End-of-Life (EoL)
PAN-OS 9.0.0 Addressed Issues
PAN-OS® 9.0.0 addressed issues.
Issue ID | Description |
---|---|
WF500-4811 | Fixed an issue where WF-500 appliances displayed the
wrong WildFire® content version ( show system info )
after a WildFire content update. |
PAN-109668 | A security related fix was made to limit
the amount of information returned from an API call error message. |
PAN-109124 | A security-related fix was made to address
an issue where you were unable to retrieve GlobalProtect™ cloud service
threat packet captures from the Logging Service on Panorama™ M-Series
and virtual appliances. |
PAN-109096 | Fixed an issue where the firewall did not
remove the 4 Byte AS Format number when Remove
Private AS is enabled. |
PAN-109003 | Fixed an issue on Panorama M-Series and
virtual appliances where a process (configd) stopped
responding during a local commit. |
PAN-107887 | Fixed an issue where an API call did not
return the details of the security policy when you added a service group. |
PAN-107779 | Fixed an issue where Wildfire signature
version information was no longer displayed after you activated
a GlobalProtect client. |
PAN-107117 | Fixed an issue where device administrators
were unable to manually upload signature files ( Device Dynamic Updates Youneed superuser privileges to do that. |
PAN-106784 | Fixed an issue where the firewall revealed
password hashes in the web interface when changing administrator passwords. |
PAN-106721 | Fixed an intermittent issue where a processor
cache memory corruption caused a reload when the firewall freed packets
from the buffer. |
PAN-106695 | Fixed an issue on a firewall in a high availability
(HA) active/passive configuration where the Panorama management
server enabled the administrator to clone a rule on the passive
firewall. |
PAN-106331 | Fixed an issue with multiple or overlapping
custom URL categories where traffic matched the incorrect Security policy
rule when the custom URL category was used in a Security policy
rule with a URL filtering profile. |
PAN-106181 | Fixed an issue where the Cancel option
was removed to prevent access when you Require Password Change
on First Login (Device Setup Management |
PAN-106019 | Fixed an issue where a process (routed)
stopped responding when an incomplete command ran in the XML API. |
PAN-105849 | A security-related fix was made to address
an issue with the wf_curl.log file in
WF-500 appliances (WildFire). |
PAN-105737 | Fixed an issue where AUX ports remained
in Down state after you upgraded to PAN-OS ® 8.1.7. |
PAN-105684 | Fixed as issue on a firewall in an HA active/passive configuration
where OSPF and BGP running on an Aggregate Ethernet (AE) with LACP
enabled took longer than expected after a failover. |
PAN-105040 | Fixed an issue where the dataplane processor
caused memory loss in the packet buffer pool. |
PAN-104623 | Fixed an issue where a process (brdagent)
printed QoS information messages in the brdagent.log file, which
caused a missed heartbeat and the firewall to restart. |
PAN-104616 | Fixed an issue where certificate imports
failed when you used a backslash ( \ ) character
in a password to export certificates. |
PAN-104578 | ( PA-800 Series firewalls only )
Fixed an issue on a firewall in an HA active/passive configuration where
the HA failover took longer than expected. |
PAN-104572 | Fixed an issue on Panorama M-Series and
virtual appliances where the configd.log file displayed schema error
messages after you created an administrator role with context switch
UI permissions enabled. |
PAN-104354 | Fixed an issue on a firewall in an HA active/passive configuration
where the passive firewall ran a configuration out of sync after
a restart. |
PAN-104078 | Fixed an issue where administrators could
not successfully add conditional advertisements ( Network Virtual Routers <virtual-router> BGP Conditional Adv |
PAN-103863 | Fixed an issue where the IPSec tunnel restart ( Network IPSec Tunnels IKE Info |
PAN-103857 | Fixed an issue on a firewall in an HA active/passive configuration
where the suspended firewall processed traffic. |
PAN-103615 | Fixed an issue where scheduled log exports
failed on nonstandard ports. |
PAN-103192 | Fixed an issue on a firewall where the Global
Find for IPSec tunnels displayed incorrect search results. |
PAN-103061 | Fixed an issue where special characters
contained in the CLI comment field caused the process (devsrvr)
to stop responding. |
PAN-103055 | Fixed an issue where you were unable to
filter Address Groups ( Objects Address Groups |
PAN-102779 | Fixed an issue on a PA-3000 Series firewall
where multiple (all_pktproc) processes failed and caused
the dataplane to stop responding. |
PAN-102526 | Fixed an issue on Panorama M-Series and
virtual appliances where disk quota edits failed and displayed the following
error message: quota-settings -> disk-quota is invalid . |
PAN-102029 | Fixed an issue on a firewall where the DNS
resolution routed through the dataplane and configured with a service route,
stopped responding when the management interface was not configured. |
PAN-101821 | Fixed an issue where Referer was spelled
incorrectly in the HTTP Headers section of the Detailed Log View ( Monitor URL Filtering |
PAN-101451 | Fixed an issue where SNMP queries displayed incorrect
values. |
PAN-101391 | Fixed an issue where the scheduled nightly
