Version 4.0.2.3 Release Notes

Improvements

The 4.0.2.3 release resolves several issues, and provides improved stability and performance.

Note: All 4.0.x release contain updated cipher suites to further improve security of HTTPS communications. SSLv3 was disabled in the 3.9.2.1 release (October 2014) to protect against CVE-2014-3566 (POODLE). Subsequent updates have addressed CVE-2014-0160 (Heartbleed), CVE-2015-4000 (Logjam), and other OpenSSL vulnerabilities. If you have SSL scanning enabled, your outgoing connections will be made using TLS1.0 and not SSLv3. This may render some legacy websites unusable.

Resolved Issues

Work Order # Description
NSWA-563 Resolves an issue that could, for HTTPS sites, prevent the Proceed button from working correctly on the Quota/Warn page.
NSWA-535 An issue has been resolved that could cause policies to incorrectly trigger for certain sites using gzip encoding.
NSWA-495 The number of upstream proxies the appliance can work with has been increased to one hundred (100).
NSWA-462 An issue has been resolved that could sometimes block streaming media.