We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Release Notes

  • Last updated on

Important: Please Read Before Upgrading

Before installing any firmware version, back up your configuration and read all release notes that apply to versions more recent than the one currently running on your system.

Do not manually reboot your system at any time during an update, unless otherwise instructed by Barracuda Networks Support. Depending on your current firmware version and other system factors, updating can take up to 10 minutes. If the process takes longer, please contact Barracuda Technical Support for further assistance.

Before upgrading, BE SURE TO TAKE THE BARRACUDA EMAIL SECURITY GATEWAY OFFLINE. This will ensure that the inbound queue is emptied and all messages are scanned before the update process begins. See the BASIC > Administration page for the Offline button.

Updating to Version 8.x

WARNING: After clicking the Apply Now on the ADVANCED > Firmware Update page, the progress bar may appear to time out and the administrator may need to manually return to the login screen after 5 minutes if it doesn't load automatically in the browser.

Firmware Version 8.1

What's New in Version 8.1

Version 8.1.0.003

  • Support for SMB versions 2.0 and 3.0 for backups. [BNSF-26803]
  • Improved cloud backup support.
  • Added an option in the web interface to enable/disable SSO/auto login for links in Quarantine Summary emails.   [BNSF-27803]  
  • Removed Extended Malware from subscription statistics on the BASIC > Dashboard page.      [BNSF-27935]
  • Updated root CA certificates.   [BNSF-27930]    
  • New advanced LDAP setting Disable built-in LDAP Filter to disable default LDAP filters as needed. Configure per-domain on the USERS > LDAP Configuration page. [BNSF-27992] 
  • The Outbound Quarantine feature is now available for models 100 and 200. [BNSF-27996]
  • Included support for Support Tunnel 2.0 as part of firmware. [BNSF-27807]
  • Spam accuracy improvements. [BNSF-28017]

Version 8.1.0.002

Authentication
  • New option on BASIC > Quarantine page to enable/disable SSO/auto-login for users through links in quarantine summary emails. [BNSF-27803]
  • New option to disable default LDAP filters used for authenticating the user on USERS > LDAP Configuration page at the domain level. [BNSF-27992]
Security
  • Support for support tunnel version 2.0 [BNSF-27807]
  • Updated root CA certificates [BNSF-27930]
  • Spam accuracy improvements [BNSF-28017]
Web Interface
  • Extended Malware Subscription information is no longer displayed on the BASIC > Dashboard page. [BNSF-27935]
  • The Outbound Quarantine feature is now available for Barracuda Email Security Gateway models 100 and 200. [BNSF-27796]

Firmware Version 8.0

What's New in Version 8.0

Web Interface
  • The Barracuda Spam Firewall has been renamed the Barracuda Email Security Gateway.
Barracuda Exchange Antivirus Agent

Fixed in Version 8.0

Version 8.0.4.002

Security

  • Upgraded SAVAPI version to continue support for ‘Extended Malware Protection’. [BNSF-27814]

Version 8.0.4.001

Authentication

  • Feature: All users can now set and use a local password to access their quarantine account. [BNSF-27556]

Mail Processing
  • Option to disable TLS 1.0 over SMTP through Barracuda Email Security Gateway web interface to conform to PCI standards of TLS 1.1+. [BNSF-27561]
Message Log
  • Improvement: Added a popup to indicate that only 10k messages lines from the Message Log can be exported when the Barracuda Email Security Gateway is clustered. [BNSF-27650]

Security
  • Resolved vulnerability with 7zip file compression (CVE-201810115). [BNSF-27684]    

Version 8.0.3.004

  • Fix: When a user logs in (as user role) and marks an email in quarantine as NOT spam, the email auto-delivers as expected. [BNSF-27442]

Version 8.0.3.003

  • Feature: Active session tokens are now transmitted via cookies, rather than in a URL. This means that end-users will no longer be able to click on a link in the quarantine summary email to log directly into a quarantine inbox without the use of a password. [BNSF-26659]

Version 8.0.3.002

  • Fixed bug affecting mail processing after upgrading the firmware. [BNSF-26691]

