PAN-OS 9.1.13 Addressed Issues

PAN-OS® 9.1.13 addressed issues.
Issue ID
Description
WF500-5513
Fixed an issue where cloud queries failed, which generated system logs. The issue occurred because a hash was not found in the cloud.
PAN-184445
Fixed an issue where, after upgrading Panorama, when
Share Unused Address and Service Objects with Devices
was unchecked, address objects using tags to dynamic address groups were removed after a full commit.
PAN-181802
Fixed an issue where a memory utilization condition resulted in the web interface responding more slowly than expected and management server restarting.
PAN-181309
Fixed an issue where Panorama was inaccessible due to the configd process not responding.
PAN-180338
Fixed an issue where the CTD loop count wasn't accurately incremented.
PAN-179274
Fixed an issue on high availability configurations where, after upgrading to PAN-OS 9.1.10, PAN-OS 10.0.6, or PAN-OS 10.1.0, the high availability (HA1) and HA1-Backup link stayed down. This issue occurred when the peer firewall IP address was in a different subnet.
PAN-179164
Fixed an issue where a web-proxy port number was added to the destination URL when captive portal authentication was run.
PAN-177907
Fixed an issue where, after rebooting the firewall, FQDN address objects referred in rules in a virtual system (vsys) did not resolve when the vsys used a custom DNS proxy.
PAN-177551
A fix was made to address a vulnerability that enabled an authenticated network-based administrator to upload a specifically created configuration that disrupted system processes and was able to execute arbitrary code with root privileges when the configuration was committed (CVE-2022-0024).
PAN-176054
Fixed an intermittent issue where users did not have access to resources due to a host information profile (HIP) check failure that was caused by the HIP data not being synced between the management plane and the dataplane.
PAN-175628
(
PA-5200 Series firewalls only
) Fixed an issue where the firewall was unable to monitor AUX1 and AUX2 interfaces through SNMP.
PAN-175211
Fixed a memory leak issue in the (mgmtsrvr) process.
PAN-174781
Fixed an issue where the firewall did not send an SMTP 541 error message to the email client after detecting a malicious file attachment.
PAN-174709
Fixed an out-of-memory (OOM) condition that occurred due to multiple parallel jobs being created by the scheduled log export feature.
PAN-174244
Fixed an issue where a sudden increase in URL data approached the maximum cache capacity of the firewall.
PAN-173469
Fixed an intermittent issue where websites were blocked and categorized as not resolved.
PAN-173373
(
VM-Series firewalls in NSX-T deployments only
) Fixed an issue where deployments dropped packets with the counter
pan_netx_send_pkt error
.
PAN-172837
Fixed an intermittent issue where the firewall didn't generate block URL logs for URLs even though the websites were blocked in the client device.
PAN-172295
Fixed an issue where a HIP database cache loop caused high CPU utilization on a process (useridd) and caused IP address-to-user mapping redistribution failure.
PAN-172243
Fixed an issue where NetFlow traffic triggered a packet buffer leak.
PAN-172056
(
VM-Series firewalls only
) The logging rate limit was improved to prevent log loss.
PAN-170997
Fixed an issue where FQDN service routes were not installed after a system reboot.
PAN-170952
Fixed script issues that caused diagnostic data to not be collected after path monitor failure.
PAN-169212
Fixed an issue where information level logs caused configd logs to fill.
PAN-168452
Fixed an issue where DNS signatures did not trigger.
PAN-168400
Fixed an issue where, after installing Cloud Services plugin 2.0, the
Plugin cloud_services
status (
Dashboard > High Availability
) displayed as
Mismatch
.
PAN-163030
Fixed an issue where restarting the devsrvr process caused new GlobalProtect connections to fail with the error message
required client certificate not found
. This issue occurred due to a key mismatch between the dataplane and the management plane.
PAN-161297
Fixed an interoperability issue with other vendors when IKEv2 used SHA2-based certificate authentication.
PAN-160419
Fixed an issue where the following error message displayed in the system log after restarting the firewall:
dns-signature initialization from file storage failed, start with empty cache
.
PAN-159295
Fixed an issue where scheduled configuration export files saved in the /tmp folder weren't periodically purged, which caused the root partition to fill up.
PAN-159214
Fixed an issue where a .txt file was corrupted, which caused the web interface to not display the requested information.
PAN-159210
Fixed an issue where timed-out DNS Security queries produced incorrect system log entries indicating
cloud service connection refused
. With this fix, timed-out queries are correctly logged as
cloud query timeout
.
PAN-158541
Fixed an OOM condition on the dataplane on FIPS-mode firewall decryption that used DHE ciphers.
PAN-158280
Fixed an issue where SMB sessions were discarded with the following error message:
ctd out of resource
.
PAN-153019
Fixed an issue where the following error message appeared:
Error: pan_tdb_load_sml_dfa_serialize(pan_tdb_ser.c:2424): pan_util_file_to_buf /opt/pancfg/mgmt/content//cache/common//sml_dfa.cache.ser error
, even though the cache file got regenerated if it was missing.
PAN-151749
Fixed an issue where Panorama did not show warnings of the last commit job.
PAN-145833
(
PA-3200 Series firewalls only
) Fixed an issue where the firewall stopped recording dataplane diagnostic data in dp-monitor.log after a few hours of uptime.

Recommended For You