Read Before Updating
Known Issues
- In the High Availability environment, deleting a Layer 4 service or editing the server associated with the Layer 4 service in the Passive unit is not handled properly in the backend. It is recommended to perform these operations on the Active unit. [BNADC-5795]
- The SSL hardware is now disabled by default in the Barracuda Load Balancer ADC 640 and 840. The administrator can enable the SSL hardware functionality if required.
- With the OpenSSL1.1.1, certificates signed with MD5 are no longer supported. Please replace such certificates with SHA1/SHA256 signed certificates before upgrading to 6.4.0.x. If an upgrade is done without replacing these certificates, services using them will go down and rollbacks will occur. [BNADC-10261]
Firmware Version 6.4
Features
- Barracuda Load Balancer ADC now supports TLSv1.3 protocol. [BNADC-9179]
- Ability to configure service port ranges for TCP/UDP proxy services is supported. [BNADC-3239][BNADC-3175]
- Barracuda Load Balancer ADC now supports load balancing Citrix Storefront and Xen App/Desktop. [BNADC-9783]
Enhancements
- Ability to schedule reports at any hour of the day is added.[BNADC-9525]
- Ability to send value of Basic Authorization Header as part of HTTP query parameter after successful authentication of the user is added. [BNADC-10043]
Fixes
Firmware Version 6.4.0.008
- Resolved: TCP SACK vulnerabilities CVE-2019-11478, CVE-2019-11479.[BNSEC-8325][BNADC-10272]
- Resolved: HTTP/2 Dos attack vulnerability CVE-2019-9511 to CVE-2019-9518 discovered by Netflix. [BNSEC-8464][BNADC-10376]
- Resolved: Post-authentication sensitive information leak [BNSEC-8552][BNADC-10399]. Thank you to Steven Campbell from Rapid7 for reporting this to us.
- Addressed Scheduled Report Summarization issue in heavy traffic. [BNADC_10253]
- Issue in using ECDSA certificate chain for service is fixed now. [BNADC-10390]
Firmware Version 6.4.0.005
- Enhancement: Ability to select Group Membership Format as UserDN or User for LDAP authentication is provided [BNADC-10060]
Firmware Version 6.4.0.004
- System timezone from the System Configuration Backup file is honored correctly. [BNADC-10083]
- Intermittent connection failure in RDP Server Monitor Testing Method, is addressed. [BNADC-9996]
- User Authentication failure due to special characters (%) in the password, is addressed. [BNADC-9897]
- The Authentication page which was not rendering on chrome 72 browsers is addressed now. [BNADC-10113]
- The user authentication fails when user is part of too many groups, is addressed. [BNADC-9850]
- Support for special characters in the user name for LDAP Authentications, is addressed. [BNADC-9846]
- The increase in the memory usage of the server health monitor over a time for DNS test, is addressed. [BNADC-9794]
- An uneven load balancing seen when WLR algorithm and client IP impersonation was configured, is addressed. [BNADC-9327]
- All the logs from the system are now shown with System Timezone correctly on 6.3.0.008 based VM instances.[ BNADC-10051]
- Issue with MS Sharepoint server monitor testing method where the domain was not forwarded to the sharepoint server, is addressed.[BNADC-10112]