Version 8.0.3

Barracuda Outlook Add-in
  • Enhancement: Added support for TLS 1.1 and TLS 1.2. [BNSF-25586]
Notifications
  • Enhancement: The system administrator and email recipient can receive notifications when a message is blocked due to a virus. Configure on the ADVANCED > Bounce/NDR Settings page. [BNSF-25486]
Mail Processing
  • Improved spam scanning. [BNSF-26591]

Version 8.0.2

Barracuda Exchange Antivirus Agent
  • Feature: Added support for Microsoft Exchange 2016. 
Web Interface
  • Fix: A Welcome email is not sent when a new user account is created due to a quarantined email. [BNSF-25904]
Security
  • High severity vulnerability: authenticated, remote code injection [BNSEC-6613 / BNSF-25407]
  • High severity vulnerability: unauthenticated, remotely exploitable, code injection [BNSEC-6223 / BNSF-24618]
  • High severity vulnerability: remotely exploitable, buffer overflow [BNSEC-2012 / BNSF-24897]
  • Medium - High severity vulnerability: unauthenticated, remotely exploitable, denial of service (DoS), ssl weakness [BNSEC-7107 / BNSF-25937]
  • Medium - High severity vulnerability: unauthenticated, remotely exploitable, limited HTML content control, XSS delivered outside of the web based interface [BNSEC-6227 / BNSF-24635]
  • Medium - High severity vulnerability: unauthenticated, remotely exploitable [BNSEC-6225 / BNSF-24621]
  • Medium severity vulnerability: non-persistent XSS [BNSEC-2678 / BNSF-23507]

Version 8.0.1.001

Mail Processing
  • Enhancement: Mail with Microsoft Office attachments that contain macros can be blocked. [BNSF-23786]
Web Interface
  • Resolved issue which prevented the Dashboard from displaying during update server outages. [BNSF-25934]
  • Resolved issue preventing access to ADVANCED > Energize Updates and ADVANCED > Firmware Update pages when the Barracuda Email Security Gateway was offline. [BNSF-25929]
Barracuda Exchange Antivirus Agent
  • Enhancement: The Barracuda Exchange Antivirus Agent supports Microsoft Exchange Server 2016. [BNSF-25828]

Version 8.0.0.007

Mail Processing
  • Enhancement: Improved Sender Spoof Protection efficiency. [BNSF-25835]
  • Resolved issue which could cause excessive system load. [BNSF-25831, BNSF-25884]
  • Resolved issues with malformed headers causing incorrect parsing. [BNSF-25836, BNSF-25838]
  • Resolved issue with Multi-Level Intent Analysis. [BNSF-25907]
Clustering
  • Improved handling of Standby mode in a clustered system. [BNSF-25797]

Version 8.0.0.005

Mail Processing
  • Outbound messages from whitelisted IP addresses are now properly checked for encryption if encryption is enabled. [BNSF-25732]
  • Links in the BASIC > Message Log message view page now work properly. [BNSF-22345]

Version 8.0.0.004

Mail Processing
  • Outbound messages from whitelisted IP addresses are now properly checked for encryption if encryption is enabled. [BNSF-25732]

Version 8.0.0.003

Mail Processing
  • Improved attachment filtering/detection. [BNSF-25491]

