Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved issues

The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support.

Profiles

Bug ID

Description

569960 DLP with profanity setting does not work.
557805 Regular expressions in DLP rules and content monitor do not match contents in HTML links.
567801 For URI protection scan, FortiMail and FortiSandbox Cloud have communication issues.
568910 BCC action in the content profile does not work if DSN email generation is disabled.
567511 Rewrite From in the session profile does not work if Header From is missing.
563130 In some cases, header manipulation may not work properly.
569416 Impersonation Analysis should not be bypassed for ACL rule match.

568281

Impersonation Analysis is bypassed when an email message contains multiple recipients.

573097

When using a customized file filter in a content profile, the .pub files are caught by the MS PowerPoint filter, instead of the MS Publisher filter.

544827

In some cases, low-risk URIs are not replaced as configured.

546154

Too many log messages are generated when encoding fails.

551451

Under Security > Quarantine > System Quarantine Setting, the account name field should only allow to enter the local part of an email address, not the entire email address.

549961

Not DKIM signature is generated when Mail From is empty but the Header From is not.

549420

False positive in DLP sensitive data scan.

543019

URI click protection removes Japanese characters.

547671

Dictionary profiles cannot detect and block banned words in Office 365 Word files.

545276

Phishing URIs in large PDF attachments cannot be detected.

545921

DKIM does not work properly when the email has multiple recipients.

568652 In some cases, FortiMail sends wrong URLs to FortiGuard Web Filter scan.

Mail receival and delivery

Bug ID

Description

553478 In some cases, received email is not delivered.
556364 Recipient Address Verification does not work when the internal mail server responds to SMTP connections with warning messages.
565422 SMTP connections timeout on incoming mail. FortiMail should send EOM responses after receiving all data.
530592 When both URI Click Protection and MS Office/PDF CDR are enabled, there will be milter exception error.
542901 When a large number of IBE users try to access their encrypted email simutaniously, some users may experience problems to register and access their email.

System

Bug ID

Description

561924 Nested LDAP groups deeper than two levels cannot be found.
572514 Error message when resetting an IBE user.
565860 After system reboot, IP pools fail to answer SMTP connections.
498174 LDAP alias expansion should not be case sensitive.

551045

In some cases, mailfiltered may cause high CPU usage on HA pairs.

514185

Under certain conditions, Cyrillic alphabets from some domains show incorrect encoding.

558429

Config-only HA members should not have the same entity IDs.

554636

FortiMail can be accessed from any IP address even if the IP address is different from the trusted host.

574342

After upgrading to 6.0.6 release, LDAP groups with access control policies stop working.

572983

The SNMPv3 EngineBoots parameter does not increment after system reboot.

542637

Fortinet VM appliance anti-exploit enhancement.

551408

Wrong certificate chain is supplied when the default certificate is chained and the IP pool is used.

552607

Real-only administrators cannot change their own passwords.

544856

Smtpqd memory leak.

531263

FortiMail cannot be added to the Fortinet Security Fabric anymore due to Fabric API changes.

495407 FortiMail to FortiGuard XOR encryption enhancement.

Admin GUI and webmail

Bug ID

Description

563496 Multiple attachments cannot be uploaded and sent properly in webmail.
565536 Under Security > Quarantine > Quarantine Report > Web release host name/IP, a port number cannot be added.
556550 Some columns of the policy table are not displayed properly.
560618 The system quarantine folder cannot be opened when the folder name contains Japanese characters.
564553 In some cases, the FotiSandbox statistics are not displayed properly under FortiView > Threat Statistics > FortiSandbox Statistics.
554898 Expired administrators are still displayed in the current administrator list if the administrators closed the browser without logging out from the admin GUI.
552338 The warning sign in the content disarm and reconstruction message cannot be displayed properly in Internet Explorer.
546543 The printer page opens automatically while trying to view the system quarantine page.

Log and report

Bug ID

Description

542735 Cached logs are not sent to remote log server FortiAnalyzer after FortiMail loses connection to FortiAnalyzer for a few hours.
292784 Synchronize new log fields to FortiAnalyzer.

Common vulnerabilites and exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

Description

565946

FortiMail 6.2.0 is no longer vulnerable to the following CVE-Reference:

  • CVE-2019-11478
  • CVE-2019-11479
565904

FortiMail 6.2.0 is no longer vulnerable to the following CVE-Reference:

  • CVE-2019-11477

568641

FortiMail 6.2.0 is no longer vulnerable to the following CVE-Reference:

  • CVE-2019-0217

569759

FortiMail 6.2.0 is no longer vulnerable to the following CVE-Reference:

  • CVE-2019-12900

Resolved issues

The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support.

