Zorp GPL

The security middleware.

Release Notes 6.0.11

Improvements

Proxies

Fixes

Critical

  • Fixed the handling of SMTP optional extensions when the tls_passthrough attribute is enabled in the SMTP proxy. Earlier Zorp removed the STARTTLS extensions from the extension list if the tls_passthrough attribute was enabled, so the client could never initiate TLS connection.
  • In some cases, expired self-side certificates were treated as valid. This has been corrected.

Important

  • Fixed the free mechanism of Python object when DetectorService is used, which caused a crash while detecting the type of the network traffic.
  • Fixed access of Google services (search, calendar, …) with Google Chrome/chromium when TLS is terminated on the firewall TwoSidedEncryption. Now the mentioned services can be accessed without any problem.

Moderate

  • The zorpctl szig command, always returned -1 as thread ID. This has been corrected.

Low

  • Form-based authentication redirected the client to an invalid URL containing only https instead of the real URL to be redirected to. This has been corrected.
Newer >>