Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.4.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Build 539 Release Notes

    Home IPS Engine 7.4.0 Build 539 Release Notes
    7.4.0
    7.4.0
    3.6.0

    Resolved issues

    Resolved issues

    The resolved issues listed do not list every bug that has been corrected with this release. For inquiries about a particular bug, contact Customer Service & Support.

    Bug ID

    Description
    835757 Unexpected behavior in IPS Engine 6.004.113 due to an error case.
    845954 Flow antivirus does not have a limit on how much memory it can use when buffering files for scanning.
    864118 XFF does not always populate in IPS logs.
    872397 After 7.0.5 upgrade, application does not work when IPS and unified threat management are applied.
    872747 Improvements to IPS engine to optimize CPU usage during normal internal operation.
    875577 Unexpected behavior in the IPS engine while processing PDF files.
    878755 HTTPS performance drops when IPS and deep-inspection (flow-based) are configured in firewall policy.
    886685 Memory usage issue in IPS engine due to deep-app-inspection usage in application control profiles, when applied to firewall policies
    887299, 911118, 940344 The static URL filter may not function as anticipated due to erroneous URL filter matches stemming from TLS probe failures.
    889464 Virtual domain limit of IPS custom signature is 1000, but 1000 shows as the global limit.
    890065 Erroneous memory allocation observed in IPS engine when the TLS connection is closed in a rare case.
    892302 Improvements to IPS engine to optimize CPU usage when using an external domain list.
    893335 An error condition occurs in IPS Engine when the session does not have a valid host/URL for local urlfilter.
    893947 FortiOS cannot block archive bomb.
    893962 FortiGuard remote category threat feed FQDN format is inconsistent.
    894004 Improvement in performance in a proxy-based policy when Any (inspect-all) is set for a protocol in the Protocol options profile
    895991 Improvements to IPS engine to optimize CPU performance when IPS and deep-inspection are enabled in flow mode.
    897523 Issues occur with TCP SACK and TCP retransmissions by IPS/NTurbo when using DPI.
    900323 An error condition occurs in IPS engine due to erroneous memory allocation.
    901222 Web Filter warning block page for FortiGuard categories does not display for HTTP2 in flow mode with deep inspection.
    902857 FortiGate does not forward TLS ServerHello to client when IPS is enabled with flow mode and deep inspection.
    905636 Azure Machine Learning instances fail to load with flow-based inspection.
    908682 IPS Engine 7.166 in a flow mode AV profile cannot block first HTTPS attempt with infected EICAR file.
    910002 DNS translation does not work as expected after disabling Log all DNS queries and responses (set log-all-domain disable).
    912577 Timeouts/delays occur in DNS queries when DNS sends A and AAAA requests in parallel and the session is suspended for the FortiGuard category.
    916992 The DNS static filter does not work as expected when it is the only setting in the DNS profile.
    923173 Improvements to the IPS engine to optimize memory usage when using the GRE tunnel.
    923393 Upon upgrade to 7.0.11, IPS logs show wrong source/destination IP address and policy ID and show ports as zeros.
