Resolved issues
The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about a particular bug, contact Customer Service & Support.
Bug ID |
Description |
---|---|
455193 |
Flow-based webfilter URL exemptions now generate UTM logs. |
476219 |
The IPS engine now correctly updates timestamps for allowed tunnel sessions. This fix improves performance because the firewall doesn't have to re-create and re-scan the session. |
485025, 508111 |
Resolved an issue that caused the IPS engine to use excessive memory. |
487249 |
Fixed mini TCP stack-related IPS engine crashes. |
488848 |
Resolved an issue that caused FortiOS to enter kernel conserve mode even when memory use was low. |
500565 |
TCP sessions are renewed on New TCP Connection Initiations with Reused Ports. |
503092 |
Resolved static web filtering issues that occurred when application control is enabled. |
504002, 504229, 505859 |
Resolved an issue that would sometimes cause TLS errors with HTTPS websites when SSL deep inspection is enabled. |
506672 |
Added a Missing Boundary Check in the IMAP FETCH Response Handler. |
507316, 517224 |
Resolved a high memory and CPU usage issue caused by unsorted session lists in session groups. |
509349 |
Tuning improvements to white listing and app deferral. |
509349 |
Transient segments are now used for implicitly enabled rules. |
509349 |
The IPS engine now resets the segment length to zero when skipping over transient segments. |
509349, 512261 |
The IPS engine now uses segment ids to calculate the maximum deferral values. |
509840 |
SSL/TLS traffic no longer fails when flow-based Web Filtering is enabled. |
510709 |
Fixed crashes when SSL session is exempted from deep inspection by SNI |
511626 |
Resolved an issue that sometimes prevented the IPS engine from scanning Windows executable files. |
511626 |
Do not generate the FIN packet as derived if no derived session. |
511662 |
Resolved an issue that sometimes caused IPS engine signal 11 crashes. |
512244 |
The IPS engine now determines FTP file sizes correctly. |
512577 |
Improved IPS performance on FortiGate devies with SOC2 processors. |
518312 |
Fix an incorrect TCP sequence error proxy handover when client or server has previous data that was not sent to the proxy. |
520777 |
Resolved an issue that disabled deep inspection after adding a new address to the deep inspection exemption list. |