| Issue | Service Request | Description |
|---|
| 28259 | 1-4585479 | Intel copper gig-E driver is incompatible with Cisco WS-X6316/4412 adapters. |
| 28559 | 1-4513313 | The ProxySG might send out multiple daily heartbeats if the heartbeat enable or reset command was issued multiple times. |
| 29401 | 1-5511895 | If the ProxySG was configured to send a preview to the ICAP server, under certain circumstances the ProxySG would mistakenly send fewer bytes than the configured preview even though the origin server's response was greater than the preview size. This behavior had an adverse effect to the overall transaction. |
| 29456 | NONE | Serial console generates a registry warning when deleting an NTP server. |
| 29561 | 1-4956807 | Backwards compatibility with CA 4.x PAC file parsing was not maintained. |
| 29611 | 1-4846553 | Access Log: Replace whitespace in usernames with "%20" characters in order to prevent confusing log analyzers. |
| 29645 | 1-4857201, 1-4926001 | ICAP health checks could become queued causing client workers to max out. |
| 29702 | 1-4826615 | Page fault at process "http.dll" at .text+0x3C71B while serving the final patience page |
| 29723 | 1-5009329, 1-5021664, 1-5048801, 1-5162293 | The ProxySG sometimes does not forward credentials to OCS in transparent proxy mode. |
| 29744 | NONE | Unable to serve content to client when Patience-page and Bandwidth gain mode are simultaneously enabled. |
| 29814 | 1-5025314 | Page fault at 0x48 in ce_admin.dll |
| 29824 | 1-4679844 | CLI and console agent may become unresponsive due to TCP/IP workers becoming blocked while trying to read link settings. |
| 29853 | 1-5039401, 1-5288821 | The ProxySG was incorrectly terminating client cookies (a LF with no CR) intended for origin servers when parsing the BCSI cookie. |
| 29940 | 1-5206232, 1-5212071 | When ICAP Patience page (scan progress notification) feature is enabled on ProxySG, if ICAP server returns "NO MODIFICATION REQUIRED" response while scanning an object, ProxySG will restart. |
| 30044 | NONE | The block_category condition does not refer to the allow or deny global policy set by CPL. If you are allowed, block_category will block your request if it is in one of the categories specified. If you are denied by policy then any line where your request matches on a block_category is irrelevant since you are not allowed to make a request. |
| 30046 | NONE | Guard against potential OpenSSH vulnerabilities described in CERT advisory CA-2003-24. |
| 30071 | 1-4990528 | Provide backwards compatibility for CA4.x authentication (authenticate-407) to return explicit proxy style challenge instead of a 401 authenticate challenge. |
| 30123 | NONE | After disk re-creation, replicated/duplicated objects are placed on the new disk. |
| 30124 | 1-4926313 | Prevent multiple disks from being simultaneouly re-initialized. This was done to prevent configuration loss. |
| 30362 | 1-5057655, 1-5252211, 1-5260811, 1-5477801, 1-5486859 | A problem was fixed that could manifest in the following errors: SCSI fatal error 0x28007, Cache administrator fatal error 0x40012, Cache administrator write errors 0x4010E and 0x4010D, hang when writing core images. |
| 30462 | NONE | Guard against potential OpenSSL vulnerabilities in ASN.1 parsing. |
| 30511 | 1-5026626 | For WebFTP sessions, the ProxySG was not sending the correct credentials to the OCS after receiving a 530(login incorrect) response from the FTP server. |
| 30577 | 1-5246594, 1-5416781 | Page fault at 0x3A in MMS_Fileworker |
| 30598 | 1-5211891 | The ProxySG was not logging (Access Log) the proxy IP for the %l symbol for transparent requests. |
| 30633 | 1-4964605 | Under certain conditions, the Heatbeat email subject would read "CacheOS Summary Statistics" after upgrade. |
| 30814 | 1-5319111, 1-5511692 | Page fault at 0x44 in HTTP SW when ICAP scanning an object initally loaded while running CacheOS. |
| 30821 | 1-5316433 | The ProxySG is not closing SSH sockets when no data is received |
| 30931 | 1-5338670 | Page fault 0x8 in "af.dll" at .text+0xA773 while loading forwarding config |
| 31009 | 1-5143881, 1-5385498 | After modifying the weights in an ICAP cluster, the ProxySG would start to return HTTP 503 responses to the client. |
| 31134 | 1-5385838, 1-5406758, 1-5571401 | Small OCS responses (<1000 bytes) that do not contain a content length or are not closed may not return immediately to the client. This may occur for web "streaming" applications, such as stock tickers. The bypass_cache() trigger is modified to ensure responses are not buffered and served immediately to the client. Use bypass_cache() judiciously, as it may affect ASX rewrites. |
| 31174 | 1-5329763 | Page fault "CAG_Worker" in "shared_dll.dll" at .text+0x32EB |
| 31254 | 1-5427782 | ICP queries were recorded in the access log as TUNNEL instead of ICP_QUERY. |
| 31256 | 1-5324473 | The file name for configuration uploads is now configurable. |
| 31336 | 1-5444157 | ICAP performance decreases when adding ICAP clusters. |
| 31375 | 1-5048625 | The ProxySG was sending "502 Bad response" to the FTP client when the OCS returned a "500 command not understood" response for the PASS command. In this case, the password information was missing from the requested Web FTP URL (for example: ftp://user@site/path). For such URLs, the ProxySG sent the "PASS" command with an empty password string, as many FTP servers support empty passwords or ignore passwords for anonymous users. But an empty PASS command triggers Solaris (v2.8) servers to return a "500 command not understood" instead of a "530 login failure" response. This was causing the ProxySG to send a 502 error message instead of a 401 auth required, which would have allowed the user to supply a password. |
| 31398 | 1-5479411 | ICAP's mechanism to parse HTTP headers to determine response data type was mistakenly using the "Content-Transfer-Encoding" header (if present) over the "Transfer-Encoding" header. This caused erroneous decoding and a premature termination of the connection to the ICAP server. |
| 31620 | 1-5518172 | Restart: SWE=0x4001c in "ce_admin.dll" at .text+0x7F8D |
| 31841 | 1-5622680 | Page fault at 0x79 when issuing "virtual-ip address no" command. |
| 32197 | 1-5458514 | Pagefault restart in Process " HTTP WRK00349::FDE93F84 CW " in "transformer_dll.dll" at .text+0x6F34 while normalizing URL for asx transform. |
| 32812 | NONE | Apply fixes for OpenSSL vulnerability CAN-2004-0079. |
| 41936 | NONE | Apply fixes for OpenSSL vulnerability CAN-2004-0081. |
| 41966 | 1-6010459 | Access logging cannot be enabled through the Management Console with some instances of JRE 1.4.x. |
| 42504 | NONE | Resolve TCP Vulnerability CAN-2004-0230. |