End-of-Life (EoL)

PAN-OS 7.1.24 Addressed Issues

PAN-OS® 7.1.24 addressed issues
The following table lists the issues that are addressed in the PAN-OS® 7.1.24 release. For new features, associated software versions, known issues, and changes in default behavior, see PAN-OS 7.1 Release Information. Before you upgrade or downgrade to this release, review the information in Upgrade to PAN-OS 7.1.
Starting with PAN-OS 7.1.5, all unresolved known issues and any newly addressed issues in these release notes are identified using new issue ID numbers that include a product-specific prefix. Issues addressed in earlier releases and any associated known issue descriptions continue to use their original issue ID.
Issue ID
Description
PAN-119745
A security-related fix was made to address the Netflix Linux kernel TCP SACK vulnerability (PAN-SA-2019-0013 / CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, and CVE-2019-5599).
PAN-118869
A security-related fix was made to address an issue where the php-debug log incorrectly displayed non-sanitized data (PAN-SA-2019-0019 / CVE-2019-1575).
PAN-113631
A security-related fix was made to address a use-after-free (UAF) vulnerability in the Linux kernel (PAN-SA-2019-0017 / CVE-2019-8912).
PAN-112319
Fixed an issue where a race condition caused a process (
mgmtsrvr
) to restart with an error message:
Connecting to managementserver failed
.
PAN-111857
Fixed an intermittent issue where an IKE manager memory leak caused the firewall to stop responding.
PAN-109663
Fixed an intermittent issue where the firewall dropped packets when the policy rule was set to allow but denied the packets during a commit or high availability (HA) sync.
PAN-109124
A security-related fix was made to address an issue where you were unable to retrieve GlobalProtect™ cloud service threat packet captures from the Logging Service on Panorama M-Series and virtual appliances.
PAN-108165
Fixed memory issues on Palo Alto Networks hardware and virtual appliances that caused intermittent management plane instability.
PAN-107659
(
PA-5000 Series firewalls only
) Fixed an issue where extra byte (1 to 7) padding were appended to the initial SYN and UDP packets, which caused the server to stop responding.
PAN-107239
A security-related fix was made to address cleartext passwords and keys that were visible in the logs for XML API calls (PAN-SA-2019-0019 / CVE-2019-1575).
PAN-104163
Fixed an issue where the
show config audit base-version
command continuously increased the number of file descriptors and caused the management server to exit and restart.
PAN-101955
Fixed an issue on an M-100 appliance in an HA configuration where administrators could not reestablish access to the appliance after a session ended unexpectedly.
PAN-101289
Fixed an issue where simultaneous management access allowed only one user to log in at a time.
PAN-63296
Fixed an issue where commits failed when a Panorama appliance running a PAN-OS 8.0 release pushed a template to a firewall running a PAN-OS 7.1 release due to file size limits.

Recommended For You