Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.4.4
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    7.4.4
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.5

    Resolved Issues

    Resolved Issues

    The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support.

    Antispam and Antivirus

    Bug ID

    Description

    1075043

    For the system quarantine, alphabetical sort ordering for the Ukrainian alphabet was not correct for some characters.

    1082373

    With FortiSandbox, high CPU usage and delayed mail could occur with heuristic and QR code scans.

    1082843

    When upgrading the FortiGuard Antivirus database, smtpd may terminate.

    1090327

    A DMARC report is not generated when the domain name for the RUA mailto does not match the sender domain.

    1094034

    In some cases, if the DMARC alignment check fails, then the DMARC check still will not fail.

    1098766

    With FortiSandbox, phishing URLs with specific character combinations are not caught.

    1100041

    In Gmail, quarantine reports could not use the webmail method to release or delete email.

    1100219

    Some URLs in an email may not be submitted to FortiSandbox.

    1104413

    High CPU usage by mailfilterd could occur with some PDF attachments.

    1107735

    Some attachment file names cause email with an empty recipient that cannot be released from the system quarantine.

    1111258

    In DLP rules, a regular expression match all condition does not function correctly if both Body is empty and Subject is empty.

    1111271

    		 Dictionary profile names may remain after restoring an older configuration that does not contain the profiles.

    1119288

    For dictionary scans with regular expressions, valid patterns sometimes did not match UTF-8 encoded subject lines.

    1115693

    When creating a scheduled scan in the Microsoft 365 API view, the advanced condition is ignored.

    1121575

    When a ZIP file is password-encrypted but the content profile does not have the password, sometimes FortiMail does not quarantine the file as expected, but instead submits it to FortiSandbox. This causes an error log on FortiSandbox: WARNING: Wrong password for file submission

    1128095

    When uploading a safe list or block list via the REST API, it could fail with the error message Access Check Failed

    IBE and S/MIME

    Bug ID

    Description

    1086810

    In some cases, the URL for IBE password reset or reactivation incorrectly gives an HTTP 403 Forbidden permissions error.

    1110089

    For email clients that use the RSA-OAEP key exchange algorithm, the recipient is unable to decrypt the email. Antispam logs show the error message DecrypterMediaIn: Decoded Data not valid.

    System

    Bug ID

    Description

    1029391

    Outgoing mail queues sometimes may grow and become slow to deliver, clear, or display on the GUI.

    1069702

    For FortiGate Security Fabric communications, FortiMail broadcasts destination port number 8014 to the wrong IP address.

    1076001

    Some SSH key exchange algorithms should be removed when strong cryptography is enabled.

    1087752

    In active-active mode with HA, SNMP OIDs fmlHAEffectiveMode and fmlHAMode show the wrong roles.

    1094863

    In alert email, a recipient with an internal domain could not be added due to strict domain checking.

    1103297

    When a user with the same name exists in an LDAP directory, a new user could not be created locally.

    1107717

    remote_wildcard administrators have permissions to create administrator accounts, but cannot delete them.

    Log and Report

    Bug ID

    Description

    1078550

    Quarantine reports may be garbled when special characters are used in the email subject and remove-active-content is enabled.

    1089762

    Scheduled reports are delivered later than expected.

    1105759

    Log message Timed out checking block safe lists is misleading.

    1114308

    For domain-level administrators, searching the logs may show sometimes show results from other protected domains.

    Administrator GUI and Webmail

    Bug ID

    Description

    1101465

    In some cases, HTML email is not displayed properly.

    1115801

    Webmail session timeout does not respect the idle timeout setting.

    Common Vulnerabilities and Exposures

    FortiMail 7.4.4 is no longer vulnerable to the following CVE/CWE-References.

    Visit https://fortiguard.com/psirt for more information.

    Bug ID

    Description
    1071459 CWE-: Stack-based Buffer Overflow
    1092958 CWE-23: Relative Path Traversal
    Previous
    Next

    Resolved Issues

    Resolved Issues

    The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support.

