This document summarizes the changes included in Fixpack 11 for the IBM Security Network Protection XGS 5000 Appliance.
Fix Pack History
You must restart the appliance after you apply this fix pack. The fixes are not applied until the restart is complete.
Fix hang in LMI when refreshing support info, snapshot, and LUDBA pages.
Caused by long delay during extraction of comment from large files.
Fix fdexporter being killed by watchdog un-necessarily when on busy
The fdexporter can take a while to complete the sqlite updates on busy
networks now that extra indices were added to speed up LMI display of on-box flowdata.
The watchdog timeout was extended and an advanced tuning parameter added to
allow modification in the field if necessary (i.e. flowdata.exporter.watchdogTime).
An additional side effect of this fixpack is to resolve the situation where the
watchdog restart left the fdexporter in the "UNCONFIGURED" state requiring a
disable/enable sequence before it would resume exporting.
alpsd was aborting due to a watchdog timeout.
Enforce a bounds check when processing DCA results.
Fix a race condition that could result is a use-after-free.
IPS events erroneously report "blocked" instead of "simulated block."
Defect 20497: Web App allowed by NAP rule being blocked by following rule blocking entire category
Defect 20502: alpsd hangs on XPU install
Defect 20649: URL Lists fail to match on HTTP 1.1 persistent connections
Defect 15296: LMI doesn't display correct Application Databases status
Defect 20465: Deploy banner is presented to users when certain fields are selected and no changes have been made
Defect 21279: Unable to switch hardware bypass modes from Fail Open to Fail Closed
Defect 29122: Link propagation not working correctly when set to "No" on FWA6501
QRadar LEEF support added to remote syslog alert object. Please take a snapshot of policy now.
The snapshot must be applied after a rollback of this fixpack.
Defect 30732: wipe command does not work - Fix wipe on fw6501 w/raid (secure wipe is not available)
Defect 33130: SECURITY: Ruby on Rails CVE-2012-2660, CVE-2012-2694, CVE-2013-0155, CVE-2013-0156, CVE-2012-3424
Defect 31599: SECURITY: CVE-2012-6496 rubygem-activerecord: find_by_* SQL Injection
Fix truncated frames when forwarding unanalyzed.
Defect 33150: Network Access Policy rule employing both address objects and identity objects does not match as expected.
Defect 33332: Regression: On Local Group, Unable to modify 'Description' field.
Defect 34255: SECURITY: Ruby on Rails CVE-2012-2695, CVE-2013-0333
Defect 34462: Regression: Unable to create a URL Category with no categories assigned
Defect 34496: OS updates
Defect 37805: Resolves an alspd crash related to fragmented TLS records.
Defect 37808: Resolves an eventsd crash related to remote syslog responses and events with large AVP data.
Defect 40961: Resolves an alspd crash related to the dca client during shutdown.
Defect 42044: Resolves several additional alpsd crashes around TLS record processing and an out of memory crash due to not freeing x509 data.
Important: You must restart the appliance after you apply this fix pack. The fixes are not applied until the restart is complete.