Downgrade Restrictions - Watchguard Firebox T10 Release Note

Enhancements and Resolved Issues in Fireware v11.12.1

Downgrade Restrictions

See this Knowledge Base article
When you downgrade the Fireware OS on your Firebox or XTM device, the firmware on any
paired AP devices is not automatically downgraded. We recommend that you reset the AP
device to its factory-default settings to make sure that it can be managed by the older version of
Fireware OS.
Enhancements and Resolved Issues in Fireware v11.12.1
General
When you enable TDR on a Firebox, a TDR policy is now automatically added to your configuration to
l
allow connections from TDR Host Sensors on your trusted network to TDR FQDNs on TCP port 443.
This release resolves a Cross-Site Request Forgery vulnerability on the Fireware Web UI login page.
l
[92304]
This release updates the lighttpd component used by Fireware to resolve several HTTP proxy port-
l
related vulnerabilities (CVE-2016-5387, CVE-2106-5388, and CVE-2016-5386).
This release resolves a vulnerability in the Fireware Web UI that could allow an attacker to enumerate
l
management user login IDs.
This release resolves an issue that caused session IDs to be sent in the URL for authenticated Fireware
l
Web UI sessions.
This release resolves kernel crashes on Firebox T70, M200 and M300 devices configured in drop-in
l
mode.
[92760, 92677]
The Turkish timezone settings have been adjusted to eliminate timezone changes throughout the year.
l
[92464, 92666]
You can now successfully create a backup image for a Firebox T10 with multiple security subscriptions
l
configured.
[92341]
The French localization of hotspot vouchers has been updated.
l
This release resolves an issue that caused the Front Panel to fail to load from Firebox System Manager.
l
[92771]
Policy Manager and Firebox System Manager now negotiate stronger TLS ciphers for managment
l
connections.
[92530]
This release resolves an issue that caused Policy Manager to fail to save configurations to Firebox
l
M400, M500, and M440 devices.
This release resolves an issue that caused Fireware Web UI to fail to display policies after you upgrade
l
your Firebox to Fireware v11.12.
You can now successfully save configurations that contain policies with IPv6 addresses to Fireboxes
l
installed with Fireware v11.11.4 or earlier.
This release has optimized memory usage for Firebox T10 and XTM 25/26 devices.
l
Networking and VPN
PPPoE external interfaces no longer need to restart when you change the NTP, Log Server, or multi-
l
WAN settings on your Firebox.
20
for a list of downgrade restrictions.
[92884]
[92679]
[92826]
[92932]
[92674]
[90146]
[92514]
[92716]
[92647, 92341]
WatchGuard Technologies, Inc.