    923836 Deep inspection and flow mode does not work for certain URLs.
    929019 Unexpected behavior in IPS Engine (7.002.314) due to an error case.
    929110 The strict setting for the sni-server-cert-check option is treated the same as enabled and no logs were generated on SNI mismatch with CN/SAN.
    932111 Improvements to IPS engine to optimize memory usage due to HTTP2 stream not closing in a timely manner.
    932956 Traffic is not blocked by explicit deny any to any.
    936068 Unexpected behavior in the IPS Engine (7.002.255) while processing HTTP3 traffic.
    937578 Intermittent behavior in IPS engine due to invalid input while parsing SIP address.
    938937 A rare error condition occurs in IPS engine when performing a URL filter match.
    941200 DNS translation does not work as anticipated with FortiGate sending two responses when the webfilter cache is enabled.
    942107 Improvements to the IPS engine to optimize CPU and memory usage while processing HTTP3 traffic.
    947349 Unexpected behavior in IPS Engine (6.004.162) due to a rare condition.
    948186 File Filter does not generate file filter logs while in flow mode.
    948197 Downloading a large file may intermittently stall when flow-based UTM and SSL deep inspection are enabled.
    948282 IPS engine memory usage increases slowly on FortiGate 1801F.
    948627 Connection timeouts or resets may occur on specific websites if they send a SYN/ACK packet with a window size of 0 while a web filter profile is enabled.
    950297 Upon disabling the diagnose ips vpatch enable-all command, FortiGate may not detect CVE-2022-42475 if FortiGate is impervious to this particular vulnerability.
    953382 CPU usage issue in IPS engine due to database size.
    955961 When in policy-based mode, inbound traffic is allowed from ALL despite security rule in place to allow only specific IP addresses.
    961598 A rare error condition occurs in the IPS engine while handling X.509 certificates when the sessions were released for the Quiche server.
    964566 Unexpected behavior in the IPS engine due to a rare error condition that dnsfilter logging causes.
    964709 Unexpected behavior in IPS Engine (7.002.329) while processing application control rules.
    970013 Chrome Beta bypasses WebFiltering in flow-mode, which is caused by an unsupported SSL session.
    973945 Optimize IPS memory usage for TCP SYN flood attack.
    976433 Improvements to the IPS engine to optimize performance when SSL inspection and web filter are enabled. This is in response to Windows 11 and Windows Server 2022 updating their TCP window size algorithm.
    979165 iot_info is wrongly associated to the client.
    982894, 992073, 1004084, 1006533 Unexpected behavior in IPS Engine (7.002.326) due to a rare condition.
    982987 IPS engine drops the ClientHello packet in asymmetric flows when the web filter is enabled in a specific scenario.
    997071 Unexpected behavior in IPS Engine due to an error case.
    1005185 Unexpected behavior in IPS Engine (06.004.171) due to an error case caused by an SSL session with CBC cipher.
    1007795 Support zstd content encoding in HTTP traffic.
    1008088 Allow 8012Q and 8012AD packets to be inspected on isniff.
    1008630 TLS active probe failing in a closed network due to lack of routes to remote hosts.
    1009871 High memory used by IPS leads to conserve mode.
    1011993 Chaff IP packets (invalid IP options) evasion support.
    Previous
    Next

