Support Center > Search Results > SecureKnowledge Details
Jumbo Hotfix Accumulator for R80.40 (R80_40_jumbo_hf) Technical Level
Solution
Click Here to Show the Entire Article

Availability | Important Notes| List of resolved issues | Installation instructions | Uninstall instructions | Revision History

 

Introduction

R80.40 Jumbo Hotfix Accumulator is an accumulation of stability and quality fixes resolving multiple issues in different products.

This Incremental Hotfix and this article are periodically updated with new fixes.

The list below describes each resolved issue and provides a Take number, in which the fix was included. A resolved issue is included in the Incremental Hotfix starting from the Take number listed in this table (inclusive). In addition, you can find the date when the take was published in the table below. List of files replaced by this Jumbo Hotfix Accumulator can be provided upon request by Check Point Support.

This Jumbo Hotfix Accumulator is suitable for these products and configurations: Security Gateway, Security Management Server, Multi-Domain Management Server, Log Server, Multi-Domain Log Server, SmartEvent Server, Endpoint Security Server, VSX and Cluster.

  • This Jumbo Hotfix Accumulator has to be installed only after successful completion of Gaia First Time Configuration Wizard and reboot.
  • For CPUSE installation, CPUSE Agent build 1848 and above (refer to sk92449) must be used.
  • It is recommended to install Jumbo Hotfix Accumulator on all R80.40 machines.

Also refer to sk98028 - Jumbo Hotfix Accumulator FAQ.

Support for Security Gateways Running on Open Servers

R80.40 Jumbo Hotfix Accumulator provides support for Security Gateways configurations running on Open Servers.
For an Existing Security Gateway running on Open Servers, a Blink image consisting of R80.40 GA image (Take 294) and R80.40 Jumbo Hotfix is available in the Download section below.

For Freshly installed Open Servers, first use the R80.40 ISO image from the R80.40 Home page and then, before placing the machine into the production environment, install the R80.40 Jumbo Hotfix package from the below table (not the Blink image).

The R80.40 ISO image (Take 294) and the R80.40 image included in the Blink image are identical.


Availability

  • General Availability Take

    Take_48 is the latest R80.40 Jumbo Hotfix Accumulator General Availability release that can be directly downloaded from Check Point Cloud using CPUSE and from this article:

    Product Take Date CPUSE Offline package SmartConsole package
    Security Management and Security Gateway
    Jumbo HF Take_48 21 May 2020 (TGZ) (EXE)
    Build 396
    Blink Image for Security Gateway and Open Server 
    Clean Install / Upgrade
    R80.40 GA Take 294 + Jumbo HF Take_48
    21 May 2020 (TGZ)
    Blink Image for Security Management - Clean Install  (TGZ)

    • For Gaia Fast Deployment mechanism "Blink", refer to sk120193.
    • Effective May 10th 2020, the SmartConsole package has been updated to Build 396.



Take 48 | Take 45 | Take 38 | Take 25 | List of upcoming resolved issues



Important Notes

  • Customers planning an upgrade, please refer to sk164258 to check the compatibility of Jumbo Hotfix Takes between different releases.

 

