Fortinet black logo

GA Release Notes

Home FortiMail 6.2.7 GA Release Notes

Resolved Issues

6.2.7
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.4.12
5.4.11
5.4.10
5.4.9
5.4.8
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
Copy Link
Copy Doc ID 1c67b2ce-bf06-11eb-92d0-00505692583a:66205
Download PDF

Resolved Issues

The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support.

Antispam/Antivirus

Bug ID

Description
700919

Issues when scanning PDF files.

684937

URL click protection does not work properly with links ending with a dot.

707494

For some email, FortiMail may get NoResult response from FortiSandbox.

660873

Impersonation Analysis false positives.

709825

Fail to detect files with .js extension included in BZIP2 archives.

713397

DLP attachment metadata detection doesn't work for docx and xlsx files.

System

Bug ID

Description

679151

Gmail using a "+" plus symbol for an alias causes issues with IBE account creation.

691523

Unexpected quotation marks appear in the block lists when exporting the configuration.

672299

The dnscached process may cache incorrect query results under heavy traffic.

700244

For Diffie-Hellman key exchange, FortiMail uses self-generated parameters, which are different from the predefined finite field groups in RFC 7919.

683893

Oversized meta data is sent to FortiSandbox.

608247

LDAP authentication does not work for newly created domains.

707925

RADIUS 2FA users are locked out after the first unsuccessful login attempt.

688015

Cloning a used mail routing profile, when the max entries are reached, deletes the original profile.

693981

Fail to connect to the SMB/CIFS server under Data Loss Prevention > Sensitive Data > FingerPrint Source.

712577

681597

High CPU usage when scanning PDF files.

705376

After upgrading, the customized IBE language is lost.

692164

Possible to create identical greylist exempt entries.

720374

When importing mail users from .csv files, the users cannot log in.

719654

No system event logs for changes (add/delete) in user secondary accounts.

Log and Report

Bug ID

Description

681775

Incorrect email subject encoding modifies the cross search log lines.

682102

Both accept and system quarantine actions appears in the same log.

718183

Many logs state "Cannot resolve remoter server. Unknown server error".

Common vulnerabilites and exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

Description

691547

690894

692463

692221

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection').

692223

697251

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal').

693465

CWE-36: Absolute Path Traversal.

694366

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

694751

CWE-310: Cryptographic Issues.

695037

694752

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow').

695039

CWE-131: Incorrect Calculation of Buffer Size.

681403

CWE-284: Improper Access Control.

700991

CWE-401: Missing Release of Memory after Effective Lifetime.
Previous
Next

Resolved Issues

The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support.

Antispam/Antivirus

Bug ID

Description
700919

Issues when scanning PDF files.

684937

URL click protection does not work properly with links ending with a dot.

707494

For some email, FortiMail may get NoResult response from FortiSandbox.

660873

Impersonation Analysis false positives.

709825

Fail to detect files with .js extension included in BZIP2 archives.

713397

DLP attachment metadata detection doesn't work for docx and xlsx files.

System

Bug ID

Description

679151

Gmail using a "+" plus symbol for an alias causes issues with IBE account creation.

691523

Unexpected quotation marks appear in the block lists when exporting the configuration.

672299

The dnscached process may cache incorrect query results under heavy traffic.

700244

For Diffie-Hellman key exchange, FortiMail uses self-generated parameters, which are different from the predefined finite field groups in RFC 7919.

683893

Oversized meta data is sent to FortiSandbox.

608247

LDAP authentication does not work for newly created domains.

707925

RADIUS 2FA users are locked out after the first unsuccessful login attempt.

688015

Cloning a used mail routing profile, when the max entries are reached, deletes the original profile.

693981

Fail to connect to the SMB/CIFS server under Data Loss Prevention > Sensitive Data > FingerPrint Source.

712577

681597

High CPU usage when scanning PDF files.

705376

After upgrading, the customized IBE language is lost.

692164

Possible to create identical greylist exempt entries.

720374

When importing mail users from .csv files, the users cannot log in.

719654

No system event logs for changes (add/delete) in user secondary accounts.

Log and Report

Bug ID

Description

681775

Incorrect email subject encoding modifies the cross search log lines.

682102

Both accept and system quarantine actions appears in the same log.

718183

Many logs state "Cannot resolve remoter server. Unknown server error".

Common vulnerabilites and exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

Description

691547

690894

692463

692221

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection').

692223

697251

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal').

693465

CWE-36: Absolute Path Traversal.

694366

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

694751

CWE-310: Cryptographic Issues.

695037

694752

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow').

695039

CWE-131: Incorrect Calculation of Buffer Size.

681403

CWE-284: Improper Access Control.

700991

CWE-401: Missing Release of Memory after Effective Lifetime.
Previous
Next