(PA-450R and PA-450R-5G firewalls only) Fixed an issue where the maximum temperature threshold and shutdown threshold were not set correctly.

Fixed an issue where large IPv6 packets were reassembled incorrectly on the firewall when the packets arrived fragmented over an IPv4 tunnel.

Fixed an issue where configuring Secure Web Gateway (SWG) in no-auth mode led to latency when no decryption policy rules or No-decrypt policy rules were present.

Fixed the support limitation for the Panorama M-600 and M-700 appliances.

Fixed an issue where navigating Panorama > Monitor > Logs was slower than expected.

Fixed an issue where SMTP packets were not sent out when the Client Hello arrived at the firewall in multiple out-of-order segments and the traffic was not subject to SSL decryption.

(PA-450R-5G firewalls only) Fixed an issue where the firewall stopped responding and displayed the error message `Thermal temperature exceeds system threshold! Shutting down NOW` even when the firewall was within the threshold.

(PA-445 firewalls only) Fixed an issue where the firewall did not properly power cycle during a reboot.

Fixed an issue where the system MAC address of the aggregate interface was the same on the active firewall and the passive firewall after an upgrade.

Fixed an issue where a session lost the PBF rule mapping after a configuration change or commit.

Fixed an issue where the Panorama web interface was slower than expected and Elasticsearch CPU usage was high.

Fixed an issue where the firewall generated the following error message in the snmpd logs: pan_get_keystr_from_cryptod(pan_snmpinterface.c:181): Key X2F1dGhfa2V5 import from cryptod failed.

Fixed an issue where traffic logs did not display correctly when filters were applied.

Fixed an issue where 25G port links did not come up due to a change in the handling of 25G DAC modules.

Fixed an issue where log forwarding to a UDP syslog server stopped when an unreachable TCP syslog server was configured and applied.

Fixed an issue where the configd process stopped responding during a commit-all validation when there were uncommitted changes and share-unused-objects-with-devices was set to off.

Fixed an issue where the firewall might crash and reboot when DoH is enabled for DNS Security and multiple DoH transactions are sent in a single HTTP/1 connection.

Fixed an issue on Panorama where the configd process stopped responding when filtering in the configuration audit window after upgrading to PAN-OS 11.1.3.

A fix was made to address CVE-2025-0116.

Fixed an issue where indices were not opened after a query.

Fixed an issue where the all_pktproc process stopped responding, which caused internal path monitor failures.

Fixed an issue where the scheduled report generation script did not return debug information.

Fixed an issue where the wifclient stopped responding during server certificate verification for MICA gRPC connections and caused the dataplane to restart when using a cloud-based ML detection engine (MICA). On certain platforms, this caused the firewall to reboot periodically.

Fixed an issue where the varrcvr process stopped responding.

Fixed an issue where the firewall was unable to generate a TSF file due to a full root partition.

Fixed an issue where Panorama was unable to return logs for queries that were longer than 64,000 characters.

Fixed an issue where a kernel race condition caused the firewall to reboot with a kernel panic.

(PA-5440 and PA-5445 firewalls only) Fixed an issue where interrupts were generated at a certain packet rate, and dataplane processes missed heartbeats, which caused the dataplane to go down.

Fixed an issue where the firewall was unable to decompress the HTTP2 header, which caused the session to be classified as unknown-tcp instead of web-browsing.

(VM-Series firewalls in Microsoft Azure environments only) Fixed an issue where the firewall displayed 0 for the physical port counters read from MAC.

Fixed an issue on the firewall where DPDK allocated twice the amount of memory as requested for pre-allocation.

Fixed an issue where policy rule configurations pushed from Panorama were not reflected on the firewall if the rule had 63 characters.

Fixed an issue where the firewall might reboot unexpectedly due to the varrcvr process progressively using more memory when WildFire file forwarding is handling PE files.

Fixed an issue on Panorama where the Task Manager took longer than expected to display managed firewall report tasks.

(Firewalls in active/passive HA configurations only) Fixed an issue where firewalls entered a non-functional state and displayed the error message Dataplane down: path monitor failure during the fail-over.

(PA-7050 firewalls only) Fixed an issue where the Network Processing Card (NPC), Data Processing Card (DPC), and Log forwarding Card (LFC) remained in a starting state after an unexpected power cycle.