New Release: RELIANOID ADC Load Balancer Enterprise Edition 6.2.32

6 February, 2024 | Announces

We are excited to introduce RELIANOID 6.2.32 Load Balancer (Enterprise Edition) on the February 5th, 2024, showcasing a series of improvements and critical bug fixes to fortify system security and enhance overall performance.

Changelog

Improvements:
[system] Enhanced SNMP support
[system] Snmp traps support for notifications
[system] Product specific RELIANOID MIB file
[system] SSH service hardening
[system] web gui service hardening
[ipds] update RBL lists

Bugfixes:
[api] Fixed wrong data types on backends
[core] Fixed some general core review warnings
[system] Fixed factory reset default certificates deletion
[system] Avoid replication of local web gui https certificates
[system] security advisories fixed: CVE-2021-39537, CVE-2023-43804, CVE-2023-29491, CVE-2019-11324, CVE-2023-34058, CVE-2023-34059, CVE-2020-26137, CVE-2018-25091, CVE-2019-11236, CVE-2023-45803, CVE-2023-41913, CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-5981, DLA-3639-1, DLA-3667-1, CVE-2023-51385, CVE-2021-41617, CVE-2023-46218, CVE-2023-48795, CVE-2023-28322, CVE-2024-22195, CVE-2023-22084, CVE-2023-7090, CVE-2023-3341, CVE-2023-28486, CVE-2023-28487

Release notes

In response to user feedback and evolving security landscapes, we’ve bolstered several key aspects of RELIANOID. Enhanced SNMP support, SNMP traps for product specific notifications, and a product-specific RELIANOID MIB file elevate network monitoring capabilities. Notably, we’ve hardened both the SSH service and web GUI, implementing robust measures to thwart potential vulnerabilities. Additionally, the Intrusion Prevention and Detection System (IPDS) benefits from an update to Real-time Blackhole Lists (RBL) for more effective threat identification.

Acknowledging the importance of a seamless user experience, this release addresses various bugs and security vulnerabilities. Some bug fixes include resolving data type inconsistencies in API backends and rectifying issues identified during a core review. Of paramount importance is the resolution of security advisories, encompassing a wide range of vulnerabilities, such as improper cookie handling, SAML token signature bypass, file descriptor hijacking, and more.

In regards to the CVEs resolved, several critical security vulnerabilities have been addressed in the latest update, including CVE-2023-43804, which affected urllib3, a user-friendly HTTP client library for Python. The issue stemmed from urllib3 not treating the Cookie HTTP header as special, potentially leading to information leakage via HTTP redirects to different origins. The problem has been resolved in urllib3 versions 1.26.17 and 2.0.5 by ensuring proper handling of the Cookie header during redirects.

Another significant fix is CVE-2019-11324, related to urllib3 mishandling certain cases where the desired set of CA certificates differs from the OS store. This flaw allowed SSL connections to succeed in situations where a verification failure was the correct outcome. The update rectifies this issue by addressing ssl_context, ca_certs, or ca_certs_dir arguments, enhancing the library’s adherence to proper certificate verification processes.

Additionally, CVE-2020-26137, impacting urllib3 before version 1.25.9, allowed for CRLF injection if an attacker controlled the HTTP request method. By inserting CR and LF control characters in the first argument of putrequest(), an attacker could manipulate the request. The fix mitigates this vulnerability, ensuring that HTTP request methods are handled securely in the updated versions of urllib3. Users are strongly encouraged to update to the latest versions of the library to benefit from these crucial security enhancements.

Conclusion

RELIANOID 6.2.32 represents a commitment to delivering a secure and reliable platform. Users are encouraged to upgrade to this latest version to benefit from improved features and robust security measures. We appreciate your ongoing support and feedback as we continue to enhance the RELIANOID experience.

Latest updates available from the official Support channels or contact us for more information.

Links

Download Latest Enterprise Edition
Administration Guide v6.2
SNMP traps enhanced support for load balancer notifications

Enjoy the Site Reliability Experience!

SHARE ON:

Related Blogs

Posted by reluser | 15 November 2024
If your business or project relies on Debian through AWS Marketplace, take note! AWS recently announced the retirement of Debian 10 “Buster” from its Marketplace offerings, effective as of November…
Posted by reluser | 13 November 2024
We are thrilled to announce the release of RELIANOID 7.5.0 (Community Edition), bringing vital new features, enhancements, and essential bug fixes to further elevate the user experience and security capabilities…
Posted by reluser | 27 August 2024
We are excited to announce the release of RELIANOID 7.4.0 (Community Edition), bringing several significant enhancements, critical bug fixes, and new features to improve the overall user experience. Changelog New…