Fixed Issues and Other Changes
The following table lists issues that have been fixed and are resolved by upgrading to the named release.
Release 22.8R2
|
Report Number |
Description |
|
Administration Server |
|
|
1509248 |
Fixed an issue with Changing SSL Admin Ciphers on Node1 does not inform the User to restart Node2s Admin Server on the first attempt. |
|
1356863 |
Fixed an issue 'Need instructions on how to install the Multi-hosted IP functionality kernel module |
| Appliance OS | |
| 1387071 | Updated the vTM appliance OS to Ubuntu 24.04 which includes kernel version 6.8.0-57-generic and updated packages. |
Pulse Secure Virtual Web Application Firewall
|
Report Number |
Description |
|
WAF |
|
|
1513914 |
Fixed issue for Daily Report for the WAF Application from Statistics > Reports page. |
Release 22.8R1
|
Report Number |
Description |
|
Administration Server |
|
|
1356925 |
Fixed an issue with IPv6 TIPGs are broken in 21.4, 22.1, and 22.2 |
|
Security |
|
|
1310107 |
Fixed for are we affected CVE-2023-48795 - vTM? |
|
1431370 |
Fixed for Ivanti Virtual Traffic Manager User Authenticated Remote Command Execution |
|
1490040 |
Fixed for Arbitrary file upload to known path can lead to (admin) authenticated Remote Code Execution |
|
Upgrade and Rollback |
|
|
1356924 |
Fixed the issue for Cluster upgrade shows the warning "Your traffic managers have different version of configuration" |
Pulse Secure Virtual Web Application Firewall
|
Report Number |
Description |
|
WAF |
|
|
1476451 |
Fixed issue for WAF Application logs not shown on screen. |
|
1325947 |
Fixed issue for Some of databases grow beyond reason |
|
1326039 |
Fixed issue for WAF Logs when submitted with Suggested Changes does not allow "View Changes" page to open |
|
1457536 |
Fixed for Error when uploading customised report template into WAF |
Release 22.7R4
|
Report Number |
Description |
|
Administration Server |
|
|
1372364 |
Fixed issue with "Reactivate this traffic manager". |
|
1388157 |
Fixed an issue with download of Zone file from catalogs. |
|
Upgrade and Rollback |
|
|
1366953 |
Fixed an issue with cluster upgrades with software installation of vTM. |
|
1356923 |
Fixed issue related to handling of interface name changes after upgrade. |
Release 22.7R2
|
Report Number |
Description |
|
Security |
|
|
VADC-297 |
Fixed a security issue CVE-2024-7593 related to interface that exposes the administrator UI. |
|
Upgrade and Rollback |
|
|
VTM-46572 |
Fixed upgrade issue in hardware appliances. |
|
VTM-46569 |
Updated documentation to include a warning statement |
Release 22.7R1
|
Report Number |
Description |
|
Security |
|
|
VTM-46435 |
Fixed an issue which could lead to heap buffer overflow as mentioned in CVE-2023-4863. |
|
Fault Tolerance |
|
|
VTM-45925 |
upgrading a vTM cluster from a lower version to a higher version, you may see a warning that the traffic managers have different configuration versions. This means that some of the configuration settings are not consistent across the cluster. This is fixed by ensuring that all the vTMs in the cluster have the same configuration. |
Pulse Secure Virtual Web Application Firewall
|
Report Number |
Description |
|
WAF |
|
|
PRS-417235 |
Fixed the issue by code changes related to Python 3 generated by vWAF. |
|
PRS-417596 |
Fixed the issue by enabling modification of telemetry config via existing REST API generated by vWAF. |
Release 22.6R2
|
Report Number |
Description |
|
Security |
|
|
VADC-297 |
Fixed a security issue CVE-2024-7593 related to interface that exposes the administrator UI. |
Release 22.6R1
|
Report Number |
Description |
|
Administration Server |
|
|
VTM-46271 |
Fixed an UI related issue which didn't give enough information on how to add multiple email addresses for alerting events. Both comma and space can be used as delimiter now as per UI info. |
|
Security |
|
|
VTM-46220 |
Fixed a security issue CVE-2022-4304 related to openssl. |
Pulse Secure Virtual Traffic Manager Appliance
The following table lists issues that have been fixed and are resolved by upgrading to this release.
|
Report Number |
Description |
|
Cloud Platforms |
|
|
VTM-46273 |
Fixed an issue which could lead to IPv4 associations being not displayed properly when vTM software version is installed on AWS CentOS 7. |
Pulse Secure Virtual Web Application Firewall
|
Report Number |
Description |
|
WAF |
|
|
PRS-415852 |
Fixed the issue by enabling the Logrotator for all the log files generated by vWAF. |
Release 22.5R2
|
Report Number |
Description |
|
Security |
|
|
VADC-297 |
Fixed a security issue CVE-2024-7593 related to interface that exposes the administrator UI. |
Release 22.5R1
|
Report Number |
Description |
|
Installation and Upgrading |
|
|
VTM-46236 |
Fixed an issue which could lead to upgrade failure from a version with new version format to any other version. |
|
Configuration |
|
|
VTM-46226 |
Fixed an issue where TIP becomes unconfigurable if VA is restored without machine specific information |
|
Administration Server |
|
|
VTM-46055 |
Fixed the radio button in "Event from" section which even after selecting "Some Pools" couldn't retain the selection. |
|
VTM-46053 |
The fix is to reflect the bind IP properly in UI and configuration files when it's changed from UI so that user can still access GUI smoothly post modification. |
|
SNMP |
|
|
VTM-45911 |
Fixed an issue which gives a wrong picture about the available free memory in the system |
|
TrafficScript |
|
|
VTM-43956 |
Fixed an issue which could lead to unexpected memory reservation for trafficscript data_size |
Pulse Secure Virtual Traffic Manager Appliance
The following table lists issues that have been fixed and are resolved by upgrading to this release.