List of resolved issues per HotFix Take

ID Product Description
R80.40 Jumbo HotFix -  General Availability Take 48 (published on 21 May 2020, GA from 25 May 2020)
PRJ-12414,
PMTR-52051
Security Gateway In a rare scenario, Security gateway might crash while processing the SMTP traffic due to a memory corruption.
PRJ-12788,
PRHF-10858
ClusterXL The cpstat -f all ha command fails to complete.
PRJ-12499,
PMTR-52267
SecureXL SCTP Stateful inspection and payload NAT (INIT Chunks) might not work correctly when SecureXL is enabled.
PRJ-12738 VPN Some Remote Access clients that do not support Multi-Factor Authentication (MFA) are able to connect to a Security Gateway even though the "Allow older clients" option is disabled. Refer to sk166912.
PRJ-12629,
PRHF-7485
VPN Improved the VPN connectivity with DAIP peers when Tunnel Monitoring is enabled. Refer to sk164933
PRJ-11369,
PRHF-9804
Gaia OS SNMP Trap might not be sent even though a failover occurred. Refer to sk166100.
PRJ-11829,
PRHF-7087
Endpoint Security SmartEndpoint might export a report to Excel in which incorrect distinguished names appear for deleted users/computers. Refer to sk163943
R80.40 Jumbo HotFix - Ongoing Take 45 (10 May 2020)
PRJ-8281,
PMTR-36367
Security Management FWM and\or INDEXER processes might repeatedly stop when there are more than ~500K network objects declared.
PRJ-11956,
PMTR-52583
Security Gateway In a rare scenario, Security Gateway might crash due to NULL pointer reference
PRJ-9707,
PRHF-7716
Logging The FWD process might stop working if one of the following changes were made using GuiDBEdit:
  1. Change to log forwarding timing
  2. Change to log switch timing
PRJ-11007,
PRHF-9292
Logging In some scenarios, changes made to Network Objects on the Security Management Server are not reflected in the logs view. Refer to sk166493.
PRJ-10885,
PMTR-51539
Anti-Malware In some scenarios, Microsoft update and other download connections might fail when Strict Hold mode is enabled.
PRJ-11237,
PMTR-42727
VPN Connectivity improvement for VPN over NAT traversal (UDP 4500).
PRJ-11012,
PMTR-46009
Gaia OS NEW: Added support for Jumbo Hotfix installation on Check Point 3800, 6400, 6700, 7000, 16200, 16600HS and 28000 appliances. Refer to sk110052, sk139932 and sk152733.
  • Requires R80.40 SmartConsole Build 396 (or higher).
R80.40 Jumbo HotFix - Ongoing Take 38 (26 April 2020)
PRJ-10631,
PRJ-10629
Installation Firmware upgrade for Small Office appliance using SmartProvisioning in Multi-Domain Management environment might fail.
PRJ-8645,
CPM-2623
Security Management NEW: Performance enhancements while the Management Server is under high load.
PRJ-10473,
PMTR-49832
Security Management In a rare scenario, export from the previous version does not complete because the Postgres dump_all process gets stuck.
PRJ-11722,
PRHF-10059
Security Management Scheduled IPS update operation on the Security Management server might not be triggered after server reboot/restart. Refer to sk166216.
PRJ-10221,
PRHF-7865
Security Management When the user runs the 'add-domain' Web API command on an existing Domain, the original Domain is deleted. 
PRJ-10089,
PMTR-50276
Security Management

The cpm_solr process might stop working and cause one of the following:

