PAN-OS® Release Notes
    : PAN-OS 8.1.18 Addressed Issues
    Focus
    Download PDF
    Focus
    1. Home
    2. PAN-OS
    3. PAN-OS® Release Notes
    4. PAN-OS 8.1 Addressed Issues
    5. PAN-OS 8.1.18 Addressed Issues
    Download PDF

    PAN-OS® Release Notes

    PAN-OS 8.1.18 Addressed Issues

    Table of Contents

    PAN-OS 8.1.18 Addressed Issues

    PAN-OS® 8.1.18 addressed issues.
    Issue ID
    Description
    PAN-155453
    Fixed an issue in the configuration logs where the destination zone was masked by asterisks.
    PAN-153673
    Fixed an issue where traffic logs were not shown due to a thread timeout that was causing the reading of the logs from the dataplane to slow.
    PAN-153440
    Fixed an issue where firewalls repeatedly connected and disconnected to Cortex Data Lake due to a probing issue.
    PAN-153111
    Fixed an issue where packet buffer unavailability caused host-bound sessions to remain in an opening state in the dataplane.
    PAN-152743
    Fixed an issue where, when initial flows from both directions reached the firewall at the same time, a race condition occurred, which caused the firewall to display the following error message:
    Duplicate flows detected while inserting <number>, flow <number> with the same key
    . The flow keys were identical due to the flows having the same SRC and DST ports.
    PAN-152706
    Fixed an intermittent issue where Panorama did not retrieve firewall logs from Cortex Data Lake.
    PAN-152282
    Fixed an issue where platforms using AHO for content and application inspection run into dataplane process (all_pktproc) restarts.
    PAN-151483
    Fixed an issue where, when an out-of-order stream of TCP packets was subjected to HTTP header insertion, the packets were duplicated.
    PAN-151149
    Fixed an issue where certificates, custom logos, and Security Assertion Markup Language (SAML) metadata were unable to be uploaded from the web interface using a Chromium-based browser running version 84 or later.
    PAN-149377
    A fix was made to address a vulnerability regarding information exposure through log files in PAN-OS that made it possible for configuration secrets for HTTP, email, and SNMP trap v3 log forwarding server profiles to be logged to the logrcvr.log system log (CVE-2021-3032).
    PAN-148818
    Fixed an issue where the decryption profile was configured without the
    Block sessions with expired certificates
     option, but the firewall still blocked websites that were signed by an Expired AddTrust Root CA (certificate authority).
    PAN-147529
    Fixed an issue where
    ValidateAll
     jobs were incorrectly logged as
    CommitAll
     in the configuration log of the firewall.
    PAN-146236
    Fixed an issue where the firewall was unable to properly create stream control transmission protocol (SCTP) sessions for multi-homed environments when multiple endpoints on the same SCTP associations sent INIT/INIT-ACK chunks during handshakes.
    PAN-144410
    Debug logs were added to detect an out-of-memory (OOM) condition that caused the management server to restart.
    PAN-140669
    Fixed a memory leak issue caused by a process (mgmtsrvr).
    PAN-140492
    Fixed an issue on the firewall where, with SSL forward proxy feature enabled, random file downloads over a decrypted session would stall or hang in the middle.
    PAN-139007
    Fixed an issue where
    URL Filtering
     logs were misaligned when exported from the firewall due to the presence of a comma in the
    User-Agent
     field of the logs.
    PAN-137233
    Fixed an issue where authenticating to GlobalProtect via expired SAML requests (waiting more than 10 minutes) still sent authentication to the SAML server. This invalidated the previously connected gateway and connected users to the second best gateway.
    PAN-134981
    Fixed an issue with a memory leak in a process (user-id) due to failed LDAP over SSL (LDAPS) requests.
    PAN-134840
    Fixed an issue where pre-logon users failed authentication if the cookie was expired, instead of using certificate authentication.
    PAN-134663
    Fixed an issue where the running configuration on the firewall changed after an upgrade from a Panorama Virtual Appliance in a VMware NSX environment.
    PAN-134029
    Fixed an intermittent issue on the firewall where H.225 VOIP signaling packets dropped.
    PAN-132055
    Fixed an issue where a process (mgmtsrvr) was unresponsive when the number of active file descriptors was greater than 1024.
    PAN-129234
    Fixed an issue where syslog connection failures were frequently reported in system logs.
    PAN-126938
    Fixed an issue where multiple daemons restarted due to MP ARP overflow.
    PAN-124681
    A fix was made to address a vulnerability where Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5000 Series, PA-5200 Series, and PA-7000 Series firewalls were not cleared before the data frame was created (CVE-2021-3031).
    PAN-110720
    Fixed an issue where a high volume of traffic over SSL VPN caused a process (all_pktproc) to unexpectedly stop responding.

    Recommended For You

    © 2023 Palo Alto Networks, Inc. All rights reserved.