Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved Issues

The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support.

Antispam/Antivirus

Bug ID

Description

700919

Issues when scanning PDF files.

714175

Content profile actions are not applied correctly for Zip archives containing an .exe file and an MS Office macro file.

707494

For some email, FortiMail may get NoResult response from FortiSandbox.

660873

Impersonation Analysis false positives.

709825

Fail to detect files with .js extension included in BZIP2 archives.

713397

DLP attachment metadata detection doesn't work for docx and xlsx files.

719997

MS365 internal email is scanned by the first enabled policy.

713859

Fail to detect macros in Excel legacy format *.xls files.

702940

Regular expressions are not detected in XLS files.

702148

Invalid top-level domain addresses are rejected in relaxed email parsing mode.

705753

Double stamping removal only works on full domains, not on subdomains.

709083

Fail to allow PDF files in some cases.

712099

Password protect ,7z files are incorrectly blocked.

710968

After FortiMail/FortiSandbox processes the email, the email is moved to the user's inbox, instead of the original custom folder.

System

Bug ID

Description

679151

Gmail using a "+" plus symbol for an alias causes issues with IBE account creation.

702595

CSR download button is grayed out under System > Certificate > Local Certificate.

716038

Expired IBE users are not displayed on the GUI.

700244

For Diffie-Hellman key exchange, FortiMail uses self-generated parameters, which are different from the predefined finite field groups in RFC 7919.

691596

In FIPS-CC mode, importing a certificate via the GUI fails with the message "Unable to get certificate CRL."

608247

LDAP authentication does not work for newly created domains.

707925

RADIUS 2FA users are locked out after the first unsuccessful login attempt.

699918

IBE customized template for 2FA secure token notification is not taking the changes on the "From" field.

693981

Fail to connect to the SMB/CIFS server under Data Loss Prevention > Sensitive Data > FingerPrint Source.

712577

High CPU usage when scanning PDF files.

705376

After upgrading, the customized IBE language is lost.

692164

Possible to create identical greylist exempt entries.

720374

When importing mail users from .csv files, the users cannot log in.

719654

No system event logs for changes (add/delete) in user secondary accounts.

720910

LDAP routing and recipient verification are not working as expected in 6.4.4 release.

Log and Report

Bug ID

Description

681775

Incorrect email subject encoding modifies the cross search log lines.

721435

Problem with log display and overwriting.

707915

When certain zip files are decrypted, the action is not logged.

Common vulnerabilites and exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

Description

691547

692463

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection').

697251

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal').

693465

CWE-36: Absolute Path Traversal.

694366

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

694751

CWE-310: Cryptographic Issues.

695037

694752

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow').

695039

CWE-131: Incorrect Calculation of Buffer Size.

700994

700991

CWE-401: Missing Release of Memory after Effective Lifetime.

698764

CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG).

696793

CWE-325: Missing Cryptographic Step.

Resolved Issues

The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support.

Antispam/Antivirus

Bug ID

Description

700919

Issues when scanning PDF files.

714175

Content profile actions are not applied correctly for Zip archives containing an .exe file and an MS Office macro file.

707494

For some email, FortiMail may get NoResult response from FortiSandbox.

660873

Impersonation Analysis false positives.

709825

Fail to detect files with .js extension included in BZIP2 archives.

713397

DLP attachment metadata detection doesn't work for docx and xlsx files.

719997

MS365 internal email is scanned by the first enabled policy.

713859

Fail to detect macros in Excel legacy format *.xls files.

702940

Regular expressions are not detected in XLS files.

702148

Invalid top-level domain addresses are rejected in relaxed email parsing mode.

705753

Double stamping removal only works on full domains, not on subdomains.

709083

Fail to allow PDF files in some cases.

712099

Password protect ,7z files are incorrectly blocked.

710968

After FortiMail/FortiSandbox processes the email, the email is moved to the user's inbox, instead of the original custom folder.

System

Bug ID

Description

679151

Gmail using a "+" plus symbol for an alias causes issues with IBE account creation.

702595

CSR download button is grayed out under System > Certificate > Local Certificate.

716038

Expired IBE users are not displayed on the GUI.

700244

For Diffie-Hellman key exchange, FortiMail uses self-generated parameters, which are different from the predefined finite field groups in RFC 7919.

691596

In FIPS-CC mode, importing a certificate via the GUI fails with the message "Unable to get certificate CRL."

608247

LDAP authentication does not work for newly created domains.

707925

RADIUS 2FA users are locked out after the first unsuccessful login attempt.

699918

IBE customized template for 2FA secure token notification is not taking the changes on the "From" field.

693981

Fail to connect to the SMB/CIFS server under Data Loss Prevention > Sensitive Data > FingerPrint Source.

712577

High CPU usage when scanning PDF files.

705376

After upgrading, the customized IBE language is lost.

692164

Possible to create identical greylist exempt entries.

720374

When importing mail users from .csv files, the users cannot log in.

719654

No system event logs for changes (add/delete) in user secondary accounts.

720910

LDAP routing and recipient verification are not working as expected in 6.4.4 release.

Log and Report

Bug ID

Description

681775

Incorrect email subject encoding modifies the cross search log lines.

721435

Problem with log display and overwriting.

707915

When certain zip files are decrypted, the action is not logged.

Common vulnerabilites and exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

Description

691547

692463

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection').

697251

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal').

693465

CWE-36: Absolute Path Traversal.

694366

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

694751

CWE-310: Cryptographic Issues.

695037

694752

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow').

695039

CWE-131: Incorrect Calculation of Buffer Size.

700994

700991

CWE-401: Missing Release of Memory after Effective Lifetime.

698764

CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG).

696793

CWE-325: Missing Cryptographic Step.