Support Center > Search Results > SecureKnowledge Details
Jumbo Hotfix Accumulator for R80.30 (R80_30_jumbo_hf)
Solution

Table of Contents:

  • Introduction
  • Availability
  • Important Notes
  • List of resolved issues per HotFix
  • Installation instructions
  • Uninstall instructions
  • List of replaced files
  • Revision History
Show the Entire Article

 

Introduction

R80.30 Jumbo Hotfix Accumulator is an accumulation of stability and quality fixes resolving multiple issues in different products.

This Incremental Hotfix and this article are periodically updated with new fixes.

The list below describes each resolved issue and provides a Take number, in which the fix was included. A resolved issue is included in the Incremental Hotfix starting from the Take number listed in this table (inclusive). In addition, you can find the date when the take was published in the table below.

Refer to sk98028 - Jumbo Hotfix Accumulator FAQ.

 

Availability

  • Ongoing Take

    Product Take Date CPUSE Online Identifier SmartConsole package
    Security Gateway / Standalone
    		 Take_19 02 July 2019 Check_Point_R80_30_JUMBO_HF_Bundle_T19_sk153152_FULL.tgz (EXE)
    R80.30 T200
    Security Management Check_Point_R80_30_JUMBO_HF_Bundle_T19_sk153152_GL_FULL.tgz


Important Notes

  • Each of the Jumbo Hotfix Accumulator Takes is based on Check Point R80.30.
  • For CPUSE installation, CPUSE Agent build 1573 and above (refer to sk92449) must be used.
  • It is recommended to install Jumbo Hotfix Accumulator on all the R80.30 machines running on Gaia OS.
  • This Jumbo Hotfix Accumulator is suitable for these products and configurations:
    • Security Gateway
    • StandAlone
    • Security Management Server
    • Multi-Domain Management Server
    • Log Server
    • Multi-Domain Log Server
    • SmartEvent Server
    • Endpoint Security Server
    • VSX
    • Cluster
  • This Jumbo Hotfix Accumulator does not support 26000 and 16000 appliances. Support will be added in the next Jumbo.
  • This Jumbo Hotfix Accumulator has to be installed only after successful completion of Gaia First Time Configuration Wizard and reboot.
  • To check the Take number of the currently installed R80.30 Jumbo Hotfix Accumulator (if it is installed): [Expert@HostName:0]# cpinfo -y all

 

List of resolved issues per HotFix

Enter the string to filter the below table:

ID Product Description
R80.30 Jumbo HotFix - Ongoing Take 19 (02 July 2019)
PRJ-451,
PRHF-3283		 Security Management In a rare scenario, a failure in policy installation causes a false "Policy installation is currently in progress" error message.
PRJ-1647,
PMTR-36840		 Multi-Domain Management Improved duration of Multi-Domain Server upgrade from R80.10.
PRJ-593,
PRHF-3300		 Multi-Domain Management Multi-Domain Server processes must be down when running cma_migrate. 
PRJ-1787,
PMTR-37945		 SmartConsole In a rare scenario, when using "add-threat-exception" API command to empty rulebase, it fails with the "Runtime error: Index: -1, Size: 0" error.
PRJ-1552,
PMTR-31316		 Logging
  • In some scenarios with low disk space and customized retention configuration, logs and indexes may be deleted contrary to the configuration.
  • In some cases, logs are not forwarded when log forwarding in enabled on a Log server machine.
    		•
    PRJ-483 Logging Links from the Threat Prevention log cards lead to the old Threat Wiki and not to the Threat Portal. Refer to sk151772.
    PRJ-633 SecureXL Debug messages are not printed when running "fwaccel dbg -m adp all" and sending multicast packets through the Security gateway.
    PRJ-898,
    GAIA-4855    		 VSX When SecureXL and IPS are enabled on VS connected to VR, HTTP traffic does not pass the internal Host.
    PRJ-2371,
    PRJ-2358    		 Gaia OS  CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479: TCP SACK PANIC - Linux Kernel vulnerabilities. Refer to sk156192

     

    Installation instructions

    Procedure:

    • Show / Hide instructions for installation in Gaia Portal - using CPUSE (Check Point Update Service Engine)

      • Offline installation

        Note: Either get the offline package from Check Point Support, or export the package from a source Gaia machine, on which this package was already downloaded / installed (for package export instructions, refer to sk92449 - section "(4-D) "How to ..."").

