PAN-OS 8.0.18 Addressed Issues

PAN-OS® 8.0.18 addressed issues
Issue ID
Description
WF500-5023
Fixed an issue on WF-500 appliances where the cluster service took longer than expected to start due to a large number of queued sample data.
WF500-5022
Fixed an issue where a non-functioning CLI command was removed from WF-500 appliances.
WF500-4785
Fixed a rare issue on WF-500 appliances where the firewall did not respond after you upgraded the appliance from a PAN-OS 8.0.1 release to a PAN-OS 8.0.10 or later release. With this fix, you can run the new debug software raidfixup auto CLI command to recover the RAID controller.
PAN-116851
Fixed an issue where users were unable to open an app in their browser after they logged in to GlobalProtect™ Clientless VPN until they closed any and all tabs associated with that app and then opened the app a second time. This issue occurred only when an administrator configured a Source User for the Clientless VPN Security policy rule (PoliciesSecurity<GP-VPN-Security-policy-rule>User).
PAN-113775
Fixed an issue where the firewall dropped UpdatePDPContext response packets and displayed the following GTP log event: 122113.
PAN-113631
A security-related fix was made to address a use-after-free (UAF) vulnerability in the Linux kernel (PAN-SA-2019-0017 / CVE-2019-8912).
PAN-112319
Fixed an issue where a race condition caused a process (mgmtsrvr) to restart with an error message: Connectingto management server failed.
PAN-111084
Fixed an issue where an out-of-memory condition caused all IPSec tunnels (which includes IKEv1, IKEv2, and NAT-T) to stop responding.
PAN-110390
Fixed an issue on PA-7000 Series firewalls where invalid filters caused the device management server to stop responding when you generated a database (DB) report from a remote firewall.
PAN-110168
Fixed an issue where the firewall and Panorama™ web interface did not present HSTS headers to your web browser.
PAN-109663
Fixed an intermittent issue where the firewall dropped packets when the policy rule was set to allow but denied the packets during a commit or high availability (HA) sync.
PAN-109551
Fixed an issue where group-based policy match stopped responding after User-ID™ restarted.
PAN-109124
A security-related fix was made to address an issue where you were unable to retrieve GlobalProtect cloud service threat packet captures from the Logging Service on Panorama M-Series and virtual appliances.
PAN-108165
Fixed an intermittent issue on a Panorama virtual appliance where you were unable to generate a tech support file (PanoramaSupportGenerate Tech Support File).
PAN-107708
Fixed an issue on a firewall where custom reports did not generate during intermittent times and were not sent to your email address.
PAN-106019
Fixed an issue where a process (routed) stopped responding when an incomplete command ran in the XML API.
PAN-104515
Fixed an issue where the Panorama web interface took longer than expected to update Managed Collectors (PanoramaManaged Collectors) status.
PAN-104264
Fixed an issue where the Panorama management server stopped responding when you upgraded from PAN-OS 8.0.9 to PAN-OS 8.1.3.
PAN-101955
Fixed an issue on an M-100 appliance in an HA configuration where administrators could not reestablish access to the appliance after a session ended unexpectedly.
PAN-101379
Fixed an issue where an invalid Captive Portal authentication policy was successfully pushed to managed firewalls, which caused autocommits to fail.
PAN-101289
Fixed an issue where simultaneous management access allowed only one user to log in at a time.
PAN-99016
A security-related fix was made to address the LazyFP state restore vulnerability (CVE-2018-3665 / PAN-SA-2019-0017).
PAN-97496
Fixed an issue on a firewall where the (show runningresource-monitor ingress-backlogs) CLI command displayed invalid session IDs.
PAN-90738
Fixed an issue where a process (configd) exceeded the virtual memory usage limit and caused the firewall to restart. With this fix, you can run the following commands to avoid this unexpected restart:
  • debug management-server system globalfinddisable-db-lookup – disables the default database lookup functionality.
  • debug management-server system appweb-thread-countenhance – increases appweb thread count to 200.
PAN-77977
Fixed an issue where a firewall configured with a regular expression data pattern (ObjectsCustom ObjectsData Patterns<profile-name>Pattern Type) did not match patterns, which caused a memory leak and the firewall to stop responding.
PAN-63296
Fixed an issue where commits failed when a Panorama appliance running a PAN-OS 8.0 release pushed a template to a firewall running a PAN-OS 7.1 release due to file size limits.

Related Documentation