We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Email Security Gateway

Release Notes

  • Last updated on

Before installing any firmware version, back up your configuration and read all release notes that apply to versions more recent than the one currently running on your system.

Do not manually reboot your system at any time during an update, unless otherwise instructed by Barracuda Networks Technical Support. Depending on your current firmware version and other system factors, updating can take up to 10 minutes. If the process takes longer, please contact Barracuda Technical Support for further assistance.

Before upgrading, BE SURE TO TAKE THE BARRACUDA EMAIL SECURITY GATEWAY OFFLINE. This will ensure that the inbound queue is emptied and all messages are scanned before the update process begins. See the BASIC > Administration page for the Offline button.

Updating to Version 8.x

WARNING: After clicking the Apply Now on the ADVANCED > Firmware Update page, the progress bar may appear to time out and the administrator may need to manually return to the login screen after 5 minutes if it doesn't load automatically in the browser.

Firmware Version 8.1

Version 8.1.0.002

Authentication
  • New option on BASIC > Quarantine page to enable/disable SSO/auto-login for users through links in quarantine summary emails. [BNSF-27803]
  • New option to disable default LDAP filters used for authenticating the user on USERS > LDAP Configuration page at the domain level. [BNSF-27992]
Security
  • Support for support tunnel version 2.0 [BNSF-27807]
  • Updated root CA certificates [BNSF-27930]
  • Spam accuracy improvements [BNSF-28017]
Web Interface
  • Extended Malware Subscription information is no longer displayed on the BASIC > Dashboard page. [BNSF-27935]
  • The Outbound Quarantine feature is now available for Barracuda Email Security Gateway models 100 and 200. [BNSF-27796]

Firmware Version 8.0

What's New in Version 8.0

Web Interface
  • The Barracuda Spam Firewall has been renamed the Barracuda Email Security Gateway.
Barracuda Exchange Antivirus Agent

Fixed in Version 8.0

Version 8.0.4.002

Security

  • Upgraded SAVAPI version to continue support for ‘Extended Malware Protection’. [BNSF-27814]

Version 8.0.4.001

Authentication

  • Feature: All users can now set and use a local password to access their quarantine account. [BNSF-27556]

Mail Processing
  • Option to disable TLS 1.0 over SMTP through Barracuda Email Security Gateway web interface to conform to PCI standards of TLS 1.1+. [BNSF-27561]
Message Log
  • Improvement: Added a popup to indicate that only 10k messages lines from the Message Log can be exported when the Barracuda Email Security Gateway is clustered. [BNSF-27650]

Security
  • Resolved vulnerability with 7zip file compression (CVE-201810115). [BNSF-27684]    

Version 8.0.3.004

  • Fix: When a user logs in (as user role) and marks an email in quarantine as NOT spam, the email auto-delivers as expected. [BNSF-27442]

Version 8.0.3.003

  • Feature: Active session tokens are now transmitted via cookies, rather than in a URL. This means that end-users will no longer be able to click on a link in the quarantine summary email to log directly into a quarantine inbox without the use of a password. [BNSF-26659]

Version 8.0.3.002

  • Fixed bug affecting mail processing after upgrading the firmware. [BNSF-26691]

Version 8.0.3

Barracuda Outlook Add-in
  • Enhancement: Added support for TLS 1.1 and TLS 1.2. [BNSF-25586]
Notifications
  • Enhancement: The system administrator and email recipient can receive notifications when a message is blocked due to a virus. Configure on the ADVANCED > Bounce/NDR Settings page. [BNSF-25486]
Mail Processing
  • Improved spam scanning. [BNSF-26591]

Version 8.0.2

Barracuda Exchange Antivirus Agent
  • Feature: Added support for Microsoft Exchange 2016. 
Web Interface
  • Fix: A Welcome email is not sent when a new user account is created due to a quarantined email. [BNSF-25904]
Security
  • High severity vulnerability: authenticated, remote code injection [BNSEC-6613 / BNSF-25407]
  • High severity vulnerability: unauthenticated, remotely exploitable, code injection [BNSEC-6223 / BNSF-24618]
  • High severity vulnerability: remotely exploitable, buffer overflow [BNSEC-2012 / BNSF-24897]
  • Medium - High severity vulnerability: unauthenticated, remotely exploitable, denial of service (DoS), ssl weakness [BNSEC-7107 / BNSF-25937]
  • Medium - High severity vulnerability: unauthenticated, remotely exploitable, limited HTML content control, XSS delivered outside of the web based interface [BNSEC-6227 / BNSF-24635]
  • Medium - High severity vulnerability: unauthenticated, remotely exploitable [BNSEC-6225 / BNSF-24621]
  • Medium severity vulnerability: non-persistent XSS [BNSEC-2678 / BNSF-23507]

Version 8.0.1.001

Mail Processing
  • Enhancement: Mail with Microsoft Office attachments that contain macros can be blocked. [BNSF-23786]
Web Interface
  • Resolved issue which prevented the Dashboard from displaying during update server outages. [BNSF-25934]
  • Resolved issue preventing access to ADVANCED > Energize Updates and ADVANCED > Firmware Update pages when the Barracuda Email Security Gateway was offline. [BNSF-25929]
Barracuda Exchange Antivirus Agent
  • Enhancement: The Barracuda Exchange Antivirus Agent supports Microsoft Exchange Server 2016. [BNSF-25828]

Version 8.0.0.007

Mail Processing
  • Enhancement: Improved Sender Spoof Protection efficiency. [BNSF-25835]
  • Resolved issue which could cause excessive system load. [BNSF-25831, BNSF-25884]
  • Resolved issues with malformed headers causing incorrect parsing. [BNSF-25836, BNSF-25838]
  • Resolved issue with Multi-Level Intent Analysis. [BNSF-25907]
Clustering
  • Improved handling of Standby mode in a clustered system. [BNSF-25797]

Version 8.0.0.005

Mail Processing
  • Outbound messages from whitelisted IP addresses are now properly checked for encryption if encryption is enabled. [BNSF-25732]
  • Links in the BASIC > Message Log message view page now work properly. [BNSF-22345]

Version 8.0.0.004

Mail Processing
  • Outbound messages from whitelisted IP addresses are now properly checked for encryption if encryption is enabled. [BNSF-25732]

Version 8.0.0.003

Mail Processing
  • Improved attachment filtering/detection. [BNSF-25491]

Version 8.0.0.002

Mail Processing
  • Downloading a PDF file attached to a message from the Message Log through BAC/BCS works as expected. [BNSF-25536]
  • Attachment filtering blocks correctly even if MIME type encoding is not formatted correctly. [BNSF-20598]
  • Messages received by the Barracuda Email Security Gateway which are just under the maximum message size are processed properly and are not blocked. [BNSF-25500]
  • When the From header of a message has an unusual format, the unit does not time out when attempting to deliver the message from the user's quarantine inbox. [BNSF-25254]
  • SMTP over TLS for outbound mail works as expected, the mail queues and delivers properly and the logs do not indicate errors. [BNSF-25437]
  • Outbound quarantine emails with multi-line From headers due to UTF8 are delivered as expected. [BNSF-25309]
Notifications
  • The Barracuda Email Security Gateway no longer sends out notifications that state "Encrypted email unable to be delivered" for emails that trigger encryption policies and have a blank sender. [BNSF-17895]
  • Alert email announcing that Energize Updates subscription is about to expire is now branded correctly as Barracuda Email Security Gateway. [BNSF-25615]
  • NDRs are not rejected by some mail servers, including O365, if they don't include a valid From header. [BNSF-25612]
Web Interface
  • The Configuration Updated message only shows on web interface pages as needed. [BNSF-25566]
  • Street Address and Driver's License information in emails trigger Privacy policies as expected. [BNSF-24772]
  • When specifying a filename for an attachment content filter, the pattern specified (filename= <example_filename>) works when there is a space between the  "= " and the filename. [BNSF-25491]
Security
  • Fix: resolved the following vulnerabilities:
    • High severity vulnerability: persistent XSS, authenticated [BNSEC-6504 / BNSF-25215, BNSEC-4551 / BNSF-22345]