Version 8.0.0.002

Mail Processing
  • Downloading a PDF file attached to a message from the Message Log through BAC/BCS works as expected. [BNSF-25536]
  • Attachment filtering blocks correctly even if MIME type encoding is not formatted correctly. [BNSF-20598]
  • Messages received by the Barracuda Email Security Gateway which are just under the maximum message size are processed properly and are not blocked. [BNSF-25500]
  • When the From header of a message has an unusual format, the unit does not time out when attempting to deliver the message from the user's quarantine inbox. [BNSF-25254]
  • SMTP over TLS for outbound mail works as expected, the mail queues and delivers properly and the logs do not indicate errors. [BNSF-25437]
  • Outbound quarantine emails with multi-line From headers due to UTF8 are delivered as expected. [BNSF-25309]
Notifications
  • The Barracuda Email Security Gateway no longer sends out notifications that state "Encrypted email unable to be delivered" for emails that trigger encryption policies and have a blank sender. [BNSF-17895]
  • Alert email announcing that Energize Updates subscription is about to expire is now branded correctly as Barracuda Email Security Gateway. [BNSF-25615]
  • NDRs are not rejected by some mail servers, including O365, if they don't include a valid From header. [BNSF-25612]
Web Interface
  • The Configuration Updated message only shows on web interface pages as needed. [BNSF-25566]
  • Street Address and Driver's License information in emails trigger Privacy policies as expected. [BNSF-24772]
  • When specifying a filename for an attachment content filter, the pattern specified (filename= <example_filename>) works when there is a space between the  "= " and the filename. [BNSF-25491]
Security
  • Fix: resolved the following vulnerabilities:
    • High severity vulnerability: persistent XSS, authenticated [BNSEC-6504 / BNSF-25215, BNSEC-4551 / BNSF-22345]

Version 8.0.0.001

Mail Processing
  • Enhancement: Improved performance of IP Whitelisted and outbound message scanning. [BNSF-23352, BNSF-24293]
  • Enhancement: Improved street address and driver's license detection. [BNSF-24388]
  • Enhancement: Improved error handling for 'full disk' condition. [BNSF-24622]
  • Enhancement: Added macro support for SPF records with macros. [BNSF-24659]
  • Enhancement: Improved general performance of mail scoring and attachment scanning. [BNSF-24473]
  • Enhancement: General improvements in PDF processing capabilities. [BNSF-24846]
  • Enhancement: Improved HIPAA and Credit Card data detection. [BNSF-25026, BNSF-25028]
  • Fix: Updated internal scanning processes to improve stability. [BNSF-21928, BNSF-24241, BNSF-25268]
  • Fix: Resolved intermittent PTR detection issue. [BNSF-24546]
  • Fix: Users who lack a mail attribute in LDAP are now properly quarantined. [BNSF-25136]
  • Fix: LDAP Alias re-writing no longer rewrites the "To" header. [BNSF-25141]
  • Fix: Lines exceeding 990 characters are no longer broken in multiple places. [BNSF-25206]
Web Interface
  • Enhancement: Administrative ACLs can be temporarily removed through the Console Administrator with the System > Reset Administrator IP/Range selection. [BNSF-23352]
  • Enhancement: Invalid username and password attempts are now logged to the Web Syslog. [BNSF-24629]
  • Enhancement: Improved performance of bulk classification of Spam/Not Spam. [BNSF-25000]
  • Enhancement: Messages with unknown character sets are now treated as UTF-8. [BNSF-25086]
  • Enhancement: Updated Japanese help file translations. [BNSF-25088]
  • Enhancement: Improved web interface load times in general, and especially for BASIC > IP Configuration. [BNSF-25193, BNSF-25199]
  • Fix: Message viewer Download and Delivery buttons now show properly for all window sizes. [BNSF-24177]
  • Fix: Miscellaneous web interface improvements. [BNSF-24300, BNSF-24381]
  • Fix: New user quarantine email links now work properly. [BNSF-24404]
  • Fix: Users with an '&' in the name can now view the Quarantine Inbox. [BNSF-24764, BNSF-24961]
  • Fix: Outbound Quarantine actions no longer result in an error page. [BNSF-24858]
  • Fix: Invalid users can be removed. [BNSF-24860]
  • Fix: Randomization has been improved for password generation. [BNSF-24995]
  • Fix: The details for messages blocked without message bodies can now be viewed on all systems in a cluster. [BNSF-24973, BNSF-25053]
Reporting
  • Fix: Fixed display of erroneous 'Permission denied'. [BNSF-24600]
  • Fix: LDAP Failure Notifications are no longer triggered by outdated logs. [BNSF-25180]
Encryption
  • Fix: Replies to encrypted emails are now archived. [BNSF-24496]
Virtualization
  • Enhancement: Tuned database configuration for Microsoft Azure, Amazon AWS, and VMWare vCloud Air. [BNSF-24836]
Barracuda Outlook Add-in
  • Fix: Resolved issue preventing Add-in authorization for some usernames. [BNSF-23766]
  • Fix: Resolved issue which could cause the Add-in to appear in the wrong window. [BNSF-24585]
  • Fix: The Add-in can now be used from an IP address in the Administration ACL IP Range. [BNSF-24759]
Security
  • Fix: resolved the following vulnerabilities:
    • High severity vulnerability: authenticated, remotely exploitable, arbitrary command execution [BNSEC-5205 / BNSF-23281]
    • High severity vulnerability: unauthenticated, remotely exploitable, brute force, [BNSEC-5204 / BNSF-23282]
    • High severity vulnerability: remotely exploitable, privilege escalation [BNSEC-5203 / BNSF-23285]
    • Medium severity vulnerability: persistent XSS, unauthenticated, remotely exploitable [BNSEC-4622 / BNSF-24136]
    • Medium severity vulnerability: non-persistent XSS, authenticated [BNSEC-3880 / BNSF-21745]
    • Medium severity vulnerability: authenticated, insufficient authorization [BNSEC-2659 / BNSF-22336]
    • Low severity vulnerability: non-persistent XSS, authenticated [BNSEC-2055 / BNSF-21775]
    • Low severity vulnerability: Some non-persistent cross-site scripting vulnerabilities have been fixed. [BNSEC-877 / BNCMN-132]
    • Low severity vulnerability: non-persistent XSS, authenticated [BNSEC-228 / BNSF-18340]
    • [BNSF-22345], [BNSF-25215]

