End-of-Life (EoL)
PAN-OS 7.1.19 Addressed Issues
PAN-OS® 7.1.19 addressed issues
The following table lists the issues that are addressed
in the PAN-OS® 7.1.19 release. For new features, associated software
versions, known issues, and changes in default behavior, see PAN-OS 7.1 Release Information.
Before you upgrade or downgrade to this release, review the information in Upgrade to PAN-OS 7.1.
Starting with PAN-OS 7.1.5, all unresolved known issues
and any newly addressed issues in these release notes are identified
using new issue ID numbers that include a product-specific prefix.
Issues addressed in earlier releases and any associated known issue
descriptions continue to use their original issue ID.
Issue ID | Description |
---|---|
PAN-98564 | Fixed an issue on PA-3000 Series firewalls
where the mprelay process stopped responding when processing IPv6
neighbor discovery updates. |
PAN-98097 | Fixed an issue on PA-3000 Series, PA-3200 Series,
PA-5000 Series, PA-5200 Series, and PA-7000 Series firewalls where
Captive Portal was inaccessible for traffic on Secure HTTP (https)
websites when SSL decryption was enabled and users were behind a
proxy server. |
PAN-96431 | A security-related fix was made to prevent
HTTP Header Injection in the Captive Portal. |
PAN-95698 | Fixed an issue where the firewall revealed
part of a password in cleartext on the command-line interface (CLI)
and management server (mgmtsrvr) log when an administrator attempted
to set a password that exceeded the maximum number of characters
(31) using the CLI. With this fix, the firewall reports an error
when an administrator attempts to set a password that contains more
than 31 characters without revealing any part of the actual password. |
PAN-95339 | Fixed an issue where a firewall sent packets
out of order when the sending rate was too high. |
PAN-94450 | Fixed an issue where QSFP+ interfaces (13 and
14) on a PA-7000-20GQ-NPC Network Processing Card (NPC) unexpectedly flapped
when the card was booting up. |
PAN-94023 | Fixed an issue where the request system external-list
show type ip name <EDL_name> CLI command did not display external
dynamic list entries after you restarted the management server (mgmtsrvr)
process. |
PAN-93937 | Fixed an issue where the management server
(mgmtsrvr) process on the firewall restarted when you pushed configurations
from the Panorama management server. |
PAN-93331 | Fixed an issue where the firewall applied the
wrong checksum when a re-transmitted packet in a NAT session had
different TCP flags, which caused the recipient to drop those packets. |
PAN-92569 | Fixed an issue where the firewall displayed
a continue-and-override response page when users tried to access
a URL that the firewall incorrectly categorized as unknown because
it learned the URL field as an IP address. |
PAN-87855 | Fixed an issue where some ICMP Type 4 traffic
was not blocked as expected after you created a deny Security policy
rule with custom App-ID for ICMP Type 4 traffic. |
PAN-87166 | Fixed a rare issue on PA-7000 Series firewalls
where 20GQ NPC QSFP+ ports didn't link up (during online insertion
and removal (OIR), link-state change, or boot up events) and became
unrecoverable until the NPC was restarted. |
PAN-84836 | A security-related fix was made to address
a Cross-Site Scripting (XSS) vulnerability in the PAN-OS response
to a GlobalProtect gateway (CVE-2018-10139). |
PAN-80794 | A protocol-related fix was made to address
a bug in the OSPF protocol. |
PAN-80665 | Fixed an issue in a bi-directional User-ID
redistribution configuration where the User-ID (useridd) process
stopped responding when same IP address was continually associated
with different usernames, which caused the IP address-to-username
mapping to continually sync between firewalls. |
PAN-76441 | Fixed an issue where expiration of the Captive
Portal browser-session cookie was set incorrectly on the browser
to 24 hours by default. With this fix, the Captive Portal browser-session
cookie expires when the browser session is terminated. |
PAN-69901 | Fixed an issue where the hyphen (-) character
was not supported in a DNS proxy domain name (Network > DNS Proxy
> <dns-proxy-name> > DNS Proxy Rules > <rule-name> > Domain
Name). |
Most Popular
Recommended For You
Recommended Videos
Recommended videos not found.