Notification Message Variables, Plus Security, and Functionality Fixes
15 March 2012
As part of our ongoing efforts to improve the effectiveness of WatchGuard XCS appliances, which protect against data loss, viruses, and malware, WatchGuard is pleased to announce the availability of XCS 9.2 Update 2.
Highlights of this maintenance release include:
- Variables are now supported in notifications with configurable subject headers. System variables can now be used in notification messages that use configurable subject headers.
- A new %Subject% system variable is implemented. System variables are system and message settings that are automatically substituted at the time a notification message is sent. A new %SUBJECT% variable is available that allows you to insert the subject field of the original message in message notifications.
- FreeBSD security advisory FreeBSD-SA-11:06.bind has been resolved. A vulnerability in an open source component of XCS, which could permit denial-of-service (DoS) attacks on the name service functionality, has been addressed.
- A vulnerability (CVE-2011-3389) with SSLv3/TLSv1 ciphers has been resolved. An issue in the open source SSL/TLS component of XCS that could allow attackers to craft specially formatted request to allow the decryption of secure web and email traffic has been mitigated. (Note that this issue did not affect the email encryption add-on capability.)
- Over 40 additional bug fixes and minor enhancements have been included. For more details, see the Release Notes.
Does This Release Pertain to Me?
XCS 9.2 Update 2 is a maintenance release that contains a number of enhancements and bug fixes, including security fixes. Because of the security updates, it is strongly advised that users install the software update. Please read the Release Notes before you upgrade, to understand what is involved.
How Do I Get the Release?
Your XCS appliance will automatically download the XCS 9.2 Update 2 software. However, it will NOT automatically install the update. You must manually install software updates by going to Administration > Software Updates > Updates. You can also manually download the update from the Articles and Support section of WatchGuard’s Support Center. We highly recommend you thoroughly review the Installation Instructions section of the Release Notes before applying this update.
For a more detailed description of this update, please visit the WatchGuard Support Center at http://www.watchguard.com/support/.
If you need support, please enter a support incident online or call our support staff directly. When you contact Technical Support, please have your registered Product Serial Number, LiveSecurity Key, or Partner ID available.
- U.S. End Users: 877.232.3531
- International End Users: +1.206.613.0456
- Authorized WatchGuard Resellers: +1.206.521.8375
Good to know about it .Thanks for sharing it