PAN-OS 8.1.0 Addressed Issues
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
-
- Cloud Management of NGFWs
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0 (EoL)
- PAN-OS 11.1 & Later
- PAN-OS 9.1 (EoL)
-
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0 (EoL)
- PAN-OS 11.1 & Later
-
-
- Cloud Management and AIOps for NGFW
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0 (EoL)
- PAN-OS 11.1
- PAN-OS 11.2
- PAN-OS 8.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 9.1 (EoL)
End-of-Life (EoL)
PAN-OS 8.1.0 Addressed Issues
PAN-OS® 8.1.0 addressed issues
Issue ID | Description |
---|---|
PAN-92893 | Fixed an issue that occurred during the
reboot process and caused some firewalls to go in to maintenance
mode. |
PAN-92268 | (PA-7000 Series, PA-5200 Series, and
PA-3200 Series firewalls only) Fixed an issue where one or
more dataplanes did not pass traffic when you ran several operational
commands (from any firewall user interface or from the Panorama™
management server) while committing changes to device or network
settings or while installing a content update. |
PAN-91774 | Fixed an issue on Panorama virtual appliances
for AWS in a high availability (HA) configuration where the primary
peer did not synchronize template changes to the secondary peer. |
PAN-91429 | Fixed an issue where PA-5200 Series firewalls
rebooted when you ran the set ssh service-restart mgmt CLI command
multiple times. |
PAN-91361 | Fixed an issue where client connections
initiated with HTTP/2 failed during SSL Inbound Inspection decryption
because the firewall removed the Application-Layer Protocol Negotiation
(ALPN) extension within the server hello packet instead of forwarding
the extension to the client. |
PAN-91236 | Fixed an issue where the Panorama management
server did not display new logs collected on M-Series Log Collectors
because the logging search engine did not register during system
startup when logging disk checks and RAID mounting took longer than
two hours to complete. |
PAN-90954 | A security-related fix was made to prevent
a local privilege escalation vulnerability that could potentially
result in the deletion of files (CVE-2018-9242). |
PAN-90842 | Fixed an issue where commits failed after
you changed the default Size Limit to a custom
value for MacOSX files that the firewall forwarded to WildFire® (DeviceSetupWildFire). |
PAN-90835 | A security-related fix was made to prevent
a Cross-Site Scripting (XSS) attack through the PAN-OS® session
browser (CVE-2018-7636). |
PAN-90521 | Fixed an issue on the Panorama management
server where Device Group and Template administrators could not
display or edit the DeviceLog Settings in a template. |
PAN-90168 | Fixed an issue where, after you downgraded
a firewall from PAN-OS 8.1 to a previous PAN-OS release and then
clicked Revert Content on the Panorama management
server (PanoramaDevice
DeploymentDynamic Updates)
the Current Version column displayed the content release version
of the firewall when it ran PAN-OS 8.1 regardless of the content
version currently installed on the firewall. |
PAN-89471 | Fixed an issue where firewalls rebooted
because the userid process restarted too often due
to a socket binding failure that caused a memory leak. |
PAN-89030 | Fixed an issue where the firewall could
not authenticate to a hardware security module (HSM) partition when
the partition password contained special characters. |
PAN-88292 | Fixed an issue on Panorama management servers
in an HA configuration where the Log Collector that ran locally
on the passive peer did not forward logs to syslog servers. |
PAN-88200 | Fixed an issue where firewalls with multiple
virtual systems did not import external dynamic lists that you assigned
to policy rules. |
PAN-88018 | Fixed an issue on Panorama M-Series and
virtual appliances where the firewall was not able to override the
local device configuration and failed to apply Dynamic Updates with
an interval set to none. |
PAN-86873 | Fixed an issue where the firewall advertised
the OSPF not-so-stubby area (NSSA) link-state advertisement (LSA)
type 7 default route to NSSA neighbors even when the OSPF backbone
area was down. |
PAN-85410 | Fixed two issues on a firewall configured
for GlobalProtect™ Clientless VPN:
|
PAN-84836 | A security-related fix was made to address
a Cross-Site Scripting (XSS) vulnerability in the PAN-OS response
to a GlobalProtect gateway (CVE-2018-10139). |
PAN-84045 | Fixed an issue where VM-Series firewalls
in a high availability (HA) configuration with Data Plane Development
Kit (DPDK) enabled experienced HA path monitoring failures and (in
active/passive deployments) HA failover. |
PAN-83900 | Fixed an issue where the Panorama management
server did not run ACC reports or custom
reports because the reportd process stopped responding
when an administrator tried to access a device group to which that
administrator did not have access. |
PAN-82942 | Fixed an issue where the firewall rebooted
because the User-ID™ process (useridd) restarted several
times when endpoints, while requesting services that could not process
HTTP 302 responses (such as Microsoft update services), authenticated
to Captive Portal through NT LAN Manager (NTLM) and immediately disconnected. |
PAN-81417 | Fixed an issue on the Panorama management
server where, after an administrator selected Force Template Values when
editing Push Scope selections (CommitPush to Devices), the setting
persisted as enabled for that administrator in all subsequent push
operations instead of defaulting to disabled. With this fix, Force
Template Values is disabled by default for every push
operation until, and only if, the administrator manually enables
the setting. |
PAN-80794 | A protocol-related fix was made to address
a bug in the OSPF protocol. |
PAN-80569 | Fixed an issue where firewalls could not
connect to M-500 or M-600 appliances in PAN-DB mode due to certificate
validation failures. With this fix, the appliances add an IP address
to the Subject Alternative Name (SAN) field when generating the
certificates used for firewall connections. |
PAN-80505 | Fixed an issue where a firewall was able
connect to Panorama using an expired certificate. |
PAN-75775 | Fixed an issue where SNMP managers indicated
syntax errors in PAN-OS MIBs, such as forward slash (/) characters
not used within quotation marks (“”). You can find the updated MIBs
at https://docs.paloaltonetworks.com/resources/snmp-mib-files. |
PAN-73316 | Fixed an issue where a GlobalProtect user
first logged in with a RADIUS authentication profile, the Domain-UserName
appeared as user@domain (instead of domain\user) in the PAN-OS web
interface. |
PAN-73154 | Fixed an issue on the Panorama management
server where commit operations stopped progressing after reaching
99 per cent completion. |