IPG/NDS Version 02F Code Images

IPG/75xx and IPG/71xx
NDS/1101 (reduced)
NDS/1104 (reduced)
NDS/1131 (enhanced)
NDS/1134 (enhanced)
NDS/5016 and NDS/5008, NDS/6008
File System

Release Notes

02D.30 to 02F

BUG Category Notes
3095 PA-DSS The application does not properly set cache-control directives in its responses.
3097 PA-DSS Change default SSL cipher list to remove ciphers with known weaknesses.
3099 PA-DSS Change network isolation (SNIF) description from Telnet to NativeCOM for PA-DSS compliance.
3101 PA-DSS Sensitive Post Returns HTTP 200.
3102 PA-DSS Added HTTP Cookie support. Added STSESSID session ID using an HTTP Cookie. PA-DSS requirement.
3130 PA-DSS Added additional input validation for general string input fields.
3131 PA-DSS Sensitive Data Transmitted Unencrypted.
3135 PA-DSS Secure Cookie Options Not Used
3136 PA-DSS Added the AUTOCOMPLETE=OFF attribute to the password type HTML input fields.
3138 PA-DSS Sensitive Information in Server Response.
3147 PA-DSS Identity certificate uses SHA1 with RSA encryption.
3154 PA-DSS Bumped FCF values for IPG products to indicate using HTTPS only with Basic auth and hashed password encodings for PA-DSS 3.0 compliance
3154 PA-DSS Updated to use HTTPS only with BASIC auth and hashed password encodings for PA-DSS 3.0 compliance.
3154 PA-DSS Update product configurations to support HTTPS only with the hashed password encoding.
3154 PA-DSS Updated to suppress the warning when no SSL FQDN is supplied when acting as the server. This avoids filling the system trace log with warnings for each HTTPS request.
3154 PA-DSS Fix issue that could cause a back-to-back 401 unauthorized when the unit has been idle and a different client connects with a cookie and authentication.
3173 OpenSSL Update to OpenSSL 1.0.2d. Includes TLS 1.2 support
3179 File system Added Comodo Root certs to file system