SonicOS/X 7.0.1 Release Notes

Version 7.0.1-5054 April 2022

April 2022

This version of SonicOS/X 7.0.1 is a maintenance release for existing platforms and resolves issues found in previous releases.

Supported Platforms

This release applies only to the NSsp 15700 platform.

For information about the release related to other platforms, please see Version 7.0.1-5052 April 2022.

Resolved Issues

Issue ID Issue Description

A 10Gbps link between SFP+ ports and SWS14-48 Switches connectivity is not working when the interface speed is configured to 10Gig Full Duplex.

Configure the SFP+ interface and SWS14-48 Switch SFP+ interface speed to 1000Mbps Full Duplex

GEN7-28338 Several IPv6 SSO inefficiencies in the mechanism for inter-blade user synchronization requests (those which request other blades to send something back, and then wait for the response) have been resolved.
GEN7-28475 The web management interface reports Command xxx did not match when the guest service is enabled on the LAN zone and the same IP address is used for both administrators and guests to manage the management interface.
GEN7-29412 The web management interface does not display the interface status indicators on the front panel widget of the Dashboard on when it is first accessed.
GEN7-29415 The VLAN subinterface does not display the correct MTU in the web management interface when Jumbo frames are enabled.
GEN7-29590 An intermittent crash might be seen when adding SSO users through a third-party API and IPv6 and IPv4 groups overlap while IPv4/IPv6 traffic is present.
GEN7-29592 Blade mismatch warnings are displayed for SSO API user authentication with large number of users.
GEN7-29593 A memory leak may occur from the SSO API, when returning multiple errors in response to an SSO API request with multiple users.
GEN7-29623 In L3 Port Aggregation, the Aggregate Port does not display the correct link state on the Dashboard page of the web management interface.
GEN7-30021 Incorrect IPv6 addresses are displayed for logged in users on the User Status page.
GEN7-30043 Warnings are displayed on the console relating to holding locks/semaphore for a long time.
GEN7-30065 Trying to manually log out users using the web management interface once they are populated and active displays the error: command 'killuser ...' does not match.
GEN7-30332 A crash may be observed when accessing the IPv6 address cache with a mix of IPv4 and IPv6 users being repeatedly logged in or out,
GEN7-30390 The maximum number of VLANs that could be displayed was previously set to 24. This has been Increased it to display a maximum number of 1024 VLANs.
GEN7-30456 Audit Logging stops reporting Security Policy action profile changes when an UPE policy is configured with specific match criteria.
GEN7-30558 In High Availability, for Standby firewall, the route policies of VLAN interfaces (whose physical interface is configured as LAG) are in wrong status when link is turned off or on.
GEN7-30586 After enabling Mirror LDAP user groups locally, the web management interface does not display the imported mirrored groups.
GEN7-30708 Unnecessary shadow policy-related tracebacks are being reported on the Standby firewall.
GEN7-30709 After rebooting a unit in a High Availability pair, all users were being flushed from the unit's slave blades right after they were synchronized to them from its master blade.
GEN7-30710 If an SSH session goes into configuration mode, and does a commit for some configuration when a prior SSH session configuration commit was still in process, a deadlock situation may occur.
GEN7-30715 Unnecessary tHaImPrefTask stack traces were being printed in with a High Availability pair when both WAN Load Balancing and IPv6 are enabled.
GEN7-31151 A Site to Site VPN phase 2 tunnel with the IKE version configured as IKEv1 Main Mode does not display any VPN tunnel statistics.
GEN7-31889 Stack-based buffer overflow in SonicOS/X potentially resulting in Denial-of-Service (DoS).
GEN7-31890 Potential exposure of sensitive information to an unauthorized user via SNMP.
GEN7-31990 Potential exposure of Wireless Access Point (WAP) sensitive information via SNMP.
GEN7-31991 Improper restriction of TCP communication channel potentially resulting in Denial-of-Service (DoS).
GEN7-31992 Allocation of resources without limits or throttling can potentially result in HTTP DoS via the Content Filtering Service (CFS).
GEN7-31994 Unnecessary tNetObjMgr stack traces are displayed on the console.
GEN7-32418 The OpenSSL library can enter an infinite loop when parsing an invalid certificate, potentially resulting in Denial-of-Service (DoS).

Additional References

The following additional resolved issues in this release are listed here for reference:

GEN7-31993, GEN7-31288, GEN7-30711, GEN7-30707, GEN7-30540, GEN7-30539, GEN7-30537, GEN7-30042, GEN7-29767, GEN7-29652, GEN7-29585, GEN7-29386, GEN7-29340, GEN7-29290, GEN7-27287, GEN7-26996

Known Issues

Issue ID Issue Description
GEN7-29535 The console prints a tTimerTask stacktrace about every hour. There is no functional effect.
GEN7-31879 Configuration changes on the Decryption policy page are not listed in the log files and cannot be audited.
GEN7-31899 Configuration changes on the DoS policy page are not listed in the log files and cannot be audited.
GEN7-31900 Configuration changes on the DoS Action Profile page are not listed in the log files and cannot be audited.
GEN7-32261 OSPFv3/RIPng cannot be established over a trunked VLAN or sub-VLAN interfaces.
GEN7-32540 A crash may be seen with a stacktrace for DP-engine-0 in a High Availability Pair causing failover when running a heavy load of mixed traffic, UDP traffic, and OSPF routes when DPI-SSL Decryption Policies and Bandwidth Management are configured.
GEN7-32620 A crash may be seen with a stacktrace for delayedLog.c in a High Availability Pair causing failover when running a heavy load of mixed traffic, UDP traffic, and OSPF routes when DPI-SSL Decrytion Policies and Bandwidth Management are configured.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.