|
Report Number |
Description |
|
Virtual Appliance |
|
|
VTM-46218 |
Fixed a customer specific issue which could lead to interface name shuffling post upgrade. |
Pulse Secure Virtual Web Application Firewall
|
Report Number |
Description |
|
WAF |
|
|
WAF-1156 (PRS-414746) |
Handled the exceptions ReadTimeout and increased the request timeout second. |
|
WAF-1117 |
Internal Security Improvement. Baseline updated with CVE-2021-44228. |
|
WAF-1151 |
WAF Debug binary is now available for 4.10.0006, 4.10.0007, 4.10.0008. Modified the CxFreeze (open source) code to generate debug binary |
Release 22.3R3
|
Report Number |
Description |
|
Security |
|
|
VADC-297 |
Fixed a security issue CVE-2024-7593 related to interface that exposes the administrator UI. |
Release 22.3R2
|
Report Number |
Description |
|
Security |
|
|
VTM-34418 |
In vTM, to store the user passwords SHA256 is used now instead of MD5. |
|
VTM-45907 |
For vWAF component of vTM, the zlib version is upgraded to 1.2.12. The older version of zlib (1.2.11) allows memory corruption when deflating (i.e.,when compressing) if the input has many distant matches. |
Release 22.3R1
|
Report Number |
Description |
|
Security |
|
|
VTM-45908 |
Upgraded nghttp2 to 1.49.0 which fixes several security issues. |
|
VTM-45907 |
Upgraded curl and curl-nss to 7.84.0 which fixes several security issues. |
|
VTM-45899 |
Upgraded libpng to version 1.6.37 which fixes CVE-2019-7317 |
|
VTM-43673 |
Upgraded gorilla websocket to version 1.5.0 which fixes CVE-2020-27813 |
|
Performance |
|
|
VTM-45892 |
Update OpenSSL to version 1.1.1q with fixes for CVE-2022-1292, CVE-2022-2068 & CVE-2022-2097 |
|
Connection Processing |
|
|
VTM-45301 |
Modified the documentation for traffic script function pool.use() to reflect that it may not resolve a hostname to a reachable IP address. |
Release 22.2
|
Report Number |
Description |
|
Security |
|
|
VTM-45643 |
Upgraded kernel version to 5.4.0-107-generic which fixes the security issue CVE-2022-27666. |
Pulse Secure Virtual Traffic Manager Appliance
The following table lists issues that have been fixed and are resolved by upgrading to this release.
|
Report Number |
Description |
|
Virtual Appliance |
|
|
VTM-45635 |
Addressed the initial network setup issue, when there is no DHCP setup. |
Pulse Secure Virtual Web Application Firewall
No changes in this release.
Release 22.1
|
Report Number |
Description |
|
Performance |
|
|
VTM-45449 |
Update OpenSSL to version 1.1.1n to be compliant with the latest security updates. |
|
SOAP API |
|
|
VTM-45387 |
The version of the expat XML parser library used by the Administration Server to provide its SOAP API has been upgraded to 2.4.6, addressing CVE-2022-25235, CVE-2022-25236, CVE-2022-25313 - CVE-2022-25316, CVE-2022-22822 - CVE-2022-22827, CVE-2021-46143, CVE-2021-45960, CVE-2022-23990 and CVE-2022-23852. |
|
VTM-45333 |
The version of the expat XML parser library used by the Administration Server to provide its SOAP API has been increased to 2.4.4, addressing CVE-2022-22822 - CVE-2022-22827, CVE-2021-46143, CVE-2021-45960, CVE-2022-23990 and CVE-2022-23852. |
|
TrafficScript |
|
|
VTM-45321 |
The Perl Compatible Regular Expression library (PCRE) has been updated to version 10.39. |
|
Connection Processing |
|
|
VTM-38103 |
Fixed an issue where the Admin UI displayed timeout options only applicable to TCP connections for UDP protocol based virtual servers. |
|
SSL/TLS and Cryptography |
|
|
VTM-45399 |
Fixed an issue where SAN extension was missing in SSL self-signed certificates. |
|
VTM-38496, |
Decreased the time needed for the SSL Decryption page of the Admin UI to be generated if many SSL certificates are installed. |
Pulse Secure Virtual Traffic Manager Appliance
The following table lists issues that have been fixed and are resolved by upgrading to this release.
|
Report Number |
Description |
|
Virtual Appliance |
|
|
VTM-45565 |
Fixed an issue where the bonding device could not be configured correctly due to an error in the identifying the device. |
|
VTM-44975 |
Fixed an issue which prevented the utility for expanding logs partition from executing again in case it failed for first time. |
Pulse Secure Virtual Web Application Firewall
The following table lists issues that have been fixed and are resolved by upgrading to this release.
|
Report Number |
Description |
|
WAF-1114 |
Fix a unicode decoding error. |
|
WAF-1116 |
Fix a string decoding error. |
|
WAF-1128 |
Upgrade libexpat and Python. |
|
WAF-1128, |
Upgrade OpenSSL to 1.1.1n. |