       

Firmware Version 7.1

What's New in Version 7.1

Web Interface
  • The Microsoft IE browser is supported for version 9 and above.
Barracuda Exchange Antivirus Agent
  • The new Barracuda Exchange Antivirus Agent 7.1 runs as a Windows service on your Microsoft Exchange 2013 server and enables it to scan email for viruses. From the ADVANCED > Exchange Antivirus page you can download the agent and view associated email statistics after it is installed and running. You can also click a link on the page to view the Barracuda Exchange Antivirus Agent release notes.
  • This version of the agent only supports Microsoft Exchange Server 2013. If you are using versions 2007 or 2010 of Exchange Server, you can download the Barracuda Exchange Antivirus Agent 6.0.x from the ADVANCED > Exchange Antivirus page.
  • The Barracuda Exchange Antivirus Agent no longer supports Microsoft Exchange Server 2003.

See How to Get and Configure Barracuda Exchange Antivirus Agent 7.1 and Above for details.

Cloud Control
  • Support for Domain Administration and Users management - Barracuda Cloud Control now supports managing domains and users. Administrators will have the ability to navigate between domains and users within Barracuda Cloud Control.  

Fixed in Version 7.1

Version 7.1.1.004

Note: This release removes LED mail determination flash indicators on the front panel to improve performance.

Mail Processing
  • Enhancement: Improved detection of stuck mail processing. [BNSF-24498]
  • Enhancement: Removed the SSLv2 protocol and EXPORT and LOW strength ciphers. Improved set of ciphers as specified in ADVANCED > Email Protocol > SMTP over TLS/SSL > Allow Weak Ciphers. [BNSF-25283]
Web Interface
  • Fix: Resolved issue on newer models where messages may not appear in the Message Log. [BNSF-23371]
  • Fix: Resolved issue in which some Domain Administrators and Helpdesk Users who could not view messages. [BNSF-23920, BNSF-24892]
Reporting
  • Fix: LDAP Failure Notification report now includes an attachment with additional information for troubleshooting. [BNSF-17538]
Encryption
  • Fix: Resolved issue that could sometimes send duplicate emails when replies were sent to encrypted emails through the Barracuda Message Center. [BNSF-23969]
Security
  • Fix: resolved the following vulnerabilities:
    • Medium severity vulnerability: Update OpenSSL to address CVE-2016-0800 (commonly known as "DROWN") and CVE-2016-2842. [BNSEC-6568 / BNSF-25307]

Version 7.1.1.003

Cloud Control
  • Fix: Resolved condition which could prevent connection to Barracuda Cloud Control after firmware upgrade or upon the first connection. [BNSF-24814]
Barracuda Exchange Antivirus Agent
  • Enhancement: Added support for Microsoft Outlook 2016.