  • The upgrade of a Management machine might stuck on 58%
  • The Management HA synchronization might fail with "NGM failed to import data" error
  • Users might not be able to log in.
PRJ-10515,
PMTR-36302
Security Management In some scenarios, Check Point services fail to start and the CPM log shows that there are duplicate session aggregators.
PRJ-9323,
PRHF-8494
Security Management In some scenarios, a disconnected SmartView Monitor session appears in SmartConsole with a grayed out 'Disconnect' option, which cannot be discarded. Refer to sk165037
PRJ-9300,
PRHF-8336
Security Management In a rare scenario, the "SmartDashboard component failed to connect to server <IP address>. Please contact technical support" error is displayed in SmartConsole when opening the Management object for editing.
PRJ-11167,
PMTR-51180
Multi-Domain Management In a rare scenario, synchronization between Multi-Domain Management Servers breaks after revisions purge operation. 
PRJ-9699,
PRHF-8593
Multi-Domain Management MLM might open a connection to the reversed IP address of the Multi-Domain Server.
PRJ-10527,
PRHF-8686
Multi-Domain Management Upgrade of Multi-Domain Server might fail if Sync With User Center is running.
PRJ-9241,
PRHF-8077
Multi-Domain Management In some scenarios, secondary MDS or MLM fail to renew a management certificate. Refer to sk164732.
PRJ-11177,
PMTR-51890
Multi-Domain Management In some scenarios, Full synchronization fails in the Global Domain with "Full sync with peer '[Peer Name]' NGM failed to import data" error. Refer to sk145972.
PRJ-11517,
PRHF-9981
Multi-Domain Management In rare scenarios, upgrading the Multi-Domain Server fails to upgrade some Domain Servers with "IllegalArgumentException" in the upgrade log. 
PRJ-10366,
PMTR-51017
Multi-Domain Management After performing Full synchronization or failover of the Global Domain, the following operations might fail (refer to sk145972):
  • Global Domain reassignment
  • IPS or Application Control updates in the Global Domain 
PRJ-9262,
PMTR-49143
Multi-Domain Management Upgrade of Multi-Domain Server might fail when the source version is R80.10 and there is no license configured on the target machine.
PRJ-10531,
PRHF-8581
Multi-Domain Management The mds_import.sh script might fail if the IPS version for a Domain/CMA does not exist on the R80.x Multi-Domain Management Server.
PRJ-10510,
PMTR-50620
Multi-Domain Management In some scenarios, if a Domain is deleted while the user performs a multi-site upgrade from R77.x (before all machines complete the upgrade), some Domains might not be assigned to Admins and Trusted Clients, as before the upgrade. Updating those Admins and Trusted Clients might also fail.
PRJ-10747,
PMTR-50936
Multi-Domain Management In some scenarios, policy installation from the Domain Management Server fails after an mds_backup procedure that was interrupted. Refer to sk165559.
PRJ-11284 Multi-Domain Management Access policy installation may get stuck in a specific scenario in MDS environments. Refer to sk166106.
PRJ-10504,
PMTR-50891
Multi-Domain Management The import-smart-task Management API might fail in the second Domain on the Multi-Domain machine when it is executed with same exported file.
PRJ-9290,
PMTR-49566
SmartConsole NEW Enhancement: Two new flags were added for the performance improvement of Threat Protection API commands: 'show-profiles' and 'show-ips-additional-properties'. The default value for both flags is false.
PRJ-10374,
PRHF-8973
SmartView In some scenarios, after user imports view/report in SmartView, the imported view/report is not shown in the Catalog.
PRJ-10707,
PMTR-45783
SmartProvisioning In some scenarios, after creating a Small Office gateway using LSMCli, some fields in the gateway object on the SmartProvisioning are not populated.
PRJ-9644,
PRHF-4623
Security Gateway NEW: Added support for the bridge configuration when packet is passing via the Security gateway twice.
PRJ-10795,
PMTR-51301
Security Gateway In some scenarios, when a Custom Intelligence Feed is enabled, the Security Gateway might crash.
PRJ-10173 Security Gateway After installing R80.40 Jumbo Hotfix, Dynamic Split is disabled.
PRJ-10207,
PRHF-9508
Security Gateway ICAP Client might not work properly when Threat Extraction blade is enabled.
  • To enable the fix, set the enable_icap_with_strict_hold parameter to 1. 
PRJ-11538 Security Gateway In a rare scenario, Security gateway might crash with vmcore.
PRJ-11531,
MUX-319
Security Gateway In a rare scenario, Security gateway might crash while connection is closed while being held.
PRJ-10887,
PMTR-51247
Security Gateway In a rare scenario, a memory leak may appear in Anti-Virus inspection on SMB protocol.
PRJ-9690,
PMTR-46451
Security Gateway Traffic might be dropped on DAIP gateway after the gateway IP address is changed or the gateway is rebooted. Refer to sk165176.
PRJ-8657 Security Gateway In a rare scenario, creating a Virtual Switch can lead to crash.
PRJ-9835,
PMTR-48719
Security Gateway When ISP Redundancy is configured on a cluster, the backup ISP link status might show as down even though the link is up.
PRJ-10283,
PMTR-50683
Anti-Malware NEW: Added support to allow Threat Extraction to scan a file download in additional scenarios.
PRJ-10758,
IDA-2866
Identity Awareness In some scenarios, multiple "idapi_load_data_impl: session id <Session ID> not found in client_db, although ip <Session IP> was assigned to it" errors appear in /var/log/messages file.