        1. Install the latest build of CPUSE Agent from sk92449.
        2. Connect to the Gaia Portal on your Check Point machine and navigate to Upgrades (CPUSE) section - click on Status and Actions.
        3. In the upper right corner, click on the Import Package button.
        4. In the Import Package window, click on Browse... - select the CPUSE package (either offline TGZ file, or exported TAR file) - click on Import.
        5. Above the list of all software packages, click on the Showing Recommended packages button - select All.
        6. Select the imported package Check Point R80.30 Jumbo hotfix T<number> for sk153152 - click on More button on the toolbar - click on Verifier (or right-click on the package and click on Verifier).
        7. Select this package and click on Install Update button on the toolbar.


    • Show / Hide instructions for installation in Gaia Clish - using CPUSE (Check Point Update Service Engine)

      For detailed installation instructions, refer to CPUSE - Gaia Software Updates (including Gaia Software Updates Agent) - section "(4) How to work with CPUSE".

      • Offline installation

        Note: Either get the offline package from Check Point Support, or export the package from a source Gaia machine, on which this package was already downloaded / installed (for package export instructions, refer to sk92449 - section "(4-D) "How to ..."").

        1. Install the latest build of CPUSE Agent from sk92449.
        2. Connect to command line on target Gaia OS.
        3. Log in to Clish.
        4. Acquire the lock over Gaia configuration database:
          HostName:0> lock database override
        5. Import the package from the hard disk:
          Note: When import completes, this package is deleted from the original location.
          HostName:0> installer import local <Full_Path>/<Package_File_Name>.TGZ_or_TAR
        6. Show the imported packages:
          Note: Refer to the top section "Hotfixes" - refer to "Check Point R80.30 Jumbo hotfix T<number> for sk153152"
          HostName:0> show installer packages imported
        7. Verify that this R80 Jumbo Hotfix Accumulator package can be installed without conflicts:
          HostName:0> installer verify <Package_Number>
        8. Install the imported package:
          HostName:0> installer install <Package_Number>

     

    Uninstall instructions

    Important Note: This Jumbo Hotfix Accumulator removes all its packages during uninstall.

    Procedure:

    • Show / Hide instructions for uninstall in Gaia Portal - using CPUSE (Check Point Update Service Engine)

      1. CPUSE Software Updates Policy should be configured to allow self-update of CPUSE Agent.
        Otherwise (and if this machine is offline), users should manually install the latest build of CPUSE Agent from sk92449.
      2. Connect to the Gaia Portal on your Gaia machine and navigate to the 'Upgrades (CPUSE)' section - click on 'Status and Actions'.
      3. Above the list of all software packages, click on the 'Showing Recommended packages' button - select 'All'.
      4. Right-click on the Jumbo Hotfix Accumulator package - click on 'Uninstall'.
      5. A warning will be displayed that after this uninstall, the machine will be automatically rebooted.
        Click on 'OK' to start the uninstall.


    • Show / Hide instructions for uninstall in Gaia Clish - using CPUSE (Check Point Update Service Engine)

      1. CPUSE Software Updates Policy should be configured to allow self-update of CPUSE Agent.
        Otherwise (and if this machine is offline), users should manually install the latest build of CPUSE Agent from sk92449.
      2. Connect to command line on Gaia OS.
      3. Log in to Clish.
      4. Acquire the lock over Gaia configuration database:
        HostName:0> lock database override
      5. Uninstall the package:
        HostName:0> installer uninstall <Package_Number>
        Note: The progress (in per cent) will be displayed in Clish.
      6. Machine will be rebooted automatically.


     

    List of replaced files

    List of files replaced by this Jumbo Hotfix Accumulator can be provided upon request by Check Point Support.


    Revision History

    Show / Hide revision history

    Date Description
    02 July 2019 First release of R80.30 Jumbo Hotfix Accumulator (Take 19)

    Give us Feedback
    Please rate this document
    [1=Worst,5=Best]
    Comment