Version 8.0.0.001

Mail Processing
  • Enhancement: Improved performance of IP Whitelisted and outbound message scanning. [BNSF-23352, BNSF-24293]
  • Enhancement: Improved street address and driver's license detection. [BNSF-24388]
  • Enhancement: Improved error handling for 'full disk' condition. [BNSF-24622]
  • Enhancement: Added macro support for SPF records with macros. [BNSF-24659]
  • Enhancement: Improved general performance of mail scoring and attachment scanning. [BNSF-24473]
  • Enhancement: General improvements in PDF processing capabilities. [BNSF-24846]
  • Enhancement: Improved HIPAA and Credit Card data detection. [BNSF-25026, BNSF-25028]
  • Fix: Updated internal scanning processes to improve stability. [BNSF-21928, BNSF-24241, BNSF-25268]
  • Fix: Resolved intermittent PTR detection issue. [BNSF-24546]
  • Fix: Users who lack a mail attribute in LDAP are now properly quarantined. [BNSF-25136]
  • Fix: LDAP Alias re-writing no longer rewrites the "To" header. [BNSF-25141]
  • Fix: Lines exceeding 990 characters are no longer broken in multiple places. [BNSF-25206]
Web Interface
  • Enhancement: Administrative ACLs can be temporarily removed through the Console Administrator with the System > Reset Administrator IP/Range selection. [BNSF-23352]
  • Enhancement: Invalid username and password attempts are now logged to the Web Syslog. [BNSF-24629]
  • Enhancement: Improved performance of bulk classification of Spam/Not Spam. [BNSF-25000]
  • Enhancement: Messages with unknown character sets are now treated as UTF-8. [BNSF-25086]
  • Enhancement: Updated Japanese help file translations. [BNSF-25088]
  • Enhancement: Improved web interface load times in general, and especially for BASIC > IP Configuration. [BNSF-25193, BNSF-25199]
  • Fix: Message viewer Download and Delivery buttons now show properly for all window sizes. [BNSF-24177]
  • Fix: Miscellaneous web interface improvements. [BNSF-24300, BNSF-24381]
  • Fix: New user quarantine email links now work properly. [BNSF-24404]
  • Fix: Users with an '&' in the name can now view the Quarantine Inbox. [BNSF-24764, BNSF-24961]
  • Fix: Outbound Quarantine actions no longer result in an error page. [BNSF-24858]
  • Fix: Invalid users can be removed. [BNSF-24860]
  • Fix: Randomization has been improved for password generation. [BNSF-24995]
  • Fix: The details for messages blocked without message bodies can now be viewed on all systems in a cluster. [BNSF-24973, BNSF-25053]
Reporting
  • Fix: Fixed display of erroneous 'Permission denied'. [BNSF-24600]
  • Fix: LDAP Failure Notifications are no longer triggered by outdated logs. [BNSF-25180]
Encryption
  • Fix: Replies to encrypted emails are now archived. [BNSF-24496]
Virtualization
  • Enhancement: Tuned database configuration for Microsoft Azure, Amazon AWS, and VMWare vCloud Air. [BNSF-24836]
Barracuda Outlook Add-in
  • Fix: Resolved issue preventing Add-in authorization for some usernames. [BNSF-23766]
  • Fix: Resolved issue which could cause the Add-in to appear in the wrong window. [BNSF-24585]
  • Fix: The Add-in can now be used from an IP address in the Administration ACL IP Range. [BNSF-24759]
Security
  • Fix: resolved the following vulnerabilities:
    • High severity vulnerability: authenticated, remotely exploitable, arbitrary command execution [BNSEC-5205 / BNSF-23281]
    • High severity vulnerability: unauthenticated, remotely exploitable, brute force, [BNSEC-5204 / BNSF-23282]
    • High severity vulnerability: remotely exploitable, privilege escalation [BNSEC-5203 / BNSF-23285]
    • Medium severity vulnerability: persistent XSS, unauthenticated, remotely exploitable [BNSEC-4622 / BNSF-24136]
    • Medium severity vulnerability: non-persistent XSS, authenticated [BNSEC-3880 / BNSF-21745]
    • Medium severity vulnerability: authenticated, insufficient authorization [BNSEC-2659 / BNSF-22336]
    • Low severity vulnerability: non-persistent XSS, authenticated [BNSEC-2055 / BNSF-21775]
    • Low severity vulnerability: Some non-persistent cross-site scripting vulnerabilities have been fixed. [BNSEC-877 / BNCMN-132]
    • Low severity vulnerability: non-persistent XSS, authenticated [BNSEC-228 / BNSF-18340]
    • [BNSF-22345], [BNSF-25215]

       

Firmware Version 7.1

What's New in Version 7.1

Web Interface
  • The Microsoft IE browser is supported for version 9 and above.
Barracuda Exchange Antivirus Agent
  • The new Barracuda Exchange Antivirus Agent 7.1 runs as a Windows service on your Microsoft Exchange 2013 server and enables it to scan email for viruses. From the ADVANCED > Exchange Antivirus page you can download the agent and view associated email statistics after it is installed and running. You can also click a link on the page to view the Barracuda Exchange Antivirus Agent release notes.
  • This version of the agent only supports Microsoft Exchange Server 2013. If you are using versions 2007 or 2010 of Exchange Server, you can download the Barracuda Exchange Antivirus Agent 6.0.x from the ADVANCED > Exchange Antivirus page.
  • The Barracuda Exchange Antivirus Agent no longer supports Microsoft Exchange Server 2003.

See How to Get and Configure Barracuda Exchange Antivirus Agent 7.1 and Above for details.

Cloud Control
  • Support for Domain Administration and Users management - Barracuda Cloud Control now supports managing domains and users. Administrators will have the ability to navigate between domains and users within Barracuda Cloud Control.  

Fixed in Version 7.1

Version 7.1.1.004

Note: This release removes LED mail determination flash indicators on the front panel to improve performance.

Mail Processing
  • Enhancement: Improved detection of stuck mail processing. [BNSF-24498]
  • Enhancement: Removed the SSLv2 protocol and EXPORT and LOW strength ciphers. Improved set of ciphers as specified in ADVANCED > Email Protocol > SMTP over TLS/SSL > Allow Weak Ciphers. [BNSF-25283]
Web Interface
  • Fix: Resolved issue on newer models where messages may not appear in the Message Log. [BNSF-23371]
  • Fix: Resolved issue in which some Domain Administrators and Helpdesk Users who could not view messages. [BNSF-23920, BNSF-24892]
Reporting
  • Fix: LDAP Failure Notification report now includes an attachment with additional information for troubleshooting. [BNSF-17538]
Encryption
  • Fix: Resolved issue that could sometimes send duplicate emails when replies were sent to encrypted emails through the Barracuda Message Center. [BNSF-23969]
Security
  • Fix: resolved the following vulnerabilities:
    • Medium severity vulnerability: Update OpenSSL to address CVE-2016-0800 (commonly known as "DROWN") and CVE-2016-2842. [BNSEC-6568 / BNSF-25307]

Version 7.1.1.003

Cloud Control
  • Fix: Resolved condition which could prevent connection to Barracuda Cloud Control after firmware upgrade or upon the first connection. [BNSF-24814]
Barracuda Exchange Antivirus Agent
  • Enhancement: Added support for Microsoft Outlook 2016.

