup. |
520572 | When the pre-login disclaimer is enabled, the FSSO login widget requires two clicks instead of one. |
527359 | Unable to send randomly generated passwords via SMS when admin approval is required. |
532079 | Guest Portal-triggered RADIUS authentication follow-up does not include group-name VSA in Access-Accept on first attempt. |
535038 | Radius group-name attribute is not sent to the FortiGate during initial authentication of social user causing authentication to fail. |
532016 | Unable to import SSO users with a DN longer than 255 characters. |
509121 | FSSO Logged-in users shows "N/A" in the User Inventory widget when there are users logged into the system. |
538546 | Error occurs when switching a local user from Sponsor to Admin. |
534736 | LDAP query fails if the query string contains non-ascii characters. |
534347 | Creating or importing Mac devices with names containing non-ascii characters causes a server crash. |
532894 | Registration is misspelled 'Registeration' on the self-registration page. |
526637 | When changing user type to admin, 'Allow Radius Auth' option should automatically be deselected. |
519150 | Spaces preceding and following the SAML IdP server address and service provider settings fields should automatically be removed. |
512109 | When setting up SAML IdP, selecting a third-party server certificate that is still in a pending state causes a server crash. |
511667 | The Change Password page does not have a Cancel button. |
455084 | The Debug Page for Radius Accounting crashes when displaying logs with non-utf-8 characters. |
515429 | An error can cause loss of access to the FortiAuthenticator GUI. |
516167 | An admin profile with "read-only" permissions for the SSO Monitor can log off authenticated users. |
538016 | Unable to assign a FortiToken to another user if the user has been already deleted on FortiAuthenticator. |
504695 | When exporting a guest user with the Print function, the resulting page includes unnecessary content. |
521547 | Mobile phone numbers with seven or eight digits do not work with SMS Gateway |
540391 | Finding "last backup" date/time can cause delays or failure of the System Information widget. |
534879 | Fix typo in error message when uploading an organization image. |
521183 | Rename Fortinet CAs. |
307386 | FortiAuthenticator version upgrade history should be part of config backup/restore. |
528440 | The FortiAuthenticator GUI crashes after adding a guest portal rule. |
522611 | Rename "Meru" guest portal label to "Social portal pinholes". |
523622 | Coordinated HA upgrade produces two log entries under Upgrade History on the master. |
522057 | Deleting a social user on a LB slave will cause a crash to occur. |
538865 | FortiAuthenticator units fail to form a cluster when configuring HA active-passive mode. |
534338 | Factory reset / data drive formatting is extremely slow in Azure/HV/KVM. |
526507 | Remote user sync rules do not assign FortiToken to imported LDAP users. |
524350 | Tokens are not correctly assigned to local users during import rule execution. |
490281 | Column titled 'Type id' in the GUI logs is titled 'Log id' in the downloaded logs. |
523780 | Include Token Transfer Code in log entry. |
520514 | System reboots and shutdowns, intended or unintended, should be logged. |
494705 | Domain authentication fails for users from trusted domains due to missing domain name in authentication request. |
530590 | "Force password change on next logon" option does not work with FortiGate SSL-VPN if FortiToken Mobile push is used. |
528580 | FortiAuthenticator radiusd is unable to recognize client defined by hostname after DNS change. |
493318 | Remote LDAP users with expired passwords receive incorrect error messages when login fails. |
526616 | Auth REST API endpoint concatenated password+token_code in password field doesn't authenticate users. |
519655 | REST API: localusers endpoint accepts invalid parameters when sent via the PATCH method. |
519652 | Changing the FortiToken Mobile provisioning PIN length via REST API causes a server error. |
400466 | Support signed authentication requests with embedded signature for SAML IdP. |
542547 | SAML IdP user sessions expire earlier than configured session timeout. |
539134 | Typo in default replacement message for SAML Login Message Page. |
513278 | Remote LDAP displayName attribute isn't included in SAML assertion for remote LDAP admin. |
522350 | Miscellaneous performance improvements to SAML authentication. |
531734 | SAML IdP: support special character '&' in SP URLs and multiple ACS URLs. |
535136 | SAML IdP needs to add "SessionIndex" inside "saml:AuthnStatement" on successful logins. |
504081 | SCEP requests from an iPhone fail due to an error "The SCEP server returned an invalid response.". |
526242 | UTF8STRING-encoded challengePassword within CSR sent during SCEP enrollment is not parsed correctly. |
523340 | Sending SMS messages using Twilio fails. |
519994 | When the sysOID is queried, FortiAuthenticator-VM identifies itself as a LINUX Net-SNMP agent system rather than a Fortinet device. |
397184 | Unable to monitor the FSSO user count via SNMP. |
502007 | The RADIUS accounting and CoA does not take effect on FortiAuthenticator. |
464556 | Time-based user expiry configured in usage profile isn't applied to users when they already have an expiry date configured. |
485564 | Fixed vulnerability to "TCP sequence number approximation based denial of service" attack. |
411510 | Fixed vulnerability to "Reverse Tabnabbing" attack. |