PRJ-10387,
IDA-2719
Identity Awareness In a rare scenario, identity session groups and access roles might disappear following a policy installation. 
PRJ-10085,
PMTR-50594
Content Awareness Added ability not to drop the connections if the files are downloaded with HTTP 206 out of range.
PRJ-10856,
PRHF-1898
Application Control  NEW: Gateway status will reflect Application Control and URL Filtering updates.
PRJ-9935,
PMTR-49938
HTTPS Inspection In some scenarios, when the minimum version of HTTPS Inspection is set to TLS 1.1, some websites might stop working. Refer to sk165555
PRJ-10738,
PRHF-9265
SSL Inspection In a rare scenario, a memory leak might appear when SSL inspection is enabled.
PRJ-10940,
PMTR-51681
IPS In a rare scenario, the fw_full process might stop working. 
PRJ-10970,
SWG-2484
DLP NEW: Reading and sending files from the registry by DLP was optimized.
PRJ-9694,
PRHF-8503
DLP In some scenarios, DLP prints wrong error message in the log.
PRJ-9329,
PRHF-8152
DLP Improved the scanning time of files for some scenarios in SMTP and HTTP/S.
PRJ-9436 DLP In a rare scenario, the dlpu process, a component in Anti-Virus and Threat Emulation, might stop working. 
PRJ-9775,
PRHF-8847
DLP In some scenarios for SMTP, when an internal user sends an email, the DLP logs might show the topology as "external to external" instead of "internal to internal".
PRJ-11023,
PRHF-3767
ClusterXL Active VRRP cluster member might not show full accounting information in logs. Refer to sk159432.
PRJ-10235,
PMTR-51942
SecureXL Policy installation may fail with "Error code 0-2000240" when Drop templates option is enabled. Refer to sk165716.
PRJ-10000,
PRHF-5120
SecureXL Improved TCP state inspection for "Smart Connection Reuse" feature when SecureXL is enabled. 
PRJ-9828,
PMTR-50294
SecureXL In some scenarios, SYN Defender cookie validation might fail.
PRJ-8977 SecureXL When PIM-SM multicast routing transitions from RPT to SPT, packets might be dropped or become out-of-order.
PRJ-8774,
PMTR-48255
SecureXL In some scenarios, held packets are incorrectly reported to the penalty box.
PRJ-8916,
PRJ-8890
SecureXL In some scenarios, multicast packets arrive to the Security gateway in order, but leave out-of-order.
PRJ-9972,
SL-3551
Logging In a Multi-Domain environment, one or more CMA's SMARTLOG_SERVER processes may fail to start after upgrade. Refer to sk165262.
PRJ-11364,
PMTR-51655
Logging In a rare scenario, the CPD process on a Security Management Server that manages R77.30 Security Gateway might stop working.
PRJ-11846,
SL-3728
Logging Log exporter process might stop working after enabling export of log attachment IDs.
PRJ-9957,
PRHF-897
VoIP In some scenarios, UA traffic is dropped when packet contains more than 9 UA's. Refer to sk135114.
PRJ-11036,
PMTR-36437
VPN In some scenarios, VPN traffic distribution change might cause high CPU consumption on one CPU core. Refer to sk165853.
PRJ-9587,
PRHF-7681
VPN In a rare scenario, vpnd process stops working due to Segmentation fault. 
PRJ-10558,
VPNS2S-938
VPN Improved the VPN Site-to-Site tunnel establishment scenario with IKEv2.
PRJ-8726 VPN In some scenarios, vpnd cores might be generated sporadically during boot time/cluster failovers on the Cluster Standby Member. 
PRJ-10391,
PRHF-1053
VPN In a rare scenario, vpnd process stops working due to issue in IKEv2 flow.
PRJ-9586
PRHF-7485
VPN Improved the VPN Connectivity with DAIP peers. Refer to sk164933
PRJ-9911,
PMTR-43850
VPN Improved stability of VPN traffic on VSX Gateway when SecureXL is enabled.
PRJ-11017,
PMTR-51126
Gaia OS In a rare scenario, Security gateway might crash when SSH Deep Packet Inspection (SSH DPI) is enabled.
PRJ-10075,
PRJ-10452
Gaia OS The "show asset all" command displays the total number of cores  instead of the online number of cores, even if the Hyper-Threading is disabled.
PRJ-11536,
PRHF-9858
Gaia OS In some scenarios the snmpd process floods /var/log/messages with errors regarding parsing voltage sensor value. 
PRJ-9131,
PMTR-49209
Endpoint Security Endpoint Standalone Remote Help Server might not start syncing automatically on the first connect.
PRJ-10120,
PRJ-9633
Compliance In some scenarios, database import on single Domain machines where the Compliance blade is activated fails, and as a result, the FWM process stops working after the import.
PRJ-10868,
VSECC-1119
CloudGuard IaaS In a rare scenario, the OpenStack Data Center becomes unresponsive, resulting in a loss of updates to the Security Gateway. 
PRJ-10914,
VSECC-1222
CloudGuard IaaS When an Azure subnet is missing its prefix attribute, the Microsoft Azure Data Center might fail to poll data, resulting in a loss of updates to the Security gateway.
PRJ-11026,
VSECC-1231
CloudGuard IaaS When an Azure Virtual Network Interface is missing its properties' primary attribute, the Microsoft Azure Data Center might fail to poll data, resulting in a loss of updates to the Security gateway.
PRJ-10903,
PMTR-22709
VSX In VSX cluster with VMAC mode, traffic might not pass through VSX Cluster members if SecureXL is enabled. Refer to sk138894.
R80.40 Jumbo HotFix - Ongoing Take 25 (16 March 2020)
- General NEW: Added support for Security Gateway running on Open Servers.
PRJ-9090,
PRHF-8266
Security Management In a rare scenario, when an environment has many Gateways (dozens), the FWM daemon might stop working when 4 GB of memory is reached. Refer to sk165015.
