Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Built-in IPS engine

Resolved engine issues

Bug ID

Description

539833

Fix invalid memory access crashes in HTTP fake body.

564595

Application firewall not blocking BitTorrent P2P traffic.

595659

Fix session double release issues in session iterations.

624928

Fix a crash in packet cache caused by sending invalid data buffers.

625371

Fix crash on derived packet processing.

637084

Use existing private keys in FortiGate for certificate resigning.

637553

Web filtering produces rating error logs, despite that FortiGuard connectivity appears to be working.

654363

Security policy action is deny in some traffic logs.

654687

ipsengine segfault in NGFW policy mode.

656300, 662785

Clean up the rule reference interface.

658482

Fix double initialization in content decoders.

660489

Web filter URL filter check is skipped in flow mode certificate inspection if SNI is not present in TLS client hello.

662573

Fix NULL pointer dereference crash.

662964

PCAP from IPS not dumped as configured in packet-log-history and packet-log-post-attack settings.

664728

Traffic failing in NGFW policy-based mode when TCP source port range includes a zero value.

668379

DLP triggered by HTTP traffic when only FTP protocol is enabled.

668486

After clearing the server cache, get Connection reset by peer message when visiting a URL in a FortiGuard category set to override.

668891

NGFW policy mode allows all services when ICMP is selected in the security policy.

669138

Fix two SSL crashes.

671873

Fix crash in .ZIP file handling.

Built-in IPS engine

Resolved engine issues

Bug ID

Description

539833

Fix invalid memory access crashes in HTTP fake body.

564595

Application firewall not blocking BitTorrent P2P traffic.

595659

Fix session double release issues in session iterations.

624928

Fix a crash in packet cache caused by sending invalid data buffers.

625371

Fix crash on derived packet processing.

637084

Use existing private keys in FortiGate for certificate resigning.

637553

Web filtering produces rating error logs, despite that FortiGuard connectivity appears to be working.

654363

Security policy action is deny in some traffic logs.

654687

ipsengine segfault in NGFW policy mode.

656300, 662785

Clean up the rule reference interface.

658482

Fix double initialization in content decoders.

660489

Web filter URL filter check is skipped in flow mode certificate inspection if SNI is not present in TLS client hello.

662573

Fix NULL pointer dereference crash.

662964

PCAP from IPS not dumped as configured in packet-log-history and packet-log-post-attack settings.

664728

Traffic failing in NGFW policy-based mode when TCP source port range includes a zero value.

668379

DLP triggered by HTTP traffic when only FTP protocol is enabled.

668486

After clearing the server cache, get Connection reset by peer message when visiting a URL in a FortiGuard category set to override.

668891

NGFW policy mode allows all services when ICMP is selected in the security policy.

669138

Fix two SSL crashes.

671873

Fix crash in .ZIP file handling.