Version 7.1.1.002

Mail Processing
  • Enhancement: Improved scanning for emails with large attachments. [BNSF-23864]
  • Enhancement: Improved attachment processing for malformed attachments. [BNSF-24245]
  • Fix: Resolved rare condition where per-user quarantining would still take affect when disabled. [BNSF-22343]
Web Interface
  • Enhancement: Use numeric sorting for Size column on Advanced > Queue Managment page. [BNSF-19427]
  • Enhancement: Updated Japanese help file translations. [BNSF-24598]
  • Fix: Resolved condition where some Product Tips would not stay hidden. [BNSF-24583]
Barracuda Outlook Add-in
  • Enhancement: Support for MS Outlook 2016.

Version 7.1.1.001 

Mail Processing
  • Enhancement: Improved SPF checks for complex records. [BNSF-23979]
  • Enhancement: Resolved case sensitivity with redirection checks. [BNSF-23979]
  • Enhancement: Improved DLP detection. [BNSF-24186]
  • Fix: Resolved case sensitivity issue with SPF and redirection checks. [BNSF-23876, BNSF-24102]
  • Fix: Messages no longer have the global footer attached if Attach Footer is set to No on the ADVANCED > Outbound Footers page at the domain level. [BNSF-24148]
Web Interface
  • Enhancement: Messages that are blocked for intent now contain a link to whitelist the sender. [BNSF-24372]
  • Enhancement: Updated Japanese translations. [BNSF-23486]
  • Enhancement: Messages that are allowed for emailreg now contain a link for reporting emailreg abuse. [BNSF-24373]
  • Enhancement: Improved appearance for popups in Firefox and Internet Explorer. [BNSF-23986]
  • Enhancement: Improved performance of data entry for pages containg large amounts of data. [BNSF-24152]
  • Enhancement: Improved display of Exchange Antivirus data with multiple Exchange Servers. [BNSF-24220]
  • Enhancement: Improved handling of message bodies for Bayesian classification. [BNSF-24368, BNSF-24370]
  • Fix: Marking messages as Spam/Not Spam in the Message Log is now reflected properly on all units in a cluster. [BNSF-9564, BNSF-22576]
  • Fix: Resolved an issue where users sometimes could not deliver or delete quarantine messages. [BNSF-22902]
  • Fix: Clicking action links on the BASIC > Outbound Quarantine page at the domain level no longer redirects to the Dashboard. [BNSF-23840]
  • Fix: Message Log now shows correct Delivery Status for all messages in a cluster. [BNSF-23897]
  • Fix: The State filter on the ADVANCED > Queue Management page now correctly applies for non-English languages. [BNSF-23917]
  • Fix: Changes to the BLOCK/ACCEPT > Recipient Filters page now take immediate effect on all units in a cluster. [BNSF-24089]
  • Fix: Resolved issue where sometimes the Delivery Status in the Message Log would not show correct information. [BNSF-24096]
  • Fix: Messages can now be viewed on all units in a cluster. [BNSF-24140]
  • Fix: Fixed issue with taking action on quarantined mail in clusters consisting of 3 or more units. [BNSF-24207]
  • Fix: Fixed display of usernames with special characters. [BNSF-24253]
  • Fix: Fixed issue where new units may not show initial messages in the Message Log. [BNSF-24309]
  • Fix: Attachments are again displayed for the end user quarantine. [BNSF-24367]
  • Fix: Domain administrators can now view messages in the Message Log. [BNSF-24374]
  • Fix: Help dialogs now show correct titles for multi-byte/high-ascii encoding. [BNSF-24376]
Backup
  • Fix: Restoring a backup to a virtual machine no longer overwrites the license token. [BNSF-23846]
Security
  • Fix: resolved the following vulnerabilities:
    • BNSEC-877, BNCMN-132: Security fix, low severity. Some non-persistent cross-site scripting attacks have been fixed.

Version 7.1.0.002

Web Interface
  • Fix: Resolved issue where statistics did not display in Barracuda Appliance Control after Barracuda Email Security Gateway was rebooted. [BNSF-24079]
  • Fix: End users can now log in if the Barracuda Email Security Gateway cannot check subscriptions, such as when the internet is unavailable. [BNSF-24122]

Version 7.1.0.001

Mail Processing
  • Fix: Messages containing hostnames that are IP addresses in messages are correctly processed. [BNSF-21784, BNSF-23457]
Web Interface
  • Enhancement: Updated translations. [BNSF-23792, BNSF-223460]
  • Enhancement: General web interface enhancements in font, color, and styling. [BNSF-23167, BNSF-23169, BNSF-23171]
  • Enhancement: Improved display of Barracuda Exchange Antivirus Statistics. [BNSF-23791]
  • Fix: Resolved issue regarding Single Sign-On with LDAP hosts with IPv4 and IPv6 addresses. [BNSF-21422]
  • Fix: Online Help Search in Firefox correctly supports the Japanese IME keyboard. [BNSF-23116]
  • Fix: On the BASIC > Outbound Quarantine page, taking actions with messages such as Delete, Reject or Deliver no longer clear the search filters. [BNSF-23134]
  • Fix: Message Log buttons and icons for IE 9 render correctly. [BNSF-23882]
  • Fix: When using Single Sign-On (SSO) with an LDAP Server Type of Other (see the USERS > LDAP Configuration page for a domain), the Barracuda Email Security Gateway now only uses the user-provided filter for an LDAP search, preventing a timeout. [BNSF-23996]
  • Fix: Admin, Domain Admin and Helpdesk roles can now deliver user quarantined messages from the Quarantine inbox when the locale is Multibyte. [BNSF-24062]
  • Fix: Report data displayed with the Show Report function now matches the data in the emailed report, as the Show Report function now uses local time for the Date Range as opposed to UTC time. [BNSF-24004]
Barracuda Exchange Antivirus Agent
  • Enhancement: Barracuda Exchange Antivirus Agent 7.1 verifies signature integrity prior to loading the signatures. [BNSF-21154]
Security
  • Fix: resolved the following vulnerabilities:
    • High severity vulnerability: persistent XSS, unauthenticated, remotely exploitable [BNSEC-4672 / BNSF-22625]
    • High severity vulnerability: persistent XSS, unauthenticated, remotely exploitable [BNSEC-4670 / BNSF-22626]
    • High severity vulnerability: persistent XSS, unauthenticated, remotely exploitable [BNSEC-4669 / BNSF-22624]

Firmware Version 7.0

What's New in Version 7.0

Web Interface
  • Updated the Barracuda Email Security Gateway web interface with a new color scheme to be consistent with the look and feel with other Barracuda products. There are no navigation changes.
  • New login security feature: If the user login fails 5 times, there is a 15 minute wait period before making another login attempt.
  • The BASIC > Status page has been renamed to BASIC > Dashboard.
Improved Performance and Security
  • Mail delivery now supports connection caching, thereby reducing the amount of network traffic as well as load on destination mail servers.
  • TLS support is improved and now provides:
    • Better fallback negotiation
    • Wildcard support for requiring TLS to destination domains and sub-domains
    • Certificate validation
    Barracuda Email Security Gateway Vx virtual machines now show the core capacity and usage on the BASIC > Dashboard page.

