Resolved Issues
The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support.
Antispam/Antivirus
Bug ID |
Description |
---|---|
700919 |
Issues when scanning PDF files. |
714175 |
Content profile actions are not applied correctly for Zip archives containing an .exe file and an MS Office macro file. |
707494 |
For some email, FortiMail may get NoResult response from FortiSandbox. |
660873 |
Impersonation Analysis false positives. |
709825 |
Fail to detect files with .js extension included in BZIP2 archives. |
713397 |
DLP attachment metadata detection doesn't work for docx and xlsx files. |
719997 |
MS365 internal email is scanned by the first enabled policy. |
713859 |
Fail to detect macros in Excel legacy format *.xls files. |
702940 |
Regular expressions are not detected in XLS files. |
702148 |
Invalid top-level domain addresses are rejected in relaxed email parsing mode. |
705753 |
Double stamping removal only works on full domains, not on subdomains. |
709083 |
Fail to allow PDF files in some cases. |
712099 |
Password protect ,7z files are incorrectly blocked. |
710968 |
After FortiMail/FortiSandbox processes the email, the email is moved to the user's inbox, instead of the original custom folder. |
System
Bug ID |
Description |
---|---|
679151 |
Gmail using a "+" plus symbol for an alias causes issues with IBE account creation. |
702595 |
CSR download button is grayed out under System > Certificate > Local Certificate. |
716038 |
Expired IBE users are not displayed on the GUI. |
700244 |
For Diffie-Hellman key exchange, FortiMail uses self-generated parameters, which are different from the predefined finite field groups in RFC 7919. |
691596 |
In FIPS-CC mode, importing a certificate via the GUI fails with the message "Unable to get certificate CRL." |
608247 |
LDAP authentication does not work for newly created domains. |
707925 |
RADIUS 2FA users are locked out after the first unsuccessful login attempt. |
699918 |
IBE customized template for 2FA secure token notification is not taking the changes on the "From" field. |
693981 |
Fail to connect to the SMB/CIFS server under Data Loss Prevention > Sensitive Data > FingerPrint Source. |
712577 |
High CPU usage when scanning PDF files. |
705376 |
After upgrading, the customized IBE language is lost. |
692164 |
Possible to create identical greylist exempt entries. |
720374 |
When importing mail users from .csv files, the users cannot log in. |
719654 |
No system event logs for changes (add/delete) in user secondary accounts. |
720910 |
LDAP routing and recipient verification are not working as expected in 6.4.4 release. |
Log and Report
Bug ID |
Description |
---|---|
681775 |
Incorrect email subject encoding modifies the cross search log lines. |
721435 |
Problem with log display and overwriting. |
707915 |
When certain zip files are decrypted, the action is not logged. |
Common vulnerabilites and exposures
Visit https://fortiguard.com/psirt for more information.
Bug ID |
Description |
---|---|
691547 692463 |
CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'). |
697251 |
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'). |
693465 |
CWE-36: Absolute Path Traversal. |
694366 |
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). |
694751 |
CWE-310: Cryptographic Issues. |
695037 694752 |
CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'). |
695039 |
CWE-131: Incorrect Calculation of Buffer Size. |
700994 700991 |
CWE-401: Missing Release of Memory after Effective Lifetime. |
698764 |
CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG). |
696793 |
CWE-325: Missing Cryptographic Step. |