Fix ICAP client not forwarding response when host matches FQDN.

SSH command filter no longer works after prompt change.

FortiView Application Bandwidth widget shows nothing.

LDAP cache was not updated properly after the user group changed in Active Directory server.

WAD debug filter does not work properly with SSL deep-inspection using hardware crypto.

SSH public keys are lost after upgrading from Beta 1 to latest interim build, and they can no longer be configured.

Multiple attempts to join a domain with wrong credentials causes WAD to crash.

Correlation log does not show security action when application category is unknown.

Issue with the WAD debug filter on vd_id and dst6 or src6.

Fine-grained user/group level authorization timeout configuration.

FortiProxy rejects CONNECT request with body and extra data.

Fix some GUI issues.

Unexpect hang-up on FPX-4000E.

Authenticated users using an IP-based authentication rule may need to be re-authenticated per request.

Clean up HA Active-Active mode related CLI options.

Update voltage monitoring with official Supermicro values.

Remove extended-log option in AV/FF/DLP and extend log-http-transaction to three options: all, utm, and disable.

HTTP transaction log is recorded as "https" scheme for "Ftp over HTTP" transaction.

FortiGate DLP filter EXE files does not work on Windows.

Some non-http traffic was redirected to WAD unexpectedly when L7 address exists in policy.

FPX-2000G and FPX-4000G STA and UID LED color issue.

FortiProxy kernel memory leak.

EIP of mgmt-intf is mistakenly moved from secondary FPX to the primary in an AWS A-P HA cluster.

Issue with format string that causes httpsd and CLI crash.

Memory leak in client certificate cache for virtual server access proxy.

LDAP search type default is unset due to an incorrect default value.

Shaping policy matching failure.

WAD crashes at wad_fw_policy_check_user when authorization is required for FTPS login on the FortiProxy.

FortiProxy HA config-sync-only secondaries receive system updates triggered by both updated and hasync.

Need to verify filters of wad debug trace and make sure all the necessary info is logged and filter works properly.

Explicit FTPS authentication with transparent policy does not work.

FortiProxy trial license is invalid when memory is more than 2 GB while the minimum required memory is 4GB.

Add option to enable/disable application level category policy match for deep inspection .

WAD policy matching crashed at matching the source address due to null source and destination addresses in dummy policy.

Fix for a crash caused by a missing safe check during code porting.

Validate address group members when config is loaded. If an error occurs while loading iptables rules for a specific policy, skip only the malformed policy instead of aborting the policy loading as a whole.

FortiProxy matches user to wrong user group and hits the wrong policy.

When multiple ports are configured for a firewall policy's service, only traffic to the first port matches the policy.

Fix scanunit error logs on non-error case.

Fix HTTP request to FQDN address not directed to WAN when dst_address includes wildcard FQDN.

FortiProxy not showing proxy policy after restoring the configuration, but it is shown in the CLI.

WAD worker memory usage slowly increased.

Show full user-agent in the http-transaction log when extended-log is enabled

Explicit policy was not added to policy list when the policy changes its web-proxy.

FortiProxy did not support nested addrgrp definition, which caused a configuration error while upgrading.

"Bad gateway" error message and httpsd process exits with segmentation fault when generating a TAC report from GUI.

SNAT uses interface IP address instead of address from IP pool with forward server.

Disable netflow and sflow commands which are not supported by FortiProxy.

Build compile error during upgrade.

When log-http-transaction is enabled, forward traffic to WAD only when UTM is enabled or the action of the policy is deny.

High CPU when DNS server is busy.

WAD crash on traffic when VDOM is enabled and a global webfilter profile is attached to a policy.

The respective corresponding sandbox should be displayed correctly.