PAN-OS 8.1.9-h4 Addressed Issues

PAN-OS® 8.1.9-h4 addressed issues
Issue ID
Description
PAN-123700
A security-related fix was made to prevent a memory corruption vulnerability in PAN-OS® software (PAN-SA-2019-0023 / CVE-2019-1582).
PAN-123603
A security-related fix was made to prevent a memory corruption vulnerability in PAN-OS software (PAN-SA-2019-0021 / CVE-2019-1580).
PAN-123564
Fixed CVE-2019-1581, see PAN-SA-2019-0022 for details.
PAN-123371
Fixed an issue where the
Wildfire Analysis Report
incorrectly displayed the following error message:
You are not authorized to access thispage on the web interface
.
PAN-120194
(
Virtual and M-Series Panorama appliances and Log Collectors only
) Fixed an issue where closed Elasticsearch (ES) indices were continuing to receive and re-queue logs, which resulted in high CPU usage.
PAN-118640
Fixed an issue where the GTP-U session did not match the correct policy, which caused the IMSI and IMEI not to display in the inner session traffic and threat logs.
PAN-117720
(
GlobalProtect™ Clientless VPN environments only
) Fixed an issue where a process (
all_pktproc
) stopped responding and caused the firewall to restart unexpectedly when processing GlobalProtect Clientless VPN traffic. To leverage this fix, you must first upgrade (
Devices
Dynamic Updates
) to GlobalProtect Clientless VPN content release 79 or a later release.
PAN-114642
Fixed an issue where firewall logs incorrectly included the end-user IP address in GTP message logs when you configured PAA IE with IPv4 and IPv6 dual stack in the Create Session Response message.
PAN-114275
Fixed an issue where the firewall dropped GTPv1
DELETE PDP
response packets that had a termination endpoint ID (TEID) value of 0.
PAN-105412
Fixed an issue where forward error correction (FEC) was disabled by default for AOC modules, which caused QSFP ports to flap or remain in the
DOWN
state. With this fix, FEC is enabled by default for AOC modules.
PAN-105091
Fixed an issue on a firewall where stateful inspection failed, which caused the firewall to drop GTPv2-C
Modify Bearer Request
packets.
PAN-99447
(
Virtual and M-Series Panorama appliances and Log Collectors only
) Fixed an issue where a Log Collector received logs destined for closed ES indices, which caused indices to return failure messages and, when the issue persisted for more than a few hours, caused Log Collectors to disconnect and reconnect repeatedly when attempting (and failing) to process the re-queued logs.
PAN-98005
Fixed an issue where adding more than eight Log Collectors to a collector group caused the configuration (
configd
) process to stop responding.

Recommended For You