Version 3.7.1 bug fixes
Support reference 68506
Firewalls with damaged SD cards (and therefore damaged log storage partitions) would restart in loop. This issue has been fixed.
Support references 58546 - 66338 - 66736 - 68741 - 69083 - 70153
The vulnerability management module no longer functioned on SN150, SN160(W), SN210(W) and SN310 firewall models and could cause the firewall to freeze. This issue has been fixed.
URL filtering - SMC
In configurations that use the URL filter database compiled by the Rectorat de Toulouse (Academy of Toulouse – refer to the article in the Stormshield knowledge base), and whenever the administrator was logged on to the firewall via an SMC server, the Add all predefined categories button (Security policy > URL filtering module) would return an HTTP error message. This anomaly has been fixed.
Captive portal - SSL VPN - Web administration interface
Support reference 70568
Receiving a non-compliant request could cause the authentication portal management mechanism, SSL VPN and the web administration interface to freeze. This issue has been fixed.
Support reference 70674
The absence of certain encryption suites in the implementation of the TLS 1.3 protocol would raise the "Draft version detected" (ssl:419) alarm, which blocks packets by default. This alarm would prevent connections to websites such as Gmail and Facebook.
The ssl:419 alarm has therefore been modified to detect versions of TLS that the intrusion prevention engine does not manage ("Unsupported version detected") and its default action has been switched to "Pass", except for "High" security inspection profiles.