PRJ-8409,
PMTR-46703
Security Management In some scenarios, when the user modifies a policy rule and creates a section above it in the same session, the log tracker shows that the rule was created instead of modified.
PRJ-8406,
PRHF-7874
Security Management In some scenarios, the exported database might be very large and include redundant data.
PRJ-9312,
PRHF-7728
Security Management The "Unused Objects" filter in Object Explorer might display a failure message if there are more than 20000 unused objects.
  • A limit was added so that only the first 5000 objects will be displayed.
PRJ-9215,
PRHF-8370
Security Management Logging into SmartConsole to the Standby Management Server with a Radius or TACACS user might fail after changing the shared secret on the Radius or TACACS object. 
PRJ-9266,
PMTR-49516
Security Management Policy verification might fail after the user does the following steps: Configures specific install targets for a policy, publishes them, changes the install targets back to "All Gateways", and tries to install them on a Gateway which is not in the original list of targets.
PRJ-9398,
PMTR-44668
Security Management In a rare scenario, the FWM process will utilize 100% CPU, and connections to SmartConsole might fail.
PRJ-8794,
VPNRA-316
Security Management Improved the Access Control Policy installation time for environments with high amount of objects and enabled IPSEC VPN blade. Refer to sk166321.
PRJ-6936 SmartConsole NEW: Added R80.30SP to the list of versions for supported hardware.
PRJ-9080,
API-864
SmartConsole In some scenarios, the Management Server may stop working following authenticated API commands to create or update objects with extremely long comments.
PRJ-9466,
PMTR-49817
SmartConsole In some scenarios, when the user attempts to delete a Gateway / Cluster member, an error message might appear and the operation might not complete successfully.
PRJ-8753 SmartConsole In some scenarios, on a Global domain, when the user sets a logging option of an IPS protection whose activation is Detect or Prevent, the activation of the protection is set to "Inactive" on the local domain after an Assign Global Policy operation. 
PRJ-9544 SmartConsole When the user invokes the 'show-access-layer' API command, the parent layer might be missing from the output result.
PRJ-9977,
PRJ-9968
Security Gateway In a rare scenario, a non-HTTP traffic on port TCP/80 is dropped.
PRJ-9052,
PRHF-8288
Security Gateway Global connections might not be freed correctly when the Gateway acts as a Proxy.
PRJ-8275 Security Gateway In some scenarios, a Security policy installation fails during high CPU utilization.
PRJ-10345,
PMTR-49504
Security Gateway In a rare scenario, after upgrading a Security Gateway to R80.40, the log_indexer process running on the Log server might consume 100% CPU and cause the indexing backlog.
PRJ-9446,
PRJ-9416
Security Gateway Added logs for packets that include invalid TCP options. This feature is off by default.
PRJ-9898,
PMTR-50302
Security Gateway In a rare scenario, the Citrix server communication may fail.
PRJ-10480,
PRHF-9188
Security Gateway In some scenarios, Accounting log shows a wrong total packets value.
PRJ-8884,
PRHF-7048
Security Gateway In a rare scenario, Security gateway may crash when activating a web parsing debug.
PRJ-9900,
PMTR-50431
Security Gateway In a rare scenario, when the web server is defined, policy installation fails with "Error code 0-20000111".
PRJ-8861,
PRJ-8880
IPS In a rare scenario, Security gateway may crash due to NULL pointer reference.
PRJ-9450,
PRHF-8530
IPS,
VSX
In some scenarios, SmartConsole shows "No license" and "Contract is expired" for IPS blade in VSX. Refer to sk164917.
PRJ-9395,
PMTR-49565
Identity Awareness Performance improvement in the automatic LDAP group update feature.
PRJ-7201,
PMTR-23406
SSL Inspection NEW: Added support for proxy configuration when downloading CRL from a VSX device. Refer to sk151115
PRJ-8498,
PRHF-7875
Logging Added "Resource", "Application Risk", "Application Name" and "Application Category" fields to the exported CSV file. 
PRJ-8548 Logging NEW: Log Exporter feature exports log attachment identifiers and adds the ability to fetch them through the Management API command.
PRJ-8683,
PRHF-7856
Logging In some scenarios, Threat Emulation Logs cannot be viewed in the logging or reporting views because of a certain format of the "file size" field sent from the Security gateway.
PRJ-9075,
PRHF-8337
Routing In some scenarios, a corrupted BGP AS4_PATH attribute value might result in an invalid, long BGP update that is rejected by the BGP peer.
PRJ-9129,
PMTR-46873
SecureXL NEW: Added acceleration support for Ethernet Over IP Tunneling (EOIP). EOIP is RFC 3378 protocol # 97 used between Wireless AP and Wireless Cisco controller. 
PRJ-10197,
PMTR-50836
Gaia OS CVE-2020-8597: pppd is vulnerable to buffer overflow. Refer to sk165875.
PRJ-8583,
PMTR-48127
Gaia OS Multi-Queue configuration cannot be assigned to interfaces that use the "mlx5_core" driver (to check, run the "ethtool -i <name of interface>" command).
PRJ-9357,
PRJ-9318
Gaia OS On 3600 and 3600T appliances, alarm led turns on if one of the PSU is disconnected. Refer to sk166000.
PRJ-8570,
PMTR-49970
CloudGuard The Management API add-data-center-server for vCenter Data Center uses the "unsafe-auto-accept" parameter with default value set to false. In some scenarios, this setting causes the opposite behavior.