Profiles

Bug ID

Description

569960 DLP with profanity setting does not work.
557805 Regular expressions in DLP rules and content monitor do not match contents in HTML links.
567801 For URI protection scan, FortiMail and FortiSandbox Cloud have communication issues.
568910 BCC action in the content profile does not work if DSN email generation is disabled.
567511 Rewrite From in the session profile does not work if Header From is missing.
563130 In some cases, header manipulation may not work properly.
569416 Impersonation Analysis should not be bypassed for ACL rule match.

568281

Impersonation Analysis is bypassed when an email message contains multiple recipients.

573097

When using a customized file filter in a content profile, the .pub files are caught by the MS PowerPoint filter, instead of the MS Publisher filter.

544827

In some cases, low-risk URIs are not replaced as configured.

546154

Too many log messages are generated when encoding fails.

551451

Under Security > Quarantine > System Quarantine Setting, the account name field should only allow to enter the local part of an email address, not the entire email address.

549961

Not DKIM signature is generated when Mail From is empty but the Header From is not.

549420

False positive in DLP sensitive data scan.

543019

URI click protection removes Japanese characters.

547671

Dictionary profiles cannot detect and block banned words in Office 365 Word files.

545276

Phishing URIs in large PDF attachments cannot be detected.

545921

DKIM does not work properly when the email has multiple recipients.

568652 In some cases, FortiMail sends wrong URLs to FortiGuard Web Filter scan.

Mail receival and delivery

Bug ID

Description

553478 In some cases, received email is not delivered.
556364 Recipient Address Verification does not work when the internal mail server responds to SMTP connections with warning messages.
565422 SMTP connections timeout on incoming mail. FortiMail should send EOM responses after receiving all data.
530592 When both URI Click Protection and MS Office/PDF CDR are enabled, there will be milter exception error.
542901 When a large number of IBE users try to access their encrypted email simutaniously, some users may experience problems to register and access their email.

System

Bug ID

Description

561924 Nested LDAP groups deeper than two levels cannot be found.
572514 Error message when resetting an IBE user.
565860 After system reboot, IP pools fail to answer SMTP connections.
498174 LDAP alias expansion should not be case sensitive.

551045

In some cases, mailfiltered may cause high CPU usage on HA pairs.

514185

Under certain conditions, Cyrillic alphabets from some domains show incorrect encoding.

558429

Config-only HA members should not have the same entity IDs.

554636

FortiMail can be accessed from any IP address even if the IP address is different from the trusted host.

574342

After upgrading to 6.0.6 release, LDAP groups with access control policies stop working.

572983

The SNMPv3 EngineBoots parameter does not increment after system reboot.

542637

Fortinet VM appliance anti-exploit enhancement.

551408

Wrong certificate chain is supplied when the default certificate is chained and the IP pool is used.

552607

Real-only administrators cannot change their own passwords.

544856

Smtpqd memory leak.

531263

FortiMail cannot be added to the Fortinet Security Fabric anymore due to Fabric API changes.

495407 FortiMail to FortiGuard XOR encryption enhancement.

Admin GUI and webmail

Bug ID

Description

563496 Multiple attachments cannot be uploaded and sent properly in webmail.
565536 Under Security > Quarantine > Quarantine Report > Web release host name/IP, a port number cannot be added.
556550 Some columns of the policy table are not displayed properly.
560618 The system quarantine folder cannot be opened when the folder name contains Japanese characters.
564553 In some cases, the FotiSandbox statistics are not displayed properly under FortiView > Threat Statistics > FortiSandbox Statistics.
554898 Expired administrators are still displayed in the current administrator list if the administrators closed the browser without logging out from the admin GUI.
552338 The warning sign in the content disarm and reconstruction message cannot be displayed properly in Internet Explorer.
546543 The printer page opens automatically while trying to view the system quarantine page.

Log and report

Bug ID

Description

542735 Cached logs are not sent to remote log server FortiAnalyzer after FortiMail loses connection to FortiAnalyzer for a few hours.
292784 Synchronize new log fields to FortiAnalyzer.

Common vulnerabilites and exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

Description

565946

FortiMail 6.2.0 is no longer vulnerable to the following CVE-Reference:

  • CVE-2019-11478
  • CVE-2019-11479
565904

FortiMail 6.2.0 is no longer vulnerable to the following CVE-Reference:

  • CVE-2019-11477

568641

FortiMail 6.2.0 is no longer vulnerable to the following CVE-Reference:

  • CVE-2019-0217

569759

FortiMail 6.2.0 is no longer vulnerable to the following CVE-Reference:

  • CVE-2019-12900