Patch 10.8.1-294 was released on September 15, 2023. This patch for Messaging Gateway 10.8.1 includes the following:
This patch introduces the following default configuration change:
- HTTP Strict-Transport-Security response header now has its max-age set to 31536000 seconds.
This patch addresses the following issues:
- If FIPS mode is enabled and SMG communicates through an authenticated proxy, the conduit and the brightmail engine will crash, resulting in mail not being filtered. The same could occur in scenarios where the host downloads virus definitions from a LAN host that requires authentication, instead of downloading from the Broadcom website.
Note: After installing the patch, you will need to re-enter the user credentials for the proxy or the LAN host. This is the case even if your system is not in FIPS mode.
- Some KVM hypervisors are not recognized as supported SMG platforms, causing the Host Status > Hardware Information > Model to be listed as "Unknown". This issue causes other issues as well, such as the inability to upgrade SMG to a new version.
- If FIPS mode is enabled, 'update localinstall' and 'patch localinstall' fail validation, and will not install the new version or new patch.
Note: FIPS mode must be disabled in order to install this patch. You may safely re-enable FIPS mode after installing the patch
- An application error occurs when searching the Message Audit Logs using the Message Size Range as an optional filter.
- An application error occurs when attempting to add or modify a Directory Integration source or a DLP Enforce Server on a Quarantine Only host.
- Starting an SMG instance in Azure results in a Notification "Failed to start virtual machine. Error: OS Provisioning failed. Error mounting dvd."
Note: For SMG instances installed on Azure, after installing or removing the patch, you must completely shut down and stop, then start the instance.
This patch must be installed on all Scanner hosts, Quarantine hosts, and Control Centers.