Fixed in Version 7.0

Mail Processing
  • Feature: SMTP response codes for rejected messages can now be customized on the ADVANCED > SMTP Responses page. [BNSF-20867]
  • Enhancement: Added support for Recipient Addresses which include address tagging. See Recipient Delimiter on the ADVANCED > Email Protocol page for more information. [BNSF-7518]
  • Enhancement: Outbound mail now supports connection caching to destination mail servers. [BNSF-18823]
  • Enhancement: Updating a per-domain recipient whitelist now takes immediate effect, no longer requiring a Reload. [BNSF-19025]
  • Enhancement: Improved TLS fallback and detection behavior. [BNSF-19178]
  • Enhancement: The setting for Require Encrypted TLS relaying email to these destination servers now supports domain names, and wildcards, rather than specific servers. Click the Help button on the domain level ADVANCED > Email Protocol page for more information. [BNSF-19640]
  • Enhancement: Requiring TLS to a destination domain now supports certificate validation instead of checking the hostname. [BNSF-19807]
  • Fix: Fixed issue where mail could intermittently stop processing. [BNSF-14626]
  • Fix: Outbound mail delivery no longer attempts to use IPv6 if the system is configured to only use IPv4. [BNSF-19703]
  • Fix: Mail which bounced (return notification) due to an un-reachable server no longer shows as Deferred in the Message Log. [BNSF-19347]
  • Fix: Comma delimiters separating destination mail servers now correctly enable load balancing. [BNSF-19397]
  • Fix: Load balancing mode now properly handles fail-over if the attempted destination mail server is unreachable. [BNSF-19398]
  • Fix: Certain attachment types no longer cause an error when adding footers to emails. [BNSF-21580]
  • Fix: SPF outbound checks now properly handles private IP addresses and relays between Barracuda Email Security Gateways. [BNSF-21586, BNSF-22010]
  • Fix: Barracuda Reputation and RBL IP Exemption Ranges now work as expected with Trusted Forwarders. [BNSF-22623]
  • Fix: Multiple messages in a single session with invalid recipients no longer works with whitelisting as expected. [BNSF-22478]
  • Fix: Outbound emails no longer erroneously include footers configured for other domains if a system wide footer is not configured. [BNSF-22495]
  • Fix: Inbound mail are no longer incorrectly caught by Predefined credit card filters when the Link Domains feature is used and the primary domain is not fully configured. [BNSF-22874]
Web Interface
  • Enhancement: Viewing a message now records the event in Web Syslog (see ADVANCED > Troubleshooting). [BNSF-7402]
  • Enhancement: The addition of users now verifies that the domain exists on the Barracuda Email Security Gateway before adding a user for that domain. [BNSF-20188]
  • Enhancement: Updated translations. [BNSF-22551, BNSF-22707]
  • Enhancement: Support for recently changed time zone/daylight savings times including Moscow and Fiji. [BNSF-22854]
  • Fix: Message Log search filter now properly clears OR conditions when removed from the filter. [BNSF-21295]
  • Fix: Online Search now properly works when HTTPS/SSL Access Only is enabled. [BNSF-21682]
  • Fix: Deleting all displayed Emails from the Quarantine Summary Digest now properly deletes the quarantined emails from the system. [BNSF-22742]
  • Fix: Helpdesk users can now see headers when Helpdesk users are allowed by the administrator to view headers. [BNSF-22791]
  • Fix: Downloading an attachment from the Outbound Quarantine no longer forces a logout. [BNSF-22817]
Backup
  • Enhancement: Added support for FTPS. [BNSF-2658]
  • Enhancement: Added support for NTLMv2 on ADVANCED > Backup. [BNSF-22061]
  • Enhancement: Improved reliability and compatibility with SMB targets for backup. [BNSF-22270]
  • Fix: FTP PASV detection works for legacy restores. [BNSF-22678]
Security
  • Fix: resolved the following vulnerabilities:
    • Medium severity vulnerability: non-persistent XSS, authenticated [BNSEC-4544 / BNSF-22332]
    • Medium severity vulnerability: non-persistent XSS, authenticated [BNSEC-4528 / BNSF-22334]
    • Medium severity vulnerability: authenticated, security control bypass [BNSEC-3246 / BNSF-21595]
    • Low severity vulnerability: non-persistent XSS, authenticated [BNSEC-4531 / BNSF-22333]

Version 7.0.0.004

  • Fix: Resolved issue with connecting to recipient servers when Enable SMTP over TLS/SSL is turned on (see the ADVANCED > Email Protocol page).

Firmware Version 6.1 

What's New in Version 6.1

Email Categorization
  • This feature gives administrators an additional way to decide what to do with various types of emails from senders on the Barracuda Reputation Whitelist. These emails are separated into different categories such as Transactional, Corporate and Marketing, each of which can have a different delivery action associated with it.
Extended Malware Protection (Available on model 600 and higher)
  • An additional layer of deep message scanning is available as Extended Malware Protection leveraging a third-party scanner. This feature is only available with a subscription. Contact your local Barracuda Networks Sales Reseller to purchase this subscription.
Barracuda Outlook Add-in (Available on some models)
  • Note: To run version 6.1.4.001 of the Barracuda Spam Firewall firmware, you must update your Barracuda Outlook Add-in to version 6.1.11 or later (see the USERS > User Features page).

Fixed in Version 6.1

Version 6.1.5.008

  • Fix: Resolved issue with connecting to recipient servers when Enable SMTP over TLS/SSL is turned on (see the ADVANCED > Email Protocol page).

Version 6.1.5.006

Web Interface
  • Fix: Resolved issue with rare cases of some charts on the BASIC > Status page not rendering correctly. [BNSF-22184]
Mail Processing
  • Fix: TLS 1.1 and 1.2 remain available when SSLv2 and SSLv3 are disabled. [BNSF-22876]

Version 6.1.5.004

Virtualization
  • Feature: Added support for hourly billing virtual deployment in Microsoft Azure. [BNSF-22841]

Version 6.1.5.003

Web Interface
  • Fix: SSLv3 is disabled by default in the web interface to mitigate CVE-2014-3566 (SSL POODLE). [BNSF-22788]
Mail Processing
  • Enhancement: New setting on ADVANCED > Email Protocol page to allow or disallow SSLv2 and SSLv3 for incoming SMTP connections. Setting to Yes provides for greater compatibility with older mail servers. Set to No to mitigate the recently reported SSL POODLE [CVE-2014-3566] issue. [BNSF-22788]
  • Fix: Resolved an issue in the encryption module that affected transmission of outbound messages over a TLS connection to some types of mail servers.  [BNSF-22782]

Version 6.1.5

Mail Processing
  • Feature: Added support for Perfect Forward Secrecy in the following two scenarios: [BNSF-21503]
    • When sending SMTP traffic over a TLS connection. To configure SMTP over TLS, see Enable SMTP over TLS/SSL on the ADVANCED > Email Protocol page.
    • When using HTTPS access for the Barracuda Spam Firewall web interface. This requires using properly configured SSL certificates. See the ADVANCED > Secure Administration page to configure certificates.
Barracuda Appliance Control
  • Fix: From the Barracuda Appliance Control interface, clicking on a message in the Message Log properly renders the Message Details popup window and message information. [BNSF-22666]

Fixed in Version 6.1.4 

Version 6.1.4.001:

