------------------------------------------------ Gauntlet Firewall 4.2 for Unix Patches Directory ------------------------------------------------ Download these patches by using FTP. To ensure the most reliable transfer be sure to configure your client to perform a binary download. The patches below consist of Bourne Shell scripts that will extract the appropriate binaries for your Operating System. The explicit instructions can be found at http://www.tis.com/support/patch42.html File Patch Level Comments -------------------------------------------------------------------------------- ahttp.patch Patchlevel 1 Fixes problems with graphics January 27, 1999 files being displayed. Patchlevel 2 Fixes problems while authen- March 31, 1999 ticating using one-time passwords. Fixes problem with password caching daemon. Patchlevel 3 Adds functionality for bind- August 10, 1999 address feature. authsrv.patch Patchlevel 1 Fixes random seed security May 21, 1999 problem. Patchlevel 2 NAS-IP address provided to April 13, 2000 Radius servers matches firewall cyber.patch Patchlevel 1 Included in the November 17, 1998 http.patch. Patchlevel 2 Fixes DOS vulnerability May 21, 2000 to HTTP proxy when CyberPatrol is enabled. MANDATORY PATCH esmp-gui n/a Script file needed to start the GUI on HP-UX or Solaris systems that do not have Gauntlet installed. Place script in /usr/local/etc. http.patch Patchlevel 1 Optimizes performance on December 10, 1998 all platforms. Patchlevel 2 Improves CyberPatrol blocking December 30, 1998 in http-gw. Patchlevel 3 Fixes message sent back to March 31, 1999 browser when hostname lookup fails. Patchlevel 4 Fixes cyberdaemon coring, May 18, 1999 memory leaks, and blocking of all sites when failure occurs. Patchlevel 5 Fixes overzealous CyberPatrol August 10, 1999 blocking problem. kernel.BSDI.patch Patchlevel 1 Addresses CERT CA-98.13. February 10, 1999 Refer to README for specific install instructions. Patchlevel 2 Fixes multiple problems with February 26, 1999 packet screening rules. See README in patch for more information. kernel.HPUX.patch Patchlevel 1 Fixes multiple problems with February 26, 1999 packet screening rules. See README in patch for more information. kernel.SOLARIS.patch Patchlevel 1 Fixes problems with panics on February 22, 1999 systems with VPNS under mod- erate load. Patchlevel 2 Fixes multiple problems with February 26, 1999 packet screening rules. See README in patch for more information. Patchlevel 3 Stops aliased interfaces from June 21, 1999 "round-robining". Corrects coring issue on enterprise class systems (E450). Patchlevel 4/5 Corrects race condition Not Released between two kernel threads which can cause coring. Patchlevel 6 Fixes corrupted packets Not Released coming up from Solaris Ether- net driver. Patchlevel 7 Fixes problem with logging November 19, 1999 securityalerts on unserved ports accessed transparently. Patchlevel 8 Resolves potental panic December 14, 1999 reported in Sun bugid 4178455 (recursive mutex_enter panic in TCP Streams device driver). Patchlevel 9 Prevents panic during SYN January 11, 2000 flood attack. smap.patch Patchlevel 1 Enhances anti-relay features December 21, 1998 in smap. Patchlevel 2 Fixes problem with over- February 4, 1999 zealous MIME checking. Patchlevel 3 Solves duplicate mail message October 28, 1999 problem. Solves HP specific problem with usernames of 8-byte multiple lengths. Patchlevel 4 Fixes problem with checking January 11, 2000 for long MIME filenames. sql.patch Patchlevel 1 Provides support for Net8. December 21, 1999 Increases max relays to 2048. sql-gw timers work in GUI configuration. Enforces ASO. This patch is for Solaris ONLY. trans.patch Patchlevel 1 User restrictions now applied February 25, 1999 properly through GUI.