Hot!FortiOS 5.6.9 is out!

Author
Hosemacht
Bronze Member
  • Total Posts : 45
  • Scores: 1
  • Reward points: 0
  • Joined: 2017/04/18 04:06:13
  • Location: Regau, Austria
  • Status: offline
2019/05/14 23:36:16 (permalink)
0

FortiOS 5.6.9 is out!

with only one weird bugfix in the release notes:
 
529745 FortiOS 5.4.11
is no longer vulnerable to the following CVEReference: l CVE-2018-1338
 
https://docs.fortinet.com.../fortios-release-notes
#1

10 Replies Related Threads

    ddskier
    Gold Member
    • Total Posts : 394
    • Scores: 16
    • Reward points: 0
    • Joined: 2007/04/10 08:18:06
    • Location: Chicago, IL
    • Status: offline
    Re: FortiOS 5.6.9 is out! 2019/05/15 07:27:05 (permalink)
    0
    I don't get this release.  Only bug fix is:
     
    529745 FortiOS 5.4.11 is no longer vulnerable to the following CVE Reference:  CVE-2018-13382
     
    Not sure how a 5.4.11 fix applies going from 5.6.8 to 5.6.9.
     

    -DDSkier

    FCNSA, FCNSP
    FortiGate 400D, (2) 200D, (12) 100D, (2) 60D
    #2
    dedmonds_FTNT
    Bronze Member
    • Total Posts : 24
    • Scores: 0
    • Reward points: 0
    • Joined: 2004/08/26 10:01:41
    • Status: offline
    Re: FortiOS 5.6.9 is out! 2019/05/15 10:06:57 (permalink)
    0
    The 5.4.11 reference is a typo.  It should read 5.6.9.  You have an outdated copy of the release notes.  Download the document again.
    #3
    FlavioB
    Gold Member
    • Total Posts : 150
    • Scores: 0
    • Reward points: 0
    • Joined: 2011/10/03 23:11:15
    • Location: Switzerland
    • Status: offline
    Re: FortiOS 5.6.9 is out! 2019/05/18 09:00:22 (permalink)
    0
    OK but anyway: where to find exact description/information about that CVE? I'm not finding any...
    F.
    #4
    Hosemacht
    Bronze Member
    • Total Posts : 45
    • Scores: 1
    • Reward points: 0
    • Joined: 2017/04/18 04:06:13
    • Location: Regau, Austria
    • Status: offline
    Re: FortiOS 5.6.9 is out! 2019/05/20 22:57:39 (permalink)
    0
    indeed there is no CVE Record for: CVE-2018-1338
    maybe another typo?
    #5
    FlavioB
    Gold Member
    • Total Posts : 150
    • Scores: 0
    • Reward points: 0
    • Joined: 2011/10/03 23:11:15
    • Location: Switzerland
    • Status: offline
    Re: FortiOS 5.6.9 is out! 2019/05/21 02:17:43 (permalink)
    0
    the_giraffe_that_wasnt_president
    indeed there is no CVE Record for: CVE-2018-1338
    maybe another typo?


    No typo.
    It's simply been reported as "responsible disclosure".
     
    #6
    ddskier
    Gold Member
    • Total Posts : 394
    • Scores: 16
    • Reward points: 0
    • Joined: 2007/04/10 08:18:06
    • Location: Chicago, IL
    • Status: offline
    Re: FortiOS 5.6.9 is out! 2019/05/21 07:09:03 (permalink)
    0
    I applied this update on numerous 100D and 200D.  No issues.

    -DDSkier

    FCNSA, FCNSP
    FortiGate 400D, (2) 200D, (12) 100D, (2) 60D
    #7
    FlavioB
    Gold Member
    • Total Posts : 150
    • Scores: 0
    • Reward points: 0
    • Joined: 2011/10/03 23:11:15
    • Location: Switzerland
    • Status: offline
    Re: FortiOS 5.6.9 is out! 2019/05/21 23:08:37 (permalink)
    0
    ddskier
    I applied this update on numerous 100D and 200D.  No issues.


    Of course no issues - it's a fix for one CVE (if you want to know about the details, ask your Fortinet representative).
    F.
    #8
    wolfschen
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/09/11 00:12:45
    • Status: offline
    Re: FortiOS 5.6.9 is out! 2019/05/23 07:46:46 (permalink)
    0
    Hello,
    I am also interesting for Upgrade details and Release notes are for me primary source of knowledge about upgrade. When you look on any firmware upgrade cookbook released by Fortinet there is: make a backup and read the release notes. That why last time I am really dissapointed about 'quality' of release notes. On firmware 5.6.9 release notes was typo with 5.4.11 firmware version and NO informations about what is CVE-2018-13382.....
    Yesterday was 5.4.11 release with this same CVE-2018-13382..... and guess what? still no info about that CVE. I checked on the mitre.org and just info about reservation.... So i decided to chat with technican from Fortinet. I wasted 20 minutes on queue and I received following information:
    ########
    The vulnerability is about: SSL VPN user password modified.
    Currently, the CVE is reserved but not published. You should be able to find additional information with that on our PSIRT page https://fortiguard.com/psirt once the information has been published.
    ########
    I checked also PSIRT (https://fortiguard.com/psirt) and guess what? no info!
    then technican said: it is not been updated yet!
    So feel free to add more infos about that when you find out more details :)
     
    Cheers!
     
    #9
    FlavioB
    Gold Member
    • Total Posts : 150
    • Scores: 0
    • Reward points: 0
    • Joined: 2011/10/03 23:11:15
    • Location: Switzerland
    • Status: offline
    Re: FortiOS 5.6.9 is out! 2019/05/23 07:56:04 (permalink)
    0
    Hi.
    You got exactly the same information as I did - but I had only to write an email to my local Fortinet SE this time :-)
    Just wait and see...
    F.
    #10
    wolfschen
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/09/11 00:12:45
    • Status: offline
    Re: FortiOS 5.6.9 is out! 2019/05/23 07:56:24 (permalink)
    0
    BTW, Upgrade path tool for 5.4.11 is also not updated!! (Firmware was relesed 24h ago - just to be clear how support pages are up to date)
     
    #11
    Jump to:
    © 2019 APG vNext Commercial Version 5.5