 

Installation instructions

Procedure:

  • Show / Hide instructions for installation in Gaia Portal - using CPUSE (Check Point Update Service Engine)

    • Offline installation

      Note: Either get the offline package from Check Point Support, or export the package from a source Gaia machine, on which this package was already downloaded / installed (for package export instructions, refer to sk92449 - section "(4-D) "How to ..."").

      1. Install the latest build of CPUSE Agent from sk92449.
      2. Connect to the Gaia Portal on your Check Point machine and navigate to Upgrades (CPUSE) section - click on Status and Actions.
      3. In the upper right corner, click on the Import Package button.
      4. In the Import Package window, click on Browse... - select the CPUSE package (either offline TGZ file, or exported TAR file) - click on Import.
      5. Above the list of all software packages, click on the Showing Recommended packages button - select All.
      6. Select the imported package Check Point R80.40 Jumbo hotfix T<number> for sk165456 - click on More button on the toolbar - click on Verifier (or right-click on the package and click on Verifier).
      7. Select this package and click on Install Update button on the toolbar.


  • Show / Hide instructions for installation in Gaia Clish - using CPUSE (Check Point Update Service Engine)

    For detailed installation instructions, refer to CPUSE - Gaia Software Updates (including Gaia Software Updates Agent) - section "(4) How to work with CPUSE".

    • Offline installation

      Note: Either get the offline package from Check Point Support, or export the package from a source Gaia machine, on which this package was already downloaded / installed (for package export instructions, refer to sk92449 - section "(4-D) "How to ..."").

      1. Install the latest build of CPUSE Agent from sk92449.
      2. Connect to command line on target Gaia OS.
      3. Log in to Clish.
      4. Acquire the lock over Gaia configuration database:
        HostName:0> lock database override
      5. Import the package from the hard disk:
        HostName:0> installer import local <Full_Path>/<Package_File_Name>.TGZ_or_TAR
      6. Show the imported packages:
        Note: Refer to the top section "Hotfixes" - refer to "Check Point R80.40 Jumbo hotfix T<number> for sk165456"
        HostName:0> show installer packages imported
      7. Verify that this R80 Jumbo Hotfix Accumulator package can be installed without conflicts:
        HostName:0> installer verify <Package_Number>
      8. Install the imported package:
        HostName:0> installer install <Package_Number>

 

Uninstall instructions

Important Note: This Jumbo Hotfix Accumulator removes all its packages during uninstall.