Mail Processing
  • Enhancement: Improved concurrent processing performance of the Barracuda Spam Firewall 900. [BNSF-21877]
  • Enhancement: Improved message body scanning. [BNSF-21891]
  • Enhancement: Optimized performance of Barracuda Reputation Blocklist resource utilization, update, and lookup. [BNSF-22036]
  • Enhancement: Header filters can now be applied to the Received header added by the Barracuda Spam Firewall. [BNSF-22101]
  • Enhancement: Improved performance of recipient verification lookup when Local Database is not in use. [BNSF-22185]
  • Enhancement: Improved resource utilization for scoring and attachment scanning. [BNSF-22266]
  • Enhancement: Valid and Explicit Recipients no longer require the primary email address to be listed twice on the ADVANCED > Explicit Users page (at the global level) or the USERS > Valid Recipients page (at the domain level). [BNSF-22357]
  • Enhancement: Improved memory performance with attachment processing. [BNSF-22362]
  • Fix: In clustered environments, Per-User Quarantine accounts now support special characters such as apostrophes, for example. [BNSF-16814]
  • Fix: Archiving of encrypted messages handles TLS-based connections correctly. [BNSF-21150]
  • Fix: Plain text footers are not duplicated if the footer is multi-line. [BNSF-21376]
  • Fix: Resolved issue which could prevent statistics and Message Log from updating. [BNSF-21848]
  • Fix: Quarantined messages with multi-byte characters in the headers can now be delivered. [BNSF-21964]
  • Fix: PTR record analysis now properly handles Trusted Forwarders when a connection is made. [BNSF-22196]
  • Fix: Resolved intermittent logging issue which, at times, used disk space on the firmware partition. [BNSF-22201]
  • Fix: Now all messages from a whitelisted IP address in a single session are whitelisted. Previously only the first message was whitelisted. [BNSF-22205]
  • Fix: Resolved long delay for display of BASIC > Status and ADVANCED > Energize Updates pages when offline updates are used. [BNSF-22258]
  • Fix: Improved performance when Energize Updates are applied on a Barracuda Spam Firewall appliance under heavy System Load. [BNSF-22300, BNSF-22398]
  • Fix: Outbound quarantine now works on the Barracuda Spam Firewall 100 and 200. [BNSF-22351]
Reporting
  • Fix: Email Encryption Details report columns are correctly labeled. [BNSF-22095]
Web Interface
  • Enhancement: Password values changed via the Support Tunnel are now masked from Syslog output. [BNSF-22018]
  • Enhancement: Added Russian translations to NDR templates. [BNSF-22323]
  • Enhancement: Included Icelandic translations for end user pages in the web interface. [BNSF-22358]
  • Fix: Resolved case sensitivity issue when domain names are referenced in various settings. [BNSF-21358]
  • Fix: Web interface no longer displays "Temporarily Unavailable" if an invalid character set attribute is detected. [BNSF-22180, BNSF-22240]
Backup
  • Fix: When restoring a backup to a new Barracuda Spam Firewall, upgraded to the most recent firmware, you are no longer required to do a Reload to prevent an "Invalid Domain" response. [BNSF-20703]
  • Fix: Resolved issue which could prevent backup jobs from completing. [BNSF-21915]
  • Fix: Backups can now be restored if the web browser is configured for Japanese character sets. [BNSF-22364]
Barracuda Outlook Add-in
  • Fix: The Barracuda Spam Firewall now returns error messages when appropriate from the Barracuda Outlook Add-in and Exchange Antivirus Add-in. [BNSF-22220]
  • Fix: The Barracuda Outlook Add-in now properly detects the custom HTTPS port. [BNSF-22382]
Security
  • Fix: resolved the following vulnerabilities:
    • Medium - High severity vulnerability: insufficient authorization. [BNSEC-4517 / BNSF-21063]
    • Medium - High severity vulnerability: non-persistent XSS, unauthenticated. [BNSEC-1251 / BNSF-20597]
    • Low severity vulnerability: unauthenticated, remotely exploitable, information disclosure. [BNSEC-3421 / BNSF-21649]

Fixed in Version 6.1.2

Version 6.1.2.003:

Mail Processing
  • Fix: Prevent the Spam Intent Category in Intent Analysis from defaulting to Off on upgrade. If a previous upgrade has occurred, please see the  Intent Categories table for BASIC > Spam Checking page and verify the setting. [BNSF-21927]

Version 6.1.2.002:

Security
  • Fix: Resolved the following vulnerability:
    • Medium severity: Updated OpenSSL to address the issues reported in OpenSSL's security advisory dated 2014-06-05 [BNSEC-4499 / BNSF-22245]

Version 6.1.2.001:

Mail Processing
  • Enhancement: Improved DLP detection algorithms for birth dates. [BNSF-21396]
  • Enhancement: Improved handling of unusually formatted emails. [BNSF-21407]
  • Fix: Messages were erroneously blocked by attachment type when whitelisted by the sender. [BNSF-20505]
  • Fix: Messages with certain malformed headers now appear correctly in the message log. [BNSF-21305]
  • Fix: Resolved issues with malformed headers from Trusted Forwarders. [BNSF-21897, BNSF-21906]
  • Fix: Multiple messages in a single session are no longer encrypted after a message encrypted via the Outlook Add-in. [BNSF-21955]
  • Fix: Per-User Scoring is no longer used when disabled. [BNSF-21800]
Web Interface
  • Feature: Added ability to submit Email Categories for incorrect or uncategorized messages. [BNSF-21700]
  • Feature: Added support for Europe/Busingen timezone. [BNSF-21988]
  • Enhancement: Improved memory handling and performance of the Web Interface after long periods of time. [BNSF-22142, BNSF-22155]
  • Fix: Resolved sporadic issue where Basic > Status page would fail to load. [BNSF-21994, BNSF-22184]
  • Fix: Deprecated timezones are not correctly updated when restored from a backup. [BNSF-21770, BNSF-21836]
  • Fix: Messages can now be delivered from any box in a cluster. [BNSF-22083]
Backup
  • Fix: Resolved intermittent scenario in which Restore would fail if a previous backup or restore had failed. [BNSF-21257]
  • Fix: Scheduled Backups Destination can now be changed from Cloud. [BNSF-21286]
Cloud Control
  • Fix: The Cloud Control status chart now shows the correct date for the status bars. [BNSF-21842]
Security
  • High severity vulnerability: unauthenticated, remotely exploitable, HTTP header injection [BNSEC-1168 / BNSF-20796]

Fixed in Version 6.1.1

Version 6.1.1.001:

Virtualization
  • Feature: Added support for virtual deployment in Amazon Web Services. [BNSF-21875]

Fixed in Version 6.1.0

Version 6.1.0.003:

Mail Processing
  • Enhancement: Improved processing of attachment filenames. [BNSF-21995]
Web Interface
  • Fix: Bulk editing the list of domains no longer omits certain domains. [BNSF-21742]
  • Enhancement: Added support for localized web interface for Email Categorization. [BNSF-22029]

Version 6.1.0.001:

