IG 4 Update #20 – WeChat, Walled Garden update, HTTPS web server upgrade

This update adds the following enhancements:

  • New WeChat social network authentication
  • HTTPS web server upgrade for enhanced security
    • Disable TLS 1.0 for Payment Card Industry Data Security Standard (PCI DSS) v1.3 compliance
    • Address security issues:
      • CVE-2015-1993 (Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute)
      • CVE-2015-4000 (Man-in-the-middle attack to downgrade vulnerable TLS connections to 512-bit export-grade cryptography aka Logjam)
    • Note: Older browsers, e.g. some Windows 7 Internet Explorer versions, may cease to launch the admin page
  • Enhanced Security with additional system hardening
  • Enhanced walled garden support for HTTPS domains without having to specify their IP addresses, especially for those served by content delivery networks
    • Note: pre-update ‘HTTPS Domains’ settings will now be under the ‘Proxy Domains’ tab
  • Documentation update
    • API and CLI manuals
    • Contextual help for event manager
  • API upgrade
    • social_embed to support 3 sizes of social media login icons
  • Gateway’s default SSL certificate expiry extended to April 7, 2021

This update fixes the following bugs:

  • With external success/error URL configured, successful PMS VIP login results in standard success/error page rather than the configured external link
  • Invalid DHCP vendor-encapsulated-options value causes downstream clients to fail to get IP address
  • Some settings are not backed up:
    • Lawful Intercept
    • DHCP VLAN scope

Note: The gateway will automatically reboot upon successful patching.

IG4 bulk07 (wechat) Patch 20
Patch Name: 20.IG4000_base-sys-bulk07-20180202-01.pkg
Patch File size (byte): 30889464
md5: 2d9db18669b4fc8042d28400ddeb12e9
Release Date in Epoch Time: 1522807200