Resolved issues
The resolved issues listed below may not list every bug that has been corrected with this release. For inquiries about a particular bug, please visit the Fortinet Support website.
| Bug ID | Description |
|---|---|
| 565706 | Upgrade kernels to address TCP SACK vulnerabilities: CVE-2019-11477, CVE-2019-11478, and CVE-2019-11479. |
| 548689 | FortiAuthenticator should not delete a revoked local service certificate until it has expired. |
| 524382 | Increase the timeout limit for RADIUS requests to 60 seconds. |
| 560427 | If a custom RADIUS dictionary with a duplicated attribute number is uploaded to FortiAuthenticator, the GUI becomes inaccessible. |
| 563148 | Occasionally, FortiToken Mobile push notifications are accepted only after a second approval. |
| 538216 | FortiAuthenticator FSSO service can be unstable due to crashing DC agent daemon. |
| 561938 | For local users, FortiAuthenticator should not allow the use of passwords over 64 characters. |
| 561200 | The IdP metadata file contains an incorrect SP certificate format which causes SAML authentication failure. |
| 560326 | Users who have logged into a computer running Windows 8.1 or Windows 10 using a Microsoft Account continue to have the ability to log in with the account despite enabling the FortiAuthenticator Windows Agent option to disable Microsoft Providers. |
| 563820 | When PCI is enabled, attempting to log into the GUI with a username that does not exist causes FortiAuthenticator to crash. |
| 561934 | In the GUI banner, replace the build label with the FortiAuthenticator model number. |
| 557353 | Occasionally, FortiAuthenticator widgets fail to load. |
| 558329 | On the login page, relocate "Sign in as different user" link beneath the login box. |
Common Vulnerabilities and Exposures
FortiAuthenticator is no longer vulnerable to the following CVE-Reference(s):
- CVE-2019-11477
- CVE-2019-11478
- CVE-2019-11479