    Procedure:

     

      

    List of upcoming resolved issues

    The below issues are planned to be addressed in our future Jumbo Hotfix Takes. The list is not final and might be changed.

    ID Product Description
    PRJ-11387,
    PMTR-52087
    Security Management NEW: Significant performance improvement for policy installation time when many groups are defined on the Management Server.
    PRJ-10901,
    PMTR-49801
    Security Management NEW: Set values for environment variables on the Management Server that will remain there after a Management Server upgrade, as well as Backup/Restore and Export/Import of the Management Server. Refer to sk165938.
    PRJ-12066,
    PRHF-10327
    Multi-Domain Management The FWM process of domains might not stop after the user runs mdsstop or mdsstop_customer.
    PRJ-10567,
    PMTR-51246
    SmartConsole NEW: SmartConsole default login timeout was increased.
    PRJ-11074,
    PMTR-51815
    SmartConsole NEW: Added ability to reset the following network object fields to be empty through the Management API: ipv4-address, ipv6-address, subnet4, subnet6, mask-length4, and mask-length6.
    PRJ-11906, 
    PRHF-10275
    SmartConsole In rare scenarios, certain domain level objects might not be visible in SmartConsole at the MDS level. 
    PRJ-9121,
    PRJ-8907
    Security Gateway Connections might be dropped when "keep all connections" is configured during policy installation.
    PRJ-9317,
    PRHF-8166
    Logging Logging view might show results from the wrong day if the server Time Zone is configured to use half/quarter hour deviations from standard time.
    PRJ-8923,
    PRHF-8148
    Logging When the user searches logs in the "Logs and Monitor" tab in SmartConsole and applies a filter using the "?" wildcard, incorrect logs might be returned. 
    PRJ-10357,
    PMTR-46596
    Logging Log_indexer might stop working on a SmartEvent server with a large number of CPUs (32 and up), and\or when the total number of log servers declared in correlation units is above 30.
    PRJ-8481,
    PRHF-7592
    Logging "Problem has occurred during search < External Log server > Disconnected" error might appear in "Logs & Monitor" tab after creating dummy object for NAT.
    PRJ-12019,
    PRHF-10097
    SecureXL In some scenarios, ACK, FIN, and RST TCP packets are dropped, causing outages when SecureXL is enabled. 
    PRJ-12222,
    ROUT-856
    Routing In some scenarios, routed process stops working when adding an interface to OSPFv3 with a prefix length above 63 and having two or more areas.
    PRJ-10309,
    GAIA-6136
    Gaia OS Incorrect status might be displayed in Clish for pulled PSU.
    PRJ-10273,
    PMTR-50151
    VPN NEW: 3DES is disabled by default for HTTPS Inspection, Mobile Access Portal, Identity Awareness Portal, ICA Portal, SmartManagement Portal, SecurePlatform WebUI, Mobile Access curl and Gaia Embedded.
    Note: Disabling 3DES will fail 3rd party OPSEC SDK 6.0 clients connectivity. To enable it, refer to sk113114.
    PRJ-11644,
    VPNRA-353
    VPN Added Stability improvement for Remote Access VPN.
    PRJ-11711,
    PRHF-10028
    Endpoint Security In SmartEndpoint, Anti-Malware's "Top Infections" report has an empty infection name. Refer to sk166232

     

     

    Revision History

    Show / Hide revision history

    Date Description
    26 May 2020 Released the List of upcoming resolved issues
    25 May 2020 Take 48 of R80.40 Jumbo Hotfix Accumulator is now in General Availability
    21 May 2020 Released Take 48 of R80.40 Jumbo Hotfix Accumulator
    10 May 2020
    • Released Take 45 of R80.40 Jumbo Hotfix Accumulator
    • SmartConsole package has been updated to Build 396
    26 Apr 2020
    • Released Take 38 of R80.40 Jumbo Hotfix Accumulator
    • SmartConsole package has been updated to Build 40
    16 Mar 2020 First release of R80.40 Jumbo Hotfix Accumulator - Take 25

    Give us Feedback
    Please rate this document
    [1=Worst,5=Best]
    Comment