PAN-OS 9.1.13 Addressed Issues
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
-
- Cloud Management of NGFWs
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0 (EoL)
- PAN-OS 11.1 & Later
- PAN-OS 9.1 (EoL)
-
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0 (EoL)
- PAN-OS 11.1 & Later
-
-
- Cloud Management and AIOps for NGFW
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0 (EoL)
- PAN-OS 11.1
- PAN-OS 11.2
- PAN-OS 8.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 9.1 (EoL)
End-of-Life (EoL)
PAN-OS 9.1.13 Addressed Issues
PAN-OS® 9.1.13 addressed issues.
Issue ID | Description |
---|---|
WF500-5513 | Fixed an issue where cloud queries failed,
which generated system logs. The issue occurred because a hash was
not found in the cloud. |
PAN-184445 | Fixed an issue where, after upgrading Panorama,
when Share Unused Address and Service Objects with Devices was
unchecked, address objects using tags to dynamic address groups
were removed after a full commit. |
PAN-181802 | Fixed an issue where a memory utilization
condition resulted in the web interface responding more slowly than
expected and management server restarting. |
PAN-181309 | Fixed an issue where Panorama was inaccessible
due to the configd process not responding. |
PAN-180338 | Fixed an issue where the CTD loop count
wasn't accurately incremented. |
PAN-179274 | Fixed an issue on high availability configurations
where, after upgrading to PAN-OS 9.1.10, PAN-OS 10.0.6, or PAN-OS
10.1.0, the high availability (HA1) and HA1-Backup link stayed down.
This issue occurred when the peer firewall IP address was in a different subnet. |
PAN-179164 | Fixed an issue where a web-proxy port number
was added to the destination URL when captive portal authentication
was run. |
PAN-177907 | Fixed an issue where, after rebooting the
firewall, FQDN address objects referred in rules in a virtual system
(vsys) did not resolve when the vsys used a custom DNS proxy. |
PAN-177626 | Fixed an issue where aggressive situations
caused on-chip descriptor exhaustion. |
PAN-177551 | A fix was made to address a vulnerability
that enabled an authenticated network-based administrator to upload
a specifically created configuration that disrupted system processes
and was able to execute arbitrary code with root privileges when
the configuration was committed (CVE-2022-0024). |
PAN-176054 | Fixed an intermittent issue where users
did not have access to resources due to a host information profile
(HIP) check failure that was caused by the HIP data not being synced
between the management plane and the dataplane. |
PAN-175628 | (PA-5200 Series firewalls only)
Fixed an issue where the firewall was unable to monitor AUX1 and
AUX2 interfaces through SNMP. |
PAN-175211 | Fixed a memory leak issue in the (mgmtsrvr) process. |
PAN-174781 | Fixed an issue where the firewall did not
send an SMTP 541 error message to the email client after detecting
a malicious file attachment. |
PAN-174709 | Fixed an out-of-memory (OOM) condition that
occurred due to multiple parallel jobs being created by the scheduled
log export feature. |
PAN-174244 | Fixed an issue where a sudden increase in
URL data approached the maximum cache capacity of the firewall. |
PAN-173469 | Fixed an intermittent issue where websites
were blocked and categorized as not resolved. |
PAN-173373 | (VM-Series firewalls in NSX-T deployments
only) Fixed an issue where deployments dropped packets with
the counter pan_netx_send_pkt error. |
PAN-172837 | Fixed an intermittent issue where the firewall
didn't generate block URL logs for URLs even though the websites
were blocked in the client device. |
PAN-172295 | Fixed an issue where a HIP database cache
loop caused high CPU utilization on a process (useridd)
and caused IP address-to-user mapping redistribution failure. |
PAN-172243 | Fixed an issue where NetFlow traffic triggered
a packet buffer leak. |
PAN-172056 | (VM-Series firewalls only) The
logging rate limit was improved to prevent log loss. |
PAN-170997 | Fixed an issue where FQDN service routes
were not installed after a system reboot. |
PAN-170952 | Fixed script issues that caused diagnostic
data to not be collected after path monitor failure. |
PAN-169212 | Fixed an issue where information level logs
caused configd logs to fill. |
PAN-168452 | Fixed an issue where DNS signatures did
not trigger. |
PAN-168400 | Fixed an issue where, after installing Cloud
Services plugin 2.0, the Plugin cloud_services status (Dashboard > High Availability)
displayed as Mismatch. |
PAN-163030 | Fixed an issue where restarting the devsrvr process
caused new GlobalProtect connections to fail with the error message required client certificate not found.
This issue occurred due to a key mismatch between the dataplane
and the management plane. |
PAN-161297 | Fixed an interoperability issue with other
vendors when IKEv2 used SHA2-based certificate authentication. |
PAN-160419 | Fixed an issue where the following error
message displayed in the system log after restarting the firewall: dns-signature initialization from file storage failed, start with empty cache. |
PAN-159295 | Fixed an issue where scheduled configuration
export files saved in the /tmp folder weren't periodically purged,
which caused the root partition to fill up. |
PAN-159214 | Fixed an issue where a .txt file was corrupted,
which caused the web interface to not display the requested information. |
PAN-159210 | Fixed an issue where timed-out DNS Security
queries produced incorrect system log entries indicating cloud service connection refused.
With this fix, timed-out queries are correctly logged as cloud query timeout. |
PAN-158541 | Fixed an OOM condition on the dataplane
on FIPS-mode firewall decryption that used DHE ciphers. |
PAN-158280 | Fixed an issue where SMB sessions were discarded
with the following error message: ctd out of resource. |
PAN-153019 | Fixed an issue where the following error
message appeared: Error: pan_tdb_load_sml_dfa_serialize(pan_tdb_ser.c:2424): pan_util_file_to_buf /opt/pancfg/mgmt/content//cache/common//sml_dfa.cache.ser error,
even though the cache file got regenerated if it was missing. |
PAN-151749 | Fixed an issue where Panorama did not show
warnings of the last commit job. |
PAN-146734 | Fixed an issue where, when a Panorama-pushed
configuration was referenced in a local configuration, commits failed
after updating the master key on the firewall, which resulted in
the following error message: Invalid candidate configuration. Master key change aborted.... |
PAN-145833 | (PA-3200 Series firewalls only)
Fixed an issue where the firewall stopped recording dataplane diagnostic
data in dp-monitor.log after a few hours of uptime. |