This document summarizes the changes included for the IBM Security Network Protection XGS All Models Firmware 5.1.0 Fixpack 6.
Fix Pack History
Defect 44068: IPS events not always properly blocked when the packet triggering the IPS event matches multiple signatures with different responses. A reboot is necessary for this fix to apply after installing the fixpack.
Defect 44512: Analysis engine aborts and does not restart when processing a NAP rule containing a network object which references a disabled adapter. A reboot is necessary for this fix to apply after installing the fixpack.
Added debug counters to trace events generated by the analysis engine.
Defect 45609: When FW upgrading with file being pulled from update server, there is no indication of progress of install - screen appears to freeze.
Defect 45611: No GRUB option for Hardware Diagnostics after upgrade to 5.1.1
Defect 43765: When filtering an IPS Policy using multiple boolean filters, the filters can behave unexpectedly and fail to work as intended by the user. It is necessary to clear your browser cache after this fix is applied.
Defect 45390: Fix XSS Vulnerability in IBM Knowledge Center Local Edition. This is the documentation located on the appliance. A reboot is necessary for this fix to apply after installing the fixpack.
Defect 44416: Fix a crash in the inspection process due to memory corruption. A reboot is necessary for this fix to apply after installing the fixpack.
Defect 44911: Fix a crash in the inspection process due to a null pointer dereference. A reboot is necessary for this fix to apply after installing the fixpack.
Defect 46532: Fix the matching of events generated over SSL MITM so that IPS objects other than the default IPS Object will match. A reboot is necessary for this fix to apply after installing the fixpack.
Defect 46710: Fix LMI pages so that they will render correctly in Google Chrome v30.
Defect 43781: Fix an issue that results in a Reset instead of Block page with SSL decryption and Web Apps.
Defect 46521: Fix an issue that resulted in dropped TCP connections that had been established before packet processing was started.
Defect 46542: Fix an issue where the XGS doesn't block exploit code contained in PDF documents transferred via HTTPS.
Defect 46141: Fix a random resource leak in the analysis engine.
Defect 47095: Fix a issue with the default IPS Policy not properly enabling the default IPS objects.
Defect 46522: Fix a rare network packet buffer leak.
Defect 46484: Fix an issue where the unanalyzed policy setting is not taken into account when flushing the packet queue.
A reboot is required for the changes made by the fixpack to apply. It also recommended to clear the browser cache on any browsers used to manage the appliance.