custom report was not generated or emailed as expected. |
PAN-101365 | Fixed an intermittent issue where the session
ID did not clear when the session ID is set to 0. |
PAN-101294 | Fixed an issue where administrators were
allowed to create tunnel interfaces from the template stack. |
PAN-101068 | Fixed an issue where the object identifier
(OID) ifAdminStatus incorrectly displayed up when
configured to down . |
PAN-100656 | Fixed an issue Panorama M-Series and virtual appliances
where duplicate entries in BGP redistribution configurations were
not verified, which caused commits to fail. |
PAN-100464 | Fixed an issue where the sub-interfaces
and the configurations were deleted when you tried to override the subinterface
of a template stack. |
PAN-100154 | Fixed an issue where the default static
route always became the active route and took precedence over a
DHCP auto-created default route that was pointing to the same gateway
regardless of the metrics or order of installation. With this fix,
the firewall no longer installs the default static route in the
FIB when the system has both a DHCP auto-created default route and
a manually configured default static route pointing to the same
gateway. |
PAN-100049 | Fixed an issue on Panorama M-Series and
virtual appliances where Push Scope Selection ( Commit Push to Devices |
PAN-99945 | Fixed an issue on Panorama where the progress
bar in the web interface stopped responding and did not display any
status after sending a commit or activating an auth code even though
the task completed successfully. |
PAN-99640 | A security-related fix was made to address
a denial of service (DoS) vulnerability in PAN-OS Linux Kernel (CVE-2017-8890). |
PAN-99551 | Fixed an issue on a firewall in an HA active/passive configuration
where the User-ID™ process stopped responding on the passive firewall
when the system was managing a high number of (more than 30,000)
active users. |
PAN-99447 | " Virtual and M-Series Panorama appliances
and Log Collectors only ) Fixed an issue where a Log Collector
received logs destined for closed Elasticsearch (ES) indices, which
caused indices to return failure messages and, when the issue persisted
for more than a few hours, caused Log Collectors to disconnect and reconnect
repeatedly when attempting (and failing) to process the re-queued
logs. |
PAN-98130 | Fixed an intermittent issue where the firewall
allowed traffic based on an unmatched rule after a session rematch is
triggered. |
PAN-98005 | Fixed an issue where adding more than eight
Log Collectors to a collector group caused the configuration (configd)
process to stop responding. |
PAN-97848 | Fixed an issue where if you deployed Panorama
on KVM, it deployed in Legacy mode instead of Management Only mode
even when meeting the minimum resource requirements for Management
Only mode. |
PAN-97417 | Fixed an issue where the loopback IP address redistributed
to the Local RIB table instead of the Adj-RIBs-out table. |
PAN-96344 | Fixed an issue on a firewall where TCP reset
packets were sent even after you set the vulnerability profile action to
drop the packets. |
PAN-96297 | Fixed an issue where a process (useridd)
stopped responding due to the syslog server messages not parsing
with field identifiers. |
PAN-95445 This fix requires
the VMware NSX 2.0.4 or a later plugin. | Fixed an issue where VM-Series firewalls
for NSX and firewalls in an NSX notify group ( Panorama VMware NSX Notify Group |
PAN-94486 | Fixed an issue where the dataplane did not
get a dynamic IP address assigned because the process (routed)
did not release it. |
PAN-92725 | Fixed an issue on the firewall and Panorama management
server where the web interface became unresponsive because the (cord)
process restarted after you configured multiple log forwarding destinations
in a single forwarding rule for Correlation logs ( Device Log Settings |
PAN-92485 | Fixed an issue on Panorama M-Series and
virtual appliances where you were unable to set the MTU ( Network Interfaces Ethernet <Interface> Ethernet Interface Advanced Other Info |
PAN-91930 | Fixed an issue on Panorama M-Series and
virtual appliances where you were unable to type in tunnel zone names
in the Tunnel Source Zone ( Policies > Pre Rules > <rule-name> Inspection Security Options |
PAN-91499 | Fixed an issue on a firewall where an address
object FQDN resolution returned the IPv6 DNS record but did not return
all associated -- IPv4 and IPv6 -- DNS records. |
PAN-91442 | Fixed an issue where an external dynamic
list with an invalid IPv6 address range caused commits to fail. |
PAN-82278 | Fixed an issue where filtering did not work
for Threat logs when you filtered for threat names that contained certain
characters: single quotation ( ’ ), double
quotation (” ), back slash (\ ),
forward slash (/ ), backspace (\b ),
form feed (\f ), new line (\n ),
carriage return (\r ), and tab (\t ). |
PAN-72861 | Fixed an issue where when you configured
a PA-5200 Series or PA-7000 Series firewall to perform tunnel-in-tunnel
inspection, which includes GRE keep-alive packets ( Policies Tunnel Inspection <tunnel_inspection_rule> Inspection Inspect Options clear session all CLI command
while traffic was traversing a tunnel, the firewall temporarily
dropped tunneled packets. |
Most Popular
Recommended For You
Recommended Videos
Recommended videos not found.