Version 7.1.1.002

Mail Processing
  • Enhancement: Improved scanning for emails with large attachments. [BNSF-23864]
  • Enhancement: Improved attachment processing for malformed attachments. [BNSF-24245]
  • Fix: Resolved rare condition where per-user quarantining would still take affect when disabled. [BNSF-22343]
Web Interface
  • Enhancement: Use numeric sorting for Size column on Advanced > Queue Managment page. [BNSF-19427]
  • Enhancement: Updated Japanese help file translations. [BNSF-24598]
  • Fix: Resolved condition where some Product Tips would not stay hidden. [BNSF-24583]
Barracuda Outlook Add-in
  • Enhancement: Support for MS Outlook 2016.

Version 7.1.1.001 

Mail Processing
  • Enhancement: Improved SPF checks for complex records. [BNSF-23979]
  • Enhancement: Resolved case sensitivity with redirection checks. [BNSF-23979]
  • Enhancement: Improved DLP detection. [BNSF-24186]
  • Fix: Resolved case sensitivity issue with SPF and redirection checks. [BNSF-23876, BNSF-24102]
  • Fix: Messages no longer have the global footer attached if Attach Footer is set to No on the ADVANCED > Outbound Footers page at the domain level. [BNSF-24148]
Web Interface
  • Enhancement: Messages that are blocked for intent now contain a link to whitelist the sender. [BNSF-24372]
  • Enhancement: Updated Japanese translations. [BNSF-23486]
  • Enhancement: Messages that are allowed for emailreg now contain a link for reporting emailreg abuse. [BNSF-24373]
  • Enhancement: Improved appearance for popups in Firefox and Internet Explorer. [BNSF-23986]
  • Enhancement: Improved performance of data entry for pages containg large amounts of data. [BNSF-24152]
  • Enhancement: Improved display of Exchange Antivirus data with multiple Exchange Servers. [BNSF-24220]
  • Enhancement: Improved handling of message bodies for Bayesian classification. [BNSF-24368, BNSF-24370]
  • Fix: Marking messages as Spam/Not Spam in the Message Log is now reflected properly on all units in a cluster. [BNSF-9564, BNSF-22576]
  • Fix: Resolved an issue where users sometimes could not deliver or delete quarantine messages. [BNSF-22902]
  • Fix: Clicking action links on the BASIC > Outbound Quarantine page at the domain level no longer redirects to the Dashboard. [BNSF-23840]
  • Fix: Message Log now shows correct Delivery Status for all messages in a cluster. [BNSF-23897]
  • Fix: The State filter on the ADVANCED > Queue Management page now correctly applies for non-English languages. [BNSF-23917]
  • Fix: Changes to the BLOCK/ACCEPT > Recipient Filters page now take immediate effect on all units in a cluster. [BNSF-24089]
  • Fix: Resolved issue where sometimes the Delivery Status in the Message Log would not show correct information. [BNSF-24096]
  • Fix: Messages can now be viewed on all units in a cluster. [BNSF-24140]
  • Fix: Fixed issue with taking action on quarantined mail in clusters consisting of 3 or more units. [BNSF-24207]
  • Fix: Fixed display of usernames with special characters. [BNSF-24253]
  • Fix: Fixed issue where new units may not show initial messages in the Message Log. [BNSF-24309]
  • Fix: Attachments are again displayed for the end user quarantine. [BNSF-24367]
  • Fix: Domain administrators can now view messages in the Message Log. [BNSF-24374]
  • Fix: Help dialogs now show correct titles for multi-byte/high-ascii encoding. [BNSF-24376]
Backup
  • Fix: Restoring a backup to a virtual machine no longer overwrites the license token. [BNSF-23846]
Security
  • Fix: resolved the following vulnerabilities:
    • BNSEC-877, BNCMN-132: Security fix, low severity. Some non-persistent cross-site scripting attacks have been fixed.

