SSG 4 Patch #13 - Enhanced walled garden support for HTTPS domains

SSG 4 Patch #13 – Enhanced walled garden support for HTTPS domains

This patch adds the following:

Enhanced walled garden support for HTTPS domains without having to specify their IP addresses, especially for those served by content delivery networks
- Note: pre-update ‘HTTPS Domains’ settings will now be under the ‘Proxy Domains’ tab
Enhanced web security, addressing security weaknesses:
- CVE-2015-1993 (Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute)
- CVE-2015-4000 (Man-in-the-middle attack to downgrade vulnerable TLS connections to 512-bit export-grade cryptography, aka Logjam)
Enhanced database security
Enhanced security with additional system hardening
Upgrades for improved efficiency:
- Packet-marking system module
- High Availability (HA) network interface component
Gateway’s default SSL certificate expiry extended to April 7, 2021

This patch fixes the following issues where:

HA traffic gets very high when there are many downstream users
DHCP NAK carries wrong source IP

Upon successful patching, the system will automatically reboot.

SSG4 Bulk 3 Patch 13
File Name: 13.SSG400_base-sys-bulk03-20181115-01.pkg
File Size: 25375648 bytes
MD5 Checksum: 746e5b79cb942856fdb8296f5f6cf68a
Release Date: 2019-04-23 10:00 SGT