    Antispam and Antivirus

    Bug ID

    Description

    1075043

    For the system quarantine, alphabetical sort ordering for the Ukrainian alphabet was not correct for some characters.

    1082373

    With FortiSandbox, high CPU usage and delayed mail could occur with heuristic and QR code scans.

    1082843

    When upgrading the FortiGuard Antivirus database, smtpd may terminate.

    1090327

    A DMARC report is not generated when the domain name for the RUA mailto does not match the sender domain.

    1094034

    In some cases, if the DMARC alignment check fails, then the DMARC check still will not fail.

    1098766

    With FortiSandbox, phishing URLs with specific character combinations are not caught.

    1100041

    In Gmail, quarantine reports could not use the webmail method to release or delete email.

    1100219

    Some URLs in an email may not be submitted to FortiSandbox.

    1104413

    High CPU usage by mailfilterd could occur with some PDF attachments.

    1107735

    Some attachment file names cause email with an empty recipient that cannot be released from the system quarantine.

    1111258

    In DLP rules, a regular expression match all condition does not function correctly if both Body is empty and Subject is empty.

    1111271

    		 Dictionary profile names may remain after restoring an older configuration that does not contain the profiles.

    1119288

    For dictionary scans with regular expressions, valid patterns sometimes did not match UTF-8 encoded subject lines.

    1115693

    When creating a scheduled scan in the Microsoft 365 API view, the advanced condition is ignored.

    1121575

    When a ZIP file is password-encrypted but the content profile does not have the password, sometimes FortiMail does not quarantine the file as expected, but instead submits it to FortiSandbox. This causes an error log on FortiSandbox: WARNING: Wrong password for file submission

    1128095

    When uploading a safe list or block list via the REST API, it could fail with the error message Access Check Failed

    IBE and S/MIME

    Bug ID

    Description

    1086810

    In some cases, the URL for IBE password reset or reactivation incorrectly gives an HTTP 403 Forbidden permissions error.

    1110089

    For email clients that use the RSA-OAEP key exchange algorithm, the recipient is unable to decrypt the email. Antispam logs show the error message DecrypterMediaIn: Decoded Data not valid.

    System

    Bug ID

    Description

    1029391

    Outgoing mail queues sometimes may grow and become slow to deliver, clear, or display on the GUI.

    1069702

    For FortiGate Security Fabric communications, FortiMail broadcasts destination port number 8014 to the wrong IP address.

    1076001

    Some SSH key exchange algorithms should be removed when strong cryptography is enabled.

    1087752

    In active-active mode with HA, SNMP OIDs fmlHAEffectiveMode and fmlHAMode show the wrong roles.

    1094863

    In alert email, a recipient with an internal domain could not be added due to strict domain checking.

    1103297

    When a user with the same name exists in an LDAP directory, a new user could not be created locally.

    1107717

    remote_wildcard administrators have permissions to create administrator accounts, but cannot delete them.

    Log and Report

    Bug ID

    Description

    1078550

    Quarantine reports may be garbled when special characters are used in the email subject and remove-active-content is enabled.

    1089762

    Scheduled reports are delivered later than expected.

    1105759

    Log message Timed out checking block safe lists is misleading.

    1114308

    For domain-level administrators, searching the logs may show sometimes show results from other protected domains.

    Administrator GUI and Webmail

    Bug ID

    Description

    1101465

    In some cases, HTML email is not displayed properly.

    1115801

    Webmail session timeout does not respect the idle timeout setting.

    Common Vulnerabilities and Exposures

    FortiMail 7.4.4 is no longer vulnerable to the following CVE/CWE-References.

    Visit https://fortiguard.com/psirt for more information.

    Bug ID

    Description
    1071459 CWE-: Stack-based Buffer Overflow
    1092958 CWE-23: Relative Path Traversal
    Previous
    Next