Version 7.1.0.002

Web Interface
  • Fix: Resolved issue where statistics did not display in Barracuda Appliance Control after Barracuda Email Security Gateway was rebooted. [BNSF-24079]
  • Fix: End users can now log in if the Barracuda Email Security Gateway cannot check subscriptions, such as when the internet is unavailable. [BNSF-24122]

Version 7.1.0.001

Mail Processing
  • Fix: Messages containing hostnames that are IP addresses in messages are correctly processed. [BNSF-21784, BNSF-23457]
Web Interface
  • Enhancement: Updated translations. [BNSF-23792, BNSF-223460]
  • Enhancement: General web interface enhancements in font, color, and styling. [BNSF-23167, BNSF-23169, BNSF-23171]
  • Enhancement: Improved display of Barracuda Exchange Antivirus Statistics. [BNSF-23791]
  • Fix: Resolved issue regarding Single Sign-On with LDAP hosts with IPv4 and IPv6 addresses. [BNSF-21422]
  • Fix: Online Help Search in Firefox correctly supports the Japanese IME keyboard. [BNSF-23116]
  • Fix: On the BASIC > Outbound Quarantine page, taking actions with messages such as Delete, Reject or Deliver no longer clear the search filters. [BNSF-23134]
  • Fix: Message Log buttons and icons for IE 9 render correctly. [BNSF-23882]
  • Fix: When using Single Sign-On (SSO) with an LDAP Server Type of Other (see the USERS > LDAP Configuration page for a domain), the Barracuda Email Security Gateway now only uses the user-provided filter for an LDAP search, preventing a timeout. [BNSF-23996]
  • Fix: Admin, Domain Admin and Helpdesk roles can now deliver user quarantined messages from the Quarantine inbox when the locale is Multibyte. [BNSF-24062]
  • Fix: Report data displayed with the Show Report function now matches the data in the emailed report, as the Show Report function now uses local time for the Date Range as opposed to UTC time. [BNSF-24004]
Barracuda Exchange Antivirus Agent
  • Enhancement: Barracuda Exchange Antivirus Agent 7.1 verifies signature integrity prior to loading the signatures. [BNSF-21154]
Security
  • Fix: resolved the following vulnerabilities:
    • High severity vulnerability: persistent XSS, unauthenticated, remotely exploitable [BNSEC-4672 / BNSF-22625]
    • High severity vulnerability: persistent XSS, unauthenticated, remotely exploitable [BNSEC-4670 / BNSF-22626]
    • High severity vulnerability: persistent XSS, unauthenticated, remotely exploitable [BNSEC-4669 / BNSF-22624]

Firmware Version 7.0

What's New in Version 7.0

Web Interface
  • Updated the Barracuda Email Security Gateway web interface with a new color scheme to be consistent with the look and feel with other Barracuda products. There are no navigation changes.
  • New login security feature: If the user login fails 5 times, there is a 15 minute wait period before making another login attempt.
  • The BASIC > Status page has been renamed to BASIC > Dashboard.
Improved Performance and Security
  • Mail delivery now supports connection caching, thereby reducing the amount of network traffic as well as load on destination mail servers.
  • TLS support is improved and now provides:
    • Better fallback negotiation
    • Wildcard support for requiring TLS to destination domains and sub-domains
    • Certificate validation
    Barracuda Email Security Gateway Vx virtual machines now show the core capacity and usage on the BASIC > Dashboard page.

