Fixed an issue on firewalls in high availability
(HA) configurations where a process (brdagent) stopped
responding on a suspended active peer, which caused the suspended
firewall to continue sending traffic.
PAN-177551
A fix was made to address a vulnerability
that enabled an authenticated network-based administrator to upload
a specifically created configuration that disrupted system processes
and was able to execute arbitrary code with root privileges when
the configuration was committed (CVE-2022-0024).
PAN-176703
Fixed an issue that occurred after upgrading
to a PAN-OS 9.0 or later release where commits to the firewall configuration
failed with the following error message: statistics-service is invalid.
PAN-175716
Fixed an issue where sorting address groups
by name, address, or location did not work on a device group that
was part of a nested device group.
PAN-175211
Fixed a memory leak issue in the mgmtsrvr process.
PAN-174998
(M-200 and M-500 appliances only)
Fixed a capacity issue that was caused by high operational activity
and large configurations. This fix increases the virtual memory
limit on the configd process to 32GB.
PAN-174709
Fixed an out-of-memory (OOM) condition that
occurred due to multiple parallel jobs being created by the scheduled
log export feature.
PAN-170997
Fixed an issue where FQDN service routes
were not installed after a system reboot.
PAN-170952
Fixed an issue where the dataplane failed
due to path monitor failure.
PAN-163245
Fixed an issue where a commit-all or push
to the firewall from Panorama failed with the following error message: client routed requesting last config in the middle of a commit/validate. Aborting current commit/validate.
PAN-161940
Fixed an issue where the firewall did not
honor the peer RX interval timeout in a Bidirectional Forwarding
Detection (BFD) INIT state.
PAN-161297
Fixed an interoperability issue with other
vendors when IKEv2 used SHA2-based certificate authentication.
PAN-159936
Fixed an issue where BGP routing stopped
advertising a redistributed route when a similar new redistributed
route was configured.
PAN-155532
Fixed an issue where the mgmtsrv process restarted
due to a missing protective check around access to potentially NULL
pointers.
PAN-149911
Fixed an issue where URL filtering logs
for credential phishing displayed a slash character ( / ) in the
URL field.