SGOS 220.127.116.11 is a 6.2 maintenance release that fixes 42 SGOS 6.2.x SR bugs and 13 SGOS 5.x customer-reported issues. It includes the following changes:
- Web Wizard for remote initial configuration of MACH5
- Improvement for large CIFS directory handling (redesign of the CIFS directory metadata caching to prevent memory exhaustion)
- Updated the bundled version of Proxy Client to version 18.104.22.168
- Fixed 19 cases of restart
- Contains an updated license validation certificate
- Fixed the following security vulnerabilities:
1. The ProxySG is no longer vulnerable to denial-of-service (DoS) attacks via Server Gated Cryptography (SGC) renegotiation. (CVE-2011-4619)
2. The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer. This OpenSSL vulnerability has been fixed in SGOS 22.214.171.124. (CVE-2011-4576).
3. Fixed OpenSSL: ASN1 BIO vulnerability (CVE-2012-2110 and CVE-2012-2131).