A new Up2Date is available for Sophos UTM. This update fixes some bugs, most notably the formerly reported vulnerability in OpenSSL. To get a summary, updated information about the vulnerability and the impact on the UTM make sure to read our knowledgebase article on this topic.
Sophos UTM 9.111
- Fix: OpenSSL vulnerability: TLS heartbeat read overrun (CVE-2014-0160)
- Prevent automatic restart of SixXS Tunnel Broker (aiccu)
- System will be rebooted
- 27814 Never selfmon aiccu [9.1]
While you do not need to manually download Up2Date packages (they will automatically download and prepare themselves for you to install), for manual application of Up2Dates or for UTM installations without Internet connections, you can retrieve them using the link below.
Up2date from soft-release to GA:
Up2date from 9.110 to 9.111 GA:
Sophos Up2Date technology makes it easy to upgrade your Sophos UTM to the latest version.
There are two ways to apply an already-downloaded Up2Date package to the system:
- Log on to WebAdmin, navigate to Management >> Up2Date >> Overview and use Update to latest version now to install the Firmware Up2Date. Click on the “Watch Up2Date Progress in new window” and an extra browser window will show the progress of the Up2Date installation. (The System administrator will receive a notification email once the Up2Date process has finished.)
- Download the Up2Date package from our HTTP or FTP Server and install it under Management >> Up2Date >> Advanced:
|Sophos UTM Up2Date FTP Mirrors:|
- If you want to provide feedback or want to discuss any of the UTM V9 features you should post it on our User Bulletin Board. Please indicate the version you are using to help us (and everyone helping you).
- If you have any feedback on our help, manual, or any documentation (Online Help) please send it to firstname.lastname@example.org.
- You are free to use our new demo server environment without hassle, nags, or registration. Enjoy!
Senior Product Manager
[UPDATE: 16 April 2014 13:54 EDT]
IPS Protection from Heartbleed in Sophos UTM
In addition to security patches, IPS signatures have been released to protect servers behind Sophos UTM from Heartbleed attacks.
IPS update u2d-ipsbundle-9.133 includes the Heartbleed signature.