Resolved Issues
The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support.
AntiSpam/AntiVirus
Bug ID |
Description |
---|---|
987126 |
Click protection with FortiIsolator occurred when its URL rating category was configured, even though CDR was not enabled in the content profile. |
984945 |
In some case, legitimate JPG files are blocked by the content filter. |
978390 |
Large QR codes cannot be detected. |
974770 |
QR code with inverted colors cannot be detected. |
966866 |
QR code scan does not detect images with transparent backgrounds. |
973157 |
The specified recipient in the on-demand scan rule for Microsoft 365 is ignored. |
955513 |
Enabling "Detect embedded components" in the content profile may cause system to not work properly. |
985249 |
Fail to submit the email to FortiSandbox when the attachment ends with "." (such as "test.htm."). |
977414 |
In some cases, outbound email is rejected with error "timeout before data read, where=eom". |
993514 |
Large dictionary with wildcards may cause high CPU usage and email rejection. |
993340 |
In some cases, the SPF records cannot be resolved properly. |
995247 |
Email classified as a "Sender Alignment" is not archived in the "Bulk" but in the "Inbox". |
Mail Delivery
Bug ID |
Description |
---|---|
982592 |
Message ID is the same for email that is sent to original host and released from system quarantine. |
976027 |
Some email was incorrectly rejected with SMTP code 421 4.7.0 and mail event error message milter_write(mailfilterd). |
959876 |
After upgrading to 7.4.1 from 7.2.2, if the incoming email size is bigger than the maximum size to scan defined in the antispam profile, the email will be rejected. |
System
Bug ID |
Description |
---|---|
984713 |
4096-bit DKIM key import is not supported. |
988353 |
SAML attribute to identify email address does not work. |
955065 |
PKI admin login with non-ASCII characters does not work. |
969925 |
After upgrading to v7.4.1, users cannot log in to FortiMail using RADIUS authentication. |
966146 |
High memory usage when processing certain email. |
963070 |
Domain administrators can change their permissions to other domains. |
964861 |
In active-active HA mode, NFS synchronization after network disconnection overwrites data instead of appending data. |
989046 |
Duplicate email after restoring the mailbox. |
993319 |
In HA mode, the personal quarantine folder is automatically removed after some time on the secondary unit. |
994895 |
In some cases, the quarantined email cannot be released from the History view. |
995799 |
Incorrect replacement message information for email sent in HTML or Rich Text Format. |
992801 |
LDAP synchronization for address book in server mode does not work properly. |
997707 |
When importing contacts from the LDAP server, if a value has "" , the symbol "\\" is added, |
Log and Report
Bug ID |
Description |
---|---|
962023 |
Logs sent via syslog miss the "Disposition" field entry when email is sent to domain quarantine. |
963521 |
Incorrect results for "OR" search criteria in log search tasks. |
992734 |
In some cases, the original file names are not logged when sending attachments to FortiSandbox. |
Admin GUI/Webmail
Bug ID |
Description |
---|---|
960618 |
After upgrading to v7.4.1, the domain MTA status displays incorrectly. |
972443 |
After the user accesses the secure email (IBE) webmail, the error message "Unable to open message. It might have been moved or deleted" displays although the secure email is showing in the inbox. |
962059 |
After upgrading to v7.4.1, email cannot be sent to a contact name containing a comma in webmail. |
973645 |
Webmail logins are redirected when mail migration is configured but "Enable mail migration" is disabled. |
989622 |
Webmail unable to load when SSO is used and the webmail page is closed and then re-opened. |
966184 |
Mail Statistics does not include email messages from associated domains. |
997778 |
"Internal server error" message when creating an event in webmail calendar using a contact group for attendee. |
Common Vulnerabilities and Exposures
FortiMail v7.4.2 is no longer vulnerable to the following CVE/CWE-References.
Visit https://fortiguard.com/psirt for more information.
Bug ID |
Description |
---|---|
988041 |
CWE-345: Insufficient Verification of Data Authenticity |
985989 |
CWE-1395: Dependency on Vulnerable Third-Party Component |
985968 |
CWE-613: Insufficient Session Expiration |
959932 |
CVE-2023-47539: Improper Access Control |