    Resolved issues

    Resolved issues

    The resolved issues listed do not list every bug that has been corrected with this release. For inquiries about a particular bug, contact Customer Service & Support.

    Bug ID

    Description
    835757 Unexpected behavior in IPS Engine 6.004.113 due to an error case.
    845954 Flow antivirus does not have a limit on how much memory it can use when buffering files for scanning.
    864118 XFF does not always populate in IPS logs.
    872397 After 7.0.5 upgrade, application does not work when IPS and unified threat management are applied.
    872747 Improvements to IPS engine to optimize CPU usage during normal internal operation.
    875577 Unexpected behavior in the IPS engine while processing PDF files.
    878755 HTTPS performance drops when IPS and deep-inspection (flow-based) are configured in firewall policy.
    886685 Memory usage issue in IPS engine due to deep-app-inspection usage in application control profiles, when applied to firewall policies
    887299, 911118, 940344 The static URL filter may not function as anticipated due to erroneous URL filter matches stemming from TLS probe failures.
    889464 Virtual domain limit of IPS custom signature is 1000, but 1000 shows as the global limit.
    890065 Erroneous memory allocation observed in IPS engine when the TLS connection is closed in a rare case.
    892302 Improvements to IPS engine to optimize CPU usage when using an external domain list.
    893335 An error condition occurs in IPS Engine when the session does not have a valid host/URL for local urlfilter.
    893947 FortiOS cannot block archive bomb.
    893962 FortiGuard remote category threat feed FQDN format is inconsistent.
    894004 Improvement in performance in a proxy-based policy when Any (inspect-all) is set for a protocol in the Protocol options profile
    895991 Improvements to IPS engine to optimize CPU performance when IPS and deep-inspection are enabled in flow mode.
    897523 Issues occur with TCP SACK and TCP retransmissions by IPS/NTurbo when using DPI.
    900323 An error condition occurs in IPS engine due to erroneous memory allocation.
    901222 Web Filter warning block page for FortiGuard categories does not display for HTTP2 in flow mode with deep inspection.
    902857 FortiGate does not forward TLS ServerHello to client when IPS is enabled with flow mode and deep inspection.
    905636 Azure Machine Learning instances fail to load with flow-based inspection.
    908682 IPS Engine 7.166 in a flow mode AV profile cannot block first HTTPS attempt with infected EICAR file.
    910002 DNS translation does not work as expected after disabling Log all DNS queries and responses (set log-all-domain disable).
    912577 Timeouts/delays occur in DNS queries when DNS sends A and AAAA requests in parallel and the session is suspended for the FortiGuard category.
    916992 The DNS static filter does not work as expected when it is the only setting in the DNS profile.
    923173 Improvements to the IPS engine to optimize memory usage when using the GRE tunnel.
    923393 Upon upgrade to 7.0.11, IPS logs show wrong source/destination IP address and policy ID and show ports as zeros.
    923836 Deep inspection and flow mode does not work for certain URLs.
    929019 Unexpected behavior in IPS Engine (7.002.314) due to an error case.
    929110 The strict setting for the sni-server-cert-check option is treated the same as enabled and no logs were generated on SNI mismatch with CN/SAN.
    932111 Improvements to IPS engine to optimize memory usage due to HTTP2 stream not closing in a timely manner.
    932956 Traffic is not blocked by explicit deny any to any.
    936068 Unexpected behavior in the IPS Engine (7.002.255) while processing HTTP3 traffic.
    937578 Intermittent behavior in IPS engine due to invalid input while parsing SIP address.
    938937 A rare error condition occurs in IPS engine when performing a URL filter match.
    941200 DNS translation does not work as anticipated with FortiGate sending two responses when the webfilter cache is enabled.
    942107 Improvements to the IPS engine to optimize CPU and memory usage while processing HTTP3 traffic.
    947349 Unexpected behavior in IPS Engine (6.004.162) due to a rare condition.
    948186 File Filter does not generate file filter logs while in flow mode.
    948197 Downloading a large file may intermittently stall when flow-based UTM and SSL deep inspection are enabled.
    948282 IPS engine memory usage increases slowly on FortiGate 1801F.
    948627 Connection timeouts or resets may occur on specific websites if they send a SYN/ACK packet with a window size of 0 while a web filter profile is enabled.
    950297 Upon disabling the diagnose ips vpatch enable-all command, FortiGate may not detect CVE-2022-42475 if FortiGate is impervious to this particular vulnerability.
    953382 CPU usage issue in IPS engine due to database size.
    955961 When in policy-based mode, inbound traffic is allowed from ALL despite security rule in place to allow only specific IP addresses.
    961598 A rare error condition occurs in the IPS engine while handling X.509 certificates when the sessions were released for the Quiche server.
    964566 Unexpected behavior in the IPS engine due to a rare error condition that dnsfilter logging causes.
    964709 Unexpected behavior in IPS Engine (7.002.329) while processing application control rules.
    970013 Chrome Beta bypasses WebFiltering in flow-mode, which is caused by an unsupported SSL session.
    973945 Optimize IPS memory usage for TCP SYN flood attack.
    976433 Improvements to the IPS engine to optimize performance when SSL inspection and web filter are enabled. This is in response to Windows 11 and Windows Server 2022 updating their TCP window size algorithm.
    979165 iot_info is wrongly associated to the client.
    982894, 992073, 1004084, 1006533 Unexpected behavior in IPS Engine (7.002.326) due to a rare condition.
    982987 IPS engine drops the ClientHello packet in asymmetric flows when the web filter is enabled in a specific scenario.
    997071 Unexpected behavior in IPS Engine due to an error case.
    1005185 Unexpected behavior in IPS Engine (06.004.171) due to an error case caused by an SSL session with CBC cipher.
    1007795 Support zstd content encoding in HTTP traffic.
    1008088 Allow 8012Q and 8012AD packets to be inspected on isniff.
    1008630 TLS active probe failing in a closed network due to lack of routes to remote hosts.
    1009871 High memory used by IPS leads to conserve mode.
    1011993 Chaff IP packets (invalid IP options) evasion support.
    Previous
    Next