Mail Processing
  • Feature: Email Categorization. Messages from Barracuda-verified senders (including those on the Barracuda Reputation Whitelist) are categorized to allow the administrator another way to determine what action to take on various types of emails. Actions for each Category may be configured from the BLOCK/ACCEPT > IP Reputation page. [BNSF-21615]
  • Feature: An additional layer of malware detection has been added with the Extended Malware feature. [BNSF-21662]
  • Enhancement: Per-Domain whitelisting and blocklisting of IP addresses now honors Trusted Forwarder status. [BNSF-13907]
  • Fix: Improved processing of messages with very long URLs. [BNSF-21779]
  • Fix: Improved handling of Received headers containing missing IP addresses. [BNSF-21793]
Web Interface
  • Feature: The Message Log now contains the IP address of the destination server. [BNSF-21404]
  • Feature: The Message Debug Identifier has been added to the Queue Managment for easier tracing of messages. [BNSF-21405]
  • Fix: Changing the character set in the Message Viewer now shows the message rather than the login page. [BNSF-21348]
  • Fix: APIs now properly account for colons in regex values. [BNSF-21522]
  • Fix: Adding valid recipients is now logged to the GUI syslog. [BNSF-21536]
  • Fix: Explicit users are not supported by the list_valid_recipient_aliases API call. [BNSF-21768]
Reporting
  • Fix: LDAP Failure notification report now accounts for case changes in domains. [BNSF-17538]
Security
  • Fix: Resolved the following vulnerabilities:
    • High severity: Authentication bypass [BNSEC-3188 / BNSF-21585]
    • Medium - High severity: Requires authentication; security control bypass [BNSEC-3208 / BNSF-21593]
    • Medium severity: Requires authentication; denial of service [BNSEC-3297 / BNSF-21598]
    • Medium severity: Unauthenticated; information disclosure [BNSEC-3259 / BNSF-21596]
    • Medium severity: Requires authentication; security control bypass [BNSEC-3198 / BNSF-21591]
    • Low severity: Unauthenticated; remotely exploitable; information disclosure [BNSEC-3421 / BNSF-21649]
    • Low severity: Non-persistent XSS; requires authentication; remotely exploitable [BNSEC-3287 / BNSF-21597]

Firmware Version 6.0

What's New in Version 6.0

Web Interface

Updated Time Zone settings per new 2013 DST settings. - The following time zones have been converted (see the BASIC > Administration page):

    Old Time Zone New Time Zone
AQ -9000+00000 Antarctica/South Pole  Amundsen-Scott Station, South Pole Antarctica/McMurdo
CA

+4531-07334

America/Montreal  Eastern Time - Quebec - most locations Toronto
US +364708-1084111 America/Shiprock Mountain Time; Navajo America/Denver America/Shiprock
Cloud Services
  • Cloud Backup - New option to back up to the Barracuda Cloud with the same backup features as always, configurable from the ADVANCED > Backup page. Use your Barracuda Customer Account credentials to connect. If you don't have an account, you can create one following instructions in this Barracuda TechLibrary article: Create a Barracuda Cloud Control Account, or see the ADVANCED > Cloud Control page.
  • Cloud Protection Layer (CPL) - Now provides an integrated Message Log together with messages processed by the Barracuda Spam Firewall.
Encryption
  • More reports detailing number of encrypted emails sent, number of encrypted emails opened by recipients, policies that triggered encryption action and number of recalled messages.
  • Ability to archive encrypted email threads to a specified Barracuda Message Archiver. Configured on the BASIC > Administration page, this feature will archive all encrypted correspondence, including encrypted replies, for all domains that have been validated on the Barracuda Spam Firewall.

Message Privacy
  • New Governance, Risk Management and Compliance (GRC) role. The GRC role is used as a way to provide governance, risk management and compliance to email content. The GRC only has access to Outbound Quarantine logs via the web interface and has the job of reviewing the messages in the log, determining which ones should be delivered or rejected based on policy. The administrator can enable or disable the GRC account at any time. Configure on the BASIC > Administration page.
  • Message Log Privacy - To protect email privacy, you can enable the Secondary Authorization feature to require a password before the Admin, Domain Admin or Helpdesk roles can view entries or email message contents across the system (including the global Message Log, per-domain Message Logs, queue management, outbound quarantine and quarantine inboxes). Configure on the BASIC > Administration page.
SSL Certificates
  • SSL Certificate generation and installation process improvement.
Reporting
  • The Top Count setting upper limit, which is the maximum number of rows returned in a report (e.g. Top 10 Viruses), has been reduced to 50.  See the BASIC > Reports page.
Add-ins
  • The Barracuda Outlook Add-in supports Outlook 2007, Outlook 2010 and 2013. Support for Outlook XP and 2003 is no longer available.
    Note: If you are running version 6.0.0.028 of the Barracuda Spam Firewall firmware, you must upgrade your Barracuda Outlook Add-in to version 6.0.x or later (see the USERS > User Features page).
  • The Lotus Notes Plugin is no longer supported, starting in Firmware Release 6.0.

Fixed in Version 6.0.2

Version 6.0.2.002:

Mail Processing
  • Enhancement: Multi-level intent analysis consistently handles timeouts. [BNSF-21731]
  • Fix: PTR record analysis now honors Trusted Forwarder status; i.e. IP addresses are checked until and including the first IP that is not a trusted forwarder. [BNSF-21559]
Web Interface
  • Updated Time Zone settings per new 2013 DST settings. - The following time zones have been converted (see the BASIC > Administration page):
    Old Time Zone New Time Zone
AQ -9000+00000 Antarctica/South Pole  Amundsen-Scott Station, South Pole Antarctica/McMurdo
CA

+4531-07334

America/Montreal  Eastern Time - Quebec - most locations Toronto
US +364708-1084111 America/Shiprock Mountain Time; Navajo America/Denver America/Shiprock
  • Fix: Converted time zones per new 2013 DST settings. [BNSF-21277].
    The following time zones have been converted:
    • Antarctica/South Pole, Amundsen-Scott Station, South Pole. New Time Zone: Antarctica/McMurdo
    • America/Montreal Eastern Time - Quebec - most locations. New Time Zone: Toronto
    • America/Shiprock Mountain Time, Navajo. New Time Zone: America/Denver America/Shiprock
  • Fix: Bulk editing the list of domains no longer omits certain domains. [BNSF-21742].

Version 6.0.2.001:

