IG 4 Update #20 – WeChat, Walled Garden update, HTTPS web server upgrade
This update adds the following enhancements:
- New WeChat social network authentication
- HTTPS web server upgrade for enhanced security
- Disable TLS 1.0 for Payment Card Industry Data Security Standard (PCI DSS) v1.3 compliance
- Address security issues:
- CVE-2015-1993 (Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute)
- CVE-2015-4000 (Man-in-the-middle attack to downgrade vulnerable TLS connections to 512-bit export-grade cryptography aka Logjam)
- Note: Older browsers, e.g. some Windows 7 Internet Explorer versions, may cease to launch the admin page
- Enhanced Security with additional system hardening
- Enhanced walled garden support for HTTPS domains without having to specify their IP addresses, especially for those served by content delivery networks
- Note: pre-update ‘HTTPS Domains’ settings will now be under the ‘Proxy Domains’ tab
- Documentation update
- API and CLI manuals
- Contextual help for event manager
- API upgrade
- social_embed to support 3 sizes of social media login icons
- Gateway’s default SSL certificate expiry extended to April 7, 2021
This update fixes the following bugs:
- With external success/error URL configured, successful PMS VIP login results in standard success/error page rather than the configured external link
- Invalid DHCP vendor-encapsulated-options value causes downstream clients to fail to get IP address
- Some settings are not backed up:
- Lawful Intercept
- DHCP VLAN scope
Note: The gateway will automatically reboot upon successful patching.
IG4 bulk07 (wechat) Patch 20
Patch Name: 20.IG4000_base-sys-bulk07-20180202-01.pkg
Patch File size (byte): 30889464
md5: 2d9db18669b4fc8042d28400ddeb12e9
Release Date in Epoch Time: 1522807200