Fixed in Version 7.0

Mail Processing
  • Feature: SMTP response codes for rejected messages can now be customized on the ADVANCED > SMTP Responses page. [BNSF-20867]
  • Enhancement: Added support for Recipient Addresses which include address tagging. See Recipient Delimiter on the ADVANCED > Email Protocol page for more information. [BNSF-7518]
  • Enhancement: Outbound mail now supports connection caching to destination mail servers. [BNSF-18823]
  • Enhancement: Updating a per-domain recipient whitelist now takes immediate effect, no longer requiring a Reload. [BNSF-19025]
  • Enhancement: Improved TLS fallback and detection behavior. [BNSF-19178]
  • Enhancement: The setting for Require Encrypted TLS relaying email to these destination servers now supports domain names, and wildcards, rather than specific servers. Click the Help button on the domain level ADVANCED > Email Protocol page for more information. [BNSF-19640]
  • Enhancement: Requiring TLS to a destination domain now supports certificate validation instead of checking the hostname. [BNSF-19807]
  • Fix: Fixed issue where mail could intermittently stop processing. [BNSF-14626]
  • Fix: Outbound mail delivery no longer attempts to use IPv6 if the system is configured to only use IPv4. [BNSF-19703]
  • Fix: Mail which bounced (return notification) due to an un-reachable server no longer shows as Deferred in the Message Log. [BNSF-19347]
  • Fix: Comma delimiters separating destination mail servers now correctly enable load balancing. [BNSF-19397]
  • Fix: Load balancing mode now properly handles fail-over if the attempted destination mail server is unreachable. [BNSF-19398]
  • Fix: Certain attachment types no longer cause an error when adding footers to emails. [BNSF-21580]
  • Fix: SPF outbound checks now properly handles private IP addresses and relays between Barracuda Email Security Gateways. [BNSF-21586, BNSF-22010]
  • Fix: Barracuda Reputation and RBL IP Exemption Ranges now work as expected with Trusted Forwarders. [BNSF-22623]
  • Fix: Multiple messages in a single session with invalid recipients no longer works with whitelisting as expected. [BNSF-22478]
  • Fix: Outbound emails no longer erroneously include footers configured for other domains if a system wide footer is not configured. [BNSF-22495]
  • Fix: Inbound mail are no longer incorrectly caught by Predefined credit card filters when the Link Domains feature is used and the primary domain is not fully configured. [BNSF-22874]
Web Interface
  • Enhancement: Viewing a message now records the event in Web Syslog (see ADVANCED > Troubleshooting). [BNSF-7402]
  • Enhancement: The addition of users now verifies that the domain exists on the Barracuda Email Security Gateway before adding a user for that domain. [BNSF-20188]
  • Enhancement: Updated translations. [BNSF-22551, BNSF-22707]
  • Enhancement: Support for recently changed time zone/daylight savings times including Moscow and Fiji. [BNSF-22854]
  • Fix: Message Log search filter now properly clears OR conditions when removed from the filter. [BNSF-21295]
  • Fix: Online Search now properly works when HTTPS/SSL Access Only is enabled. [BNSF-21682]
  • Fix: Deleting all displayed Emails from the Quarantine Summary Digest now properly deletes the quarantined emails from the system. [BNSF-22742]
  • Fix: Helpdesk users can now see headers when Helpdesk users are allowed by the administrator to view headers. [BNSF-22791]
  • Fix: Downloading an attachment from the Outbound Quarantine no longer forces a logout. [BNSF-22817]
Backup
  • Enhancement: Added support for FTPS. [BNSF-2658]
  • Enhancement: Added support for NTLMv2 on ADVANCED > Backup. [BNSF-22061]
  • Enhancement: Improved reliability and compatibility with SMB targets for backup. [BNSF-22270]
  • Fix: FTP PASV detection works for legacy restores. [BNSF-22678]
Security
  • Fix: resolved the following vulnerabilities:
    • Medium severity vulnerability: non-persistent XSS, authenticated [BNSEC-4544 / BNSF-22332]
    • Medium severity vulnerability: non-persistent XSS, authenticated [BNSEC-4528 / BNSF-22334]
    • Medium severity vulnerability: authenticated, security control bypass [BNSEC-3246 / BNSF-21595]
    • Low severity vulnerability: non-persistent XSS, authenticated [BNSEC-4531 / BNSF-22333]


Last updated on