Mail Processing
  • Enhancement: Improved Sender Policy Framework (SPF) algorithms for increased accuracy. [BNSF-18114, BNSF-20387, BNSF-20523, BNSF-20558, BNSF-20883, BNSF-21068, BNSF-21118]
  • Enhancement: Hard SPF detection failures are now enabled by default. [BNSF-17929]
  • Enhancement: Inbound mail from a Trusted Relay source is now subject to Recipient Verification (if configured) to prevent sending email to an invalid user for the domain. [BNSF-20482].
  • Enhancement: Mail Journaling can now be configured to only journal Quarantined messages on delivery. [BNSF-19388]
  • Enhancement: Multi-level intent analysis performs better with slow web servers. [BNSF-20003]
  • Enhancement: Improved disk space management. [BNSF-20543, BNSF-21026, BNSF-21339, BNSF-21308]
  • Enhancement: Improved recovery of services that are in an inconsistent state. [BNSF-20656, BNSF-20802, BNSF-20898]
  • Enhancement: Improved real-time detection for multilevel intent analysis. [BNSF-20733]
  • Enhancement: Improved attachment detection and filtering. [BNSF-19488]
  • Enhancement: Optimized analysis of messages with compressed files (.tgz, .rar, .zip). [BNSF-21147]
  • Enhancement: Improved DLP detection algorithms for message contents and attachments, including those for identifying dates, credit card information, and data in Excel files. [BNSF-21094, BNSF-21354, BNSF-20736, BNSF-21272]
  • Enhancement: Added default German NDR texts. [BNSF-21058]
  • Fix: The Create Password email can now be sent to users with spaces in the UID. [BNSF-14773]
  • Fix: Block Sender Verify is no longer disabled when Block Empty Sender is enabled. [BNSF-14977]
  • Fix: PTR record analysis is now performed when mail is received from a Trusted Forwarder. [BNSF-19257]
  • Fix: All messages in a single SMTP session are now whitelisted when sent from a whitelisted IP address. [BNSF-19779, BNSF-20562]
  • Fix: Improved whitelist setting interactions between a primary account and its LDAP or Valid Recipient alias. [BNSF-20592, BNSF-21453]
  • Fix: Improved detection of UPS tracking numbers previously mis-identified as Social Security Numbers. [BNSF-19577]
  • Fix: Outbound Quarantine messages could be delivered to the Inbound Quarantine address with the Inbound Quarantine tag when using Global Quarantine. [BNSF-20032]
  • Fix: Resolved issue processing messages with headers including ports with IP addresses. [BNSF-20524]
  • Fix: Messages blocked due to file type now report as banned rather than accepted. [BNSF-20525]
  • Fix: Whitelist properly takes precedence over quarantine rules that are based on EmailReg settings. [BNSF-20934]
  • Fix: Resolved issue in which, in rare circumstances, per-user quarantine files could be written as zero bytes when in a clustered environment. [BNSF-20991]
  • Fix: Spam analysis conditions which could prevent unusual messages from being processed. [BNSF-20994, BNSF-20997]
Web Interface
  • Enhancement: Improved web interface performance when displaying a large number of users or domains. [BNSF-18336]
  • Enhancement: Reduced time to reload system configurations when there are a large number of domains. [BNSF-20145]
  • Enhancement: Single Sign-On now honors Valid Recipient alias linking. [BNSF-19754]
  • Enhancement: Improved support for Internet Explorer 9 and 10 and Firefox 23 and Safari. [BNSF-19525, BNSF-19837, BNSF-19978, BNSF-20259, BNSF-21324, BNSF-21244]
  • Enhancement: Manual Backups now show the correct status without requiring a manual refresh. [BNSF-19836]
  • Enhancement: Improved detection of malformed character sets when displaying unicode messages. [BNSF-20503]
  • Enhancement: Added 3 new methods to API to list, add and delete Valid Recipients. [BNSF-20605]
  • Enhancement: The SMTP port is now excluded from synchronization across systems in a cluster. [BNSF-20561]
  • Enhancement: Option for the Helpdesk role to view message headers (configured on the BASIC > Administration page). [BNSF-21204]
  • Enhancement: Web Syslog contents now include the year, usernames, troubleshooting commands, and configuration changes made by Barracuda Technical Support. May require a restart of your syslog clients in order to receive the additional data. [BNSF-20990, BNSF-21206, BNSF-21207, BNSF-21431, BNSF-21504]
  • Enhancement: Updated translations. [BNSF-19999, BNSF-20000, BNSF-20217, BNSF-20325, BNSF-20862, BNSF-21123, BNSF-21418]
  • Fix: Time zone updates for Israel per new 2013 DST settings. [BNSF-21277]
  • Fix: Journaling to the Barracuda Message Archiver now accepts an IP address. [BNSF-13505]
  • Fix: Corrected handling of unicode characters in user whitelists. [BNSF-13751]
  • Fix: Reduced time to log into the web interface when the update server is not reachable. [BNSF-18333]
  • Fix: Improved handling of special characters such as '$' in the LDAP password for Single Sign-On users. [BNSF-19396]
  • Fix: All users are now able to view quarantine messages when a device is removed from a cluster. [BNSF-19567]
  • Fix: Viewing message bodies in a clustered environment no longer results in an error for some messages. [BNSF-21449]
  • Fix: Searching the outbound quarantine from a user's account no longer forces a logout. [BNSF-19775]
  • Fix: Repaired erroneous validation of the Message Log's Time Range filters. [BNSF-20218]
  • Fix: Repaired Time Range searches of Outbound messages in the Message Log. [BNSF-21273]
  • Fix: Message Log filter errors are now properly encoded. [BNSF-19968]
  • Fix: The Barracuda Spam & Virus Firewall Vx now displays the correct expiration date for Energize Updates subscriptions. [BNSF-20076]
  • Fix: The SNMP agent starts correctly on the Barracuda Spam & Virus Firewall Vx. [BNSF-19478]
  • Fix: Graceful shutdown via the power button now works in all cases. [BNSF-20706]
  • Fix: The "ping" command works as expected with IPv6. [BNSF-20726]
  • Fix: Performance statistics are now displayed when viewing the BASIC > Status page in the web interface page for the Chinese locale. [BNSF-21156]
Backup
  • Enhancement: FTP backups now supports both active and passive modes. [BNSF-7762]
  • Fix: SMB shares are now always unmounted after a backup. [BNSF-19249]
  • Fix: Repaired display of backup files available via FTP. [BNSF-21332]
Cloud Control
  • Feature: The ADVANCED > Queue Management page is now available from Barracuda Cloud Control. [BNSF-19534]
  • Fix: Errors restoring backups are now propagated to the top level of the Barracuda Cloud Control tree. [BNSF-19534]
  • Fix: Repaired of links for running/completed tasks. [BNSF-20186, BNSF-20194]
Barracuda Outlook Add-in

This firmware version requires update of your Barracuda Outlook Add-in (see the USERS > User Features page) to version 6.0.40 or later.

  • Enhancement: Classification buttons are now available for public folders. [BNSF-20670]
  • Enhancement: The Alternate URL was removed from the ADM configuration in favor of auto-provisioning. [BNSF-20670]
  • Fix: The property page now shows correctly in Outlook 2007. [BNSF-21300]
  • Fix: The Add-in no longer fails to start if a localization is unavailable. [BNSF-21492]
Exchange Antivirus
  • Enhancement: Improved handling of corrupted virus definition updates. [BNSF-20648]
  • Fix: The Exchange Antivirus Agent now starts for all localized versions of Microsoft Exchange. [BNSF-19315]
Security
  • Fix: Resolved the following vulnerabilities:
    • High severity: Persistent XSS; unauthenticated; remotely exploitable. [BNSEC-2590]
    • High severity: Authentication bypass. [BNSEC-2625]
    • High severity: Information disclosure. [BNSEC-2816]
    • Medium severity: Unauthenticated; information disclosure. [BNSEC-1658]
    • Medium severity: Information disclosure. [BNSEC-2814]
    • Low - Medium severity: Persistent XSS; unauthenticated; authentication bypass. [BNSEC-2563]
    • Low severity: Persistent XSS; requires authentication; remotely exploitable. [BNSEC-220]
    • Low severity: Non-persistent XSS; requires authentication; remotely exploitable. [BNSEC-1052]

Fixed in Version 6.0.0

Version 6.0.0.029:

