New Features

• No new features included in this version.

Improvements

• ESP log UI modified to correctly display date ranges; date range controls replaced with a list of log files including timestamps of the first and last logs.

Bug Fixes

• Fixed an issue where L7 request logging could become disabled and cause some Virtual Services to restart.
• Fixed a memory leak in the Web Application Firewall (WAF) when using the SecXmlExternalEntity directive in custom rules.
• Fixed an issue preventing the OWASP Core Rule Set (CRS) from updating to the latest version.
• Fixed an issue in the certificates UI where spurious text appeared in the Common Name (CN) field when the CN contained an asterisk (*).
• Fixed a potential buffer overflow and segmentation fault caused by carefully crafted SSH commands.
• Fixed an issue in High Availability that could cause a fatal exception error.
• Fixed an issue where ACME certificates could not be deleted if the certificate name contained a substring of another certificate name.
• Closed possible command injection vulnerabilities in the aclcontrol and modvs API commands.
• Fixed an issue where adding a certificate failed due to internal errors processing base64 data.
• Fixed an issue where creating a Virtual Service with a customer-created template disabled an unrelated Virtual Service.
• Fixed an internal error that could make the UI unresponsive after enabling and disabling Virtual Services in historical graphs.
• Fixed an issue where health checks did not recognize changes to the Outbound Cipher Set until a reboot; changes are now applied in the next health check cycle.
• Fixed an issue with large POST requests containing chunked data in WAF that caused request failures.
• Fixed an issue where valid tcpdump commands failed due to incorrect option parsing.
• Fixed an issue where SubVSs were incorrectly marked as unavailable in the clustering UI.
• Fixed an issue where carefully crafted requests with HTTP/2 enabled could lead to HTTP request smuggling.
• Fixed an issue where changes to Virtual Service settings via Checkcodes, Checkpattern, and Checkheaders in the Kubernetes Ingress Controller were not reflected.
• Fixed an issue where requests to a Virtual Service failed when NTLM-Proxy, KCD, and L7 request logging were enabled simultaneously.
• Fixed an issue where body modification content rules failed when HTTP/2 was enabled.
• Fixed internal issues that could cause system crashes when HTTP/2 was enabled.
• Fixed an issue where extended user logs were not generated for a SubVS with ESP and client-side "Delegate To Server" authentication enabled.

New Features

• Support for the latest hardware and software platforms to ensure broader compatibility.

Improvements

• Optimized handling of SSL/TLS connections for faster and more secure data transfers.
• Enhanced support for modern protocols to ensure interoperability with current technologies.

Bug Fixes

• Fixed crash causes under specific load conditions to improve reliability.
• Closed identified security vulnerabilities to protect against potential threats.
• Fixed display errors and improved usability in the administration interface.