Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiProxy 7.2.14 Release Notes
    7.2.14
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.13
    7.4.12
    7.4.11
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.16
    7.2.15
    7.2.14
    7.2.13
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.23
    7.0.22
    7.0.21
    7.0.20
    7.0.19
    7.0.18
    7.0.17
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    2.0.14
    2.0.13
    2.0.12
    2.0.11
    2.0.10
    2.0.9
    2.0.8
    2.0.7
    2.0.6
    2.0.5
    2.0.4
    2.0.3
    2.0.2
    2.0.1
    2.0.0
    1.2.13
    1.2.12
    1.2.11
    1.2.10
    1.2.9
    1.2.8
    1.2.7
    1.2.6
    1.2.5
    1.2.4
    1.2.3
    1.2.2
    1.2.1
    1.2.0
    1.1.6
    1.1.5
    1.1.4
    1.1.3
    1.1.2
    1.1.1
    1.1.0
    1.0.7
    1.0.6
    1.0.5
    1.0.4
    1.0.3
    1.0.2
    1.0.1
    1.0.0

    Resolved issues

    Resolved issues

    The following issues have been fixed in FortiProxy 7.2.14. For inquiries about a particular bug, please contact Customer Service & Support.

    Bug ID

    Description

    1074460

    Buffer overflow issues related to corrupted traffic log files, which could lead to a crash.

    1111141

    WAD process crashes continuously after ftgd-local-rating configuration.

    1117526

    list_entry should be typesafe.

    1117013

    wad_hash_cache timeout issue.

    1112600

    The wad_ftp_session_task_start does not initiate while establishing the data connection.
    1005867, 1087631, 1088866 AV scan does not work for archived msoffice, msofficex and 7z files.
    1054835, 1121171 Proxy HTTP2 single file transfer is slow when IPS/APP/SSL inspect-all is enabled.
    924740 Improve WAD trace log precision of process-id-by-src filter.
    1127033 IP pool is not updated after configuration change.
    1119389 Explicit proxy does not work via IPsec tunnel.
    1103476 License leak.
    1128283 Logs that should have duration 0 sometimes show wrong values.
    1094526, 1116906, 1126935 GUI issues.
    1126862 Traffic is passed by transparent deny policy when log-http-transaction is enabled.
    1133565 Password protected msofficex and msoffice files are bypassed when encrypted-file is set to inspect.
    1126749 Duplicate session ID in traffic logs across different connections.

    1102796

    Passive proxy member send LDAP requests to the LDAP servers.
    1140953

    HTTP2 large file download may get stuck and fail.
    1149807 Policy lookup tool does not match source interface.

    1144421

    ICAP crash.
    1130882 Missing field details in http-transaction logs for deep-inspect https CONNECT traffic.

    1135096

    In HTTP transaction log, when certificate inspection is set, the URL filed lost protocol information if traffic passes through.
    1095093, 1092529 "utmref" and "utmaction" fields are missing in forward traffic log and long-tcp sessions are missing in http-transaction traffic log.

    1102694

    "utmref" and "utmaction" fields are missing in forward traffic log and http-transaction

    traffic log for long-tcp sessions.

    1157551

    Memory leak caused by missing put after wad_str_assign.

    859182

    WAD crashed at fts_crypto_kxp_pub_key_verify_done.
    1012811 Log time is one hour behind NTP after daylight savings time change.

    1114438

    Policy test feature does not work when no WAD debug is running in the background.

    1162152

    When setting system time in GUI, the Time field should not include the millisecond value.

    Common vulnerabilities and exposures

    FortiProxy 7.2.14 is no longer vulnerable to the following CVE reference. Visit https://fortiguard.com/psirt for more information.

    Bug ID

    CVE reference

    1121042

    CVE-2024-52965

    Previous
    Next

    Resolved issues

    Resolved issues

    The following issues have been fixed in FortiProxy 7.2.14. For inquiries about a particular bug, please contact Customer Service & Support.

    Bug ID

    Description

    1074460

    Buffer overflow issues related to corrupted traffic log files, which could lead to a crash.

    1111141

    WAD process crashes continuously after ftgd-local-rating configuration.

    1117526

    list_entry should be typesafe.

    1117013

    wad_hash_cache timeout issue.

    1112600

    The wad_ftp_session_task_start does not initiate while establishing the data connection.
    1005867, 1087631, 1088866 AV scan does not work for archived msoffice, msofficex and 7z files.
    1054835, 1121171 Proxy HTTP2 single file transfer is slow when IPS/APP/SSL inspect-all is enabled.
    924740 Improve WAD trace log precision of process-id-by-src filter.
    1127033 IP pool is not updated after configuration change.
    1119389 Explicit proxy does not work via IPsec tunnel.
    1103476 License leak.
    1128283 Logs that should have duration 0 sometimes show wrong values.
    1094526, 1116906, 1126935 GUI issues.
    1126862 Traffic is passed by transparent deny policy when log-http-transaction is enabled.
    1133565 Password protected msofficex and msoffice files are bypassed when encrypted-file is set to inspect.
    1126749 Duplicate session ID in traffic logs across different connections.

    1102796

    Passive proxy member send LDAP requests to the LDAP servers.
    1140953

    HTTP2 large file download may get stuck and fail.
    1149807 Policy lookup tool does not match source interface.

    1144421

    ICAP crash.
    1130882 Missing field details in http-transaction logs for deep-inspect https CONNECT traffic.

    1135096

    In HTTP transaction log, when certificate inspection is set, the URL filed lost protocol information if traffic passes through.
    1095093, 1092529 "utmref" and "utmaction" fields are missing in forward traffic log and long-tcp sessions are missing in http-transaction traffic log.

    1102694

    "utmref" and "utmaction" fields are missing in forward traffic log and http-transaction

    traffic log for long-tcp sessions.

    1157551

    Memory leak caused by missing put after wad_str_assign.

    859182

    WAD crashed at fts_crypto_kxp_pub_key_verify_done.
    1012811 Log time is one hour behind NTP after daylight savings time change.

    1114438

    Policy test feature does not work when no WAD debug is running in the background.

    1162152

    When setting system time in GUI, the Time field should not include the millisecond value.

    Common vulnerabilities and exposures

    FortiProxy 7.2.14 is no longer vulnerable to the following CVE reference. Visit https://fortiguard.com/psirt for more information.

    Bug ID

    CVE reference

    1121042

    CVE-2024-52965

    Previous
    Next