Mail Processing
  • Enhancement: Improved real-time detection of malformed attachments. [BNSF-21142].
Security
  • Fix: Resolved the following vulnerabilities:
    • High severity: Persistent XSS; unauthenticated; remotely exploitable. [BNSEC-1550 / BNSF-20929]
    • High severity: Persistent XSS; unauthenticated; remotely exploitable. [BNSEC-1650 / BNSF-20943]
    • Medium - High severity: Non-persistent XSS; unauthenticated [BNSEC-1251 / BNSF-20597]
    • Low - High severity: Persistent XSS; requires authentication. [BNSEC-391 / BNSF-19756]
    • Low - High severity: Non-persistent XSS; requires authentication [BNSEC-1068 / BNSF-20228]
    • Low - High severity: Requires authentication; information disclosure. [BNSEC-1706 / BNSF-20955]
    • Medium severity: Information disclosure. [BNSEC-107 / BNSF-17460]
    • Low - Medium severity: Unauthenticated; information disclosure. [BNSEC-1746 / BNSF-20978]
    • Low severity: Persistent XSS; requires authentication. [BNSEC-220 / BNSF-18321]
    • Low severity: Persistent XSS; requires authentication. [BNSEC-1702 / BNSF-20953]
    • Low severity: Non-persistent XSS; requires authentication. [BNSEC-1152 / BNSF-20394]
    • Low severity: Requires authentication; information disclosure. [BNSEC-1160 / BNSF-20396]
    • Low severity: [BNSEC-1383 / BNSF-20817]

Version 6.0.0.028:

Mail Processing
  • Enhancement: Access to Upgraded Barracuda Real Time Systems (BRTS). The Upgraded BRTS is significantly faster and leverages additional lookups and faster detection operations. with this BRTS Upgrade, the Barracuda Spam Firewall can adapt to spam faster and more accurately. [BNSF-20859]
Barracuda Outlook Add-in

This firmware version requires upgrade of your Barracuda Outlook Add-in (see the USERS > User Features page) to version 6.0.21 or later.

Web Interface
  • Fix: Firmware Upgrades no longer fail to show progress in some cases. [BNSF-20790]

Version 6.0.0.027:

Web Interface
  • Fix: The Search button returns the correct result set the first time it is clicked when using the 'Time' search filter. [BNSF-20591]
  • Fix: Time zone Upgrades for Chile and Paraguay per new 2013 DST settings. [BNSF-20522]
Version 6.0.0.018
Security
  • Enhancement: Per-User Allow and Block lists now check Envelope From and Header From. [BNSF-17727]

  • Fix: Reflective cross-site scripting issue in ADVANCED > Troubleshooting page. [BNSEC-1088]

Version 6.0.0.015

Security
  • Fix: Resolved issue with potential SSH access to unit when not deployed behind a firewall. To completely disable remote support functionality, contact Barracuda Networks Technical Support. Reported by Stefan Viehck, SEC Consult Vulnerability Lab (https://www.sec-consult.com). [BNSEC-767]

Version 6.0.0.007:

Backup
  • Feature: Improved backup user interface. [BNSF-19325]
  • Enhancement: Backup files are deleted upon successful completion of a backup. [BNSF-18628]
  • Enhancement: Restoring a backup no longer restores Advanced Network information. [BNSF-18957]
  • Enhancement: Configuration backups are now encrypted. [BNSF-19496]
  • Fix: Backup does not fail if there are special characters in the login name or password. [BNSF-14472]
  • Fix: SMB mounts are now automatically dismounted after a backup. [BNSF-14625]
  • Fix: Restoring a backup configuration now immediately processes mail for domains without requiring a Reload. [BNSF-19350]
Mail Processing
  • Enhancement: Disabling SMTP Over TLS at the system level no longer rejects domains which are required by the Domain-level Force TLS settings. [BNSF-17474]
  • Enhancement: Spoof Protection now looks at headers in addition to the envelope content. [BNSF-17679, BNSF-15997]
  • Enhancement: Whitelisted messages are now flagged as whitelisted if Trusted Forwarders are configured on the BASIC > IP Configuration page. [BNSF-17943]
  • Enhancement: Active directory default LDAP filter has been modified to reduce AD CPU load. [BNSF-17993]
  • Enhancement: Improved HIPAA medical term detection in email content. [BNSF-18390]
  • Enhancement: Malicious URL scanning now correctly scans all HTML attachments. [BNSF-18564]
  • Enhancement: TNEF files are now scanned for viruses. [BNSF-18921]
  • Enhancement: Added the ability to exempt email addresses and domains from encryption from the BASIC > Administration page. [BNSF-18949]
  • Enhancement: Improved recipient verification performance if no Explicit Users are defined. [BNSF-19048]
  • Enhancement: Improved false positive detection in XLSX files for DLP settings. [BNSF-18738]
  • Enhancement: TLS can now be required for all incoming domains from the Domain-level ADVANCED > Email Protocol page. [BNSF-19738]
  • Fix: Duplicate X-Barracuda-IPDD header lines are no longer added. [BNSF-15751]
  • Fix: Duplicate X-Barracuda-Registry header lines are no longer added. [BNSF-19829]
  • Fix: The Queue Management timestamp now matches the message log timestamp in all cases. [BNSF-19149]
  • Fix: Improved processing performance for large multipart text emails. [BNSF-19644]
  • Fix: Attachment filter now correctly detects video file types with altered extensions. [BNSF-18977]
  • Fix: LDAP routing will now enable alias rewriting if username/password are not set. [BNSF-19114]
  • Fix: URL inspection now correctly handles UTF-8 characters. [BNSF-19575]
  • Fix: Improved process monitoring of front end scanning engine. [BNSF-19675]
  • Fix: Appliance remains offline after a firmware upgrade if it is already in offline mode. [BNSF-18941, BNSF-19705]
  • Fix: Rate control settings for POP accounts are now applied correctly. [BNSF-19745]
Cloud Control
  • Enhancement: Added Users and Advanced pages to Barracuda Cloud Control administration. [BNSF-16098, BNSF-16288]
  • Enhancement: Passwords are masked in syslog output. [BNSF-16498]
  • Fix: Unicode characters can now be added to tables through the Barracuda Cloud Control. [BNSF-18087]
Reporting
  • Fix: Report performance has been optimized. [BNSF-16599, BNSF-17853]
  • Fix: Queue details now include the To address. [BNSF-17127, BNSF-18516]
  • Fix: LDAP failures are now sent to all email addresses when addresses include Unicode characters. [BNSF-18491]
  • Fix: Traffic reports are no longer sorted in reverse order. [BNSF-18673]
Web Interface
  • Feature: Improved syslog performance [BNSF-18033]
  • Feature: Destination Mail Servers can now be defined using an MX record. [BNSF-19358]
  • Enhancement: Syslog now logs 'Guest' logins. [BNSF-18102]
  • Enhancement: Improved webInterface performance. [BNSF-18378]
  • Enhancement: Improved search performance of message log in a clustered environment. [BNSF-17385, BNSF-18734]
  • Fix: Clustering is now removed from Running Tasks when complete. [BNSF-9554]
  • Fix: Changing the hostname or destination mail server now takes immediate effect. [BNSF-17616, BNSF-19279]
  • Fix: Adding a new domain now takes effect immediately without requiring a Reload. [BNSF-17673]
  • Fix: Resolved false notification of "old static routes on your system". [BNSF-17963]
  • Fix: Domain Admins can now set an end user to the HelpDesk role. [BNSF-18843]
  • Fix: Message log could fail to display under some circumstances. [BNSF-18921]
  • Fix: The Troubleshooting Telnet Utilities no longer omits the connection banner when telnetting to a mail server. [BNSF-19163]
  • Fix: Product tips no longer expand to the entire browser width. [BNSF-19669]
  • Fix: Message Log is no longer sorted based on the Queue Management sort. [BNSF-16315]
  • Fix: Product tips now properly expire [BNSF-19661]
Add-in
  • Feature: Outlook Add-in now supports Outlook 2013. [BNSF-19535]
  • Fix: Outlook Add-in no longer creates user accounts if quarantine is set to Global. [BNSF-18883]
Last updated on