PAN-OS 10.2.10-h12 Addressed Issues
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
-
- PAN-OS 11.1 & Later
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- Cloud Management of NGFWs
-
- PAN-OS 11.1 & Later
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
-
-
- PAN-OS 11.2
- PAN-OS 11.1
- PAN-OS 11.0 (EoL)
- PAN-OS 10.2
- PAN-OS 10.1
- PAN-OS 10.0 (EoL)
- PAN-OS 9.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 8.1 (EoL)
- Cloud Management and AIOps for NGFW
PAN-OS 10.2.10-h12 Addressed Issues
Addressed issues for the PAN-OS 10.2.10-h12 general available hotfix
release.
|
Issue ID
|
Description
|
|---|---|
|
PAN-273215
|
Fixed an issue where a syntax error in the index generation script
caused a high management plane CPU load after upgrading
|
|
PAN-271774
|
Fixed an issue where the firewall logs displayed the reason for data
filtering action as FW Skipped: XXXX.
|
|
PAN-268823
|
Fixed an issue where Monitor > Log Display did
not display all logs when you applied a filter.
|
|
PAN-268727
|
Fixed an issue where traffic was dropped when the accumulation proxy
was enabled and header insertion modified packets.
|
|
PAN-268314
|
Fixed an issue where new files were not sent to WildFire. With this
fix, the WildFire reserved drive space has been increased for
greater session caching capability.
|
|
PAN-268002
|
Fixed an issue where URL filtering response pages were not displayed
for sites that were blocked as a result of SSL/TLS handshake
inspection.
|
|
PAN-267704
|
Fixed an issue where the firewall did not send an ICMP error packet
to Envoy when the MSS was exceeded.
|
|
PAN-265111
|
Fixed an issue where fragmented SSL hello packets were reordered when
going out of the SC/ZTT towards the datacenter.
|
|
PAN-264249
|
Fixed an issue on the firewall where SNMP queries timed out when
using SNMP.
|
|
PAN-263973
|
Fixed an issue where log collectors had a low incoming log rate.
|
|
PAN-263287
|
The PAN-COMMON-MIB.my file was updated to support new object
identifiers (OID) to poll interface use via SNMP with table
identifiers.
|
|
PAN-262383
|
Fixed an issue where the firewall was unable to decompress the HTTP2
header, which caused the session to be classified as unknown-tcp
instead of web-browsing.
|
|
PAN-261673
|
(VM-Series firewalls on Microsoft Azure environments only)
Fixed an issue where, when Accelerated Networking was enabled,
traffic was dropped because of the
flow_parse_ip_hdr counter related
to an Nvidia driver issue.
|
|
PAN-259910
|
Fixed an issue where the firewall reported the same value over
consecutive SNMP polls when asynchronous mode was enabled.
|
|
PAN-259351
|
A fix was made to address CVE-2024-3393.
|
|
PAN-258166
|
(PA-220 firewalls only) Fixed an issue where the root
partition frequently reached 100%.
|
|
PAN-257601
|
(PA-5450 firewalls only) Fixed an issue where Networking
Cards (NC) experienced an internal link fault which caused path
monitoring failure on the Dataplane Processing Card (DPC).
|
|
PAN-257515
|
Fixed an issue where Possible Domain Fronting Detection for HTTP/2
generated false positives. With this change, domain fronting is
limited to HTTP/1.
|
|
PAN-257327
|
(PA-5440 firewalls only) Fixed an issue where a failover
event occurred unexpectedly on the firewall.
|
|
PAN-255930
|
Fixed an issue where persistent DIPP NAT entries were deleted even
when being used during an active session.
|
|
PAN-253213
|
Fixed an issue where the firewall sent HIP notifications every time
it received a HIP report instead of every two hours.
|
|
PAN-248067
|
Fixed an issue where inter firewall tunnels between Mobile User
Gateway node and ZTNA tunnel terminators were down due to host
routes getting aged out while still in the routing table.
|
|
PAN-247857
|
(PA-7050 firewalls in HA configurations only) Fixed an issue
on the firewall where a dataplane process restarted when updating
the routing table.
|
|
PAN-246699
|
Fixed an issue on Panorama where Rule Usage
and Apps Seen under Security policy rules
stopped incrementing.
|
|
PAN-245428
|
Fixed an issue where FIB entries aged out and were incorrectly
removed after an HA failover event.
|
|
PAN-241126
|
Fixed an issue where the client IP address was incorrect in the
authentication logs for Captive Portal authentication events when
the client used IPv6.
|
|
PAN-240739
|
Fixed an issue where the ECMP FIB update on the dataplane did not
clear the pending change flag, which caused the next non-ECMP FIB
update to miss the latest generation ID and age out after 5
minutes.
|
|
PAN-239271
|
Fixed an issue where changing the firewall's DNS led to connectivity
to the hostname-configured User-ID agent.
|
|
PAN-236685
|
Fixed an issue where the Traffic log did not display the results of
an application filter.
|
|
PAN-233712
|
Fixed an issue where the firewall did not install a host route in the
FIB when the BGP peer was down, which caused traffic to be
dropped.
|
|
PAN-233581
|
Fixed an issue on firewalls in active/active HA configurations where
SYN+ACK packets of asymmetric TCP sessions were dropped because of a
session synchronization issue.
|
|
PAN-233195
|
Fixed an issue where logs continued to be ingested when the
vldmgr process was restarted.
|
|
PAN-229367
|
Fixed an issue where the firewall restarted when a route update
message was received while the firewall was processing traffic.
|
|
PAN-227543
|
Fixed an issue where the firewall did not match traffic to FQDN
objects if the FQDN object contained uppercase characters.
|
|
PAN-227503
|
Fixed an issue where the link status of the log interface was unable
to be obtained correctly using SNMP.
|
|
PAN-225213
|
Fixed an issue where Push All Changes
displayed changes that were already committed in the push scope for
another device group after performing a selective commit and
selective push to the first device group.
|