Resolved issues
The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, please contact Fortinet Customer Service & Support.
Antispam/antivirus
|
Bug ID |
Description |
|---|---|
|
1165264 |
Embedded URLs in PDF attachments are not detected. |
|
1172602 |
Files with .emf extension are incorrectly detected as application/zip files. |
|
1163240 |
Email with image attachment is blocked by the content profile as password-protected file. |
|
1184804 |
Wrong MIME type detection. |
|
1183090 |
JPEG files are incorrectly detected as RAR files. |
|
1200245 |
When sender address rate control reaches the limit and some email are in the FortiSandbox queue , FortiMail receives NoResult from FortiSandbox. |
|
1199314 |
Invisible malicious URLs may not be detected. |
|
1191454 |
Replacement message action in the content profile action does not work properly. |
|
1194912 |
SPF check fails due to unknown modifiers. |
|
1189764 |
Decompressed files with big size are not scanned or sent to quarantine. |
Email delivery
|
Bug ID |
Description |
|---|---|
|
1180692 |
Fail to open encrypted email notification link after going through a third party security inspection. |
|
1191404 |
Need to add missing HEADER FROM value. |
|
110142 |
In some cases, email is modified even though Deliver to original host is set as Unmodified copy. |
System
|
Bug ID |
Description |
|---|---|
|
1160450 |
When generating a certificate signing request (CSR), FortiMail does not add the X509v3 Subject Alternative Name (SAN) extension to the request. |
|
1164834 |
After upgrading to v7.6.3 release, the HA pair is out of synchronization. |
|
1163747 |
High CPU usage caused by mailfilterd. |
|
1181505 |
High CPU usage without known reasons. |
|
1209753 |
High CPU usage caused by DLP profiles. |
|
1186768 |
IP address with port indication is not supported in email archiving destination. |
|
1173175 |
Legitimate email caught by Intelligent Analysis. |
|
1182035 |
In some cases, a block list entry may be missing in HA mode. |
|
1195444 |
For FIPS-CC purpose, LDAPS needs to drop the non-approved and non certified algorithms / TLS versions. |
|
1198879 |
Disabling use of non-FIPS approved algorithms in IBE, S/MIME, and SNMPv3. |
|
1181436 |
Some disclaimer variables may not work properly. |
|
1161849 |
After upgrading v7.4.3 to v7.6.3, the system began crashing intermittently with the error message: Failed to boot default entries. |
|
1197184 |
Changing prohibited terms or dictionary profilesmay cause system freeze. |
|
1189587 |
UNSEEN error returned from FortiSandbox. |
Logs and reports
|
Bug ID |
Description |
|---|---|
|
1168320 |
Database error executing message in antispam logs. |
|
1157617 |
In some cases, the miglogd process may run into a dead loop. |
Administrator GUI/webmail
|
Bug ID |
Description |
|---|---|
|
1198315 |
Older JQuery-UI version is used. |
|
1176950 |
Under Security > URL Filter > Profile, the total ref number does not display correctly. |
|
1196837 |
In ForitMail webmail, encrypted email for Zoom session links is replaced with .ICS file attachment. |
|
1194351 |
Character T and Z appear in FortiMail clawback timestamp for Quarantine Summary email template. |
|
1195458 |
A report with a comma "," in its name cannot be generated or deleted. |
Common Vulnerabilities and Exposures
FortiMail 7.6.4 is no longer vulnerable to the following CVE/CWE-References.
Visit https://fortiguard.com/psirt for more information.
|
Bug ID |
Description |
|---|---|
|
1189174 |
CWE-358: Improperly Implemented Security Check for Standard |
|
1174554 |
CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') |
|
1173145 |
CWE-312: Cleartext Storage of Sensitive Information |
|
1173144 |
CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere |
|
1169607 |
CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') |