Skip to main content

Welcome to our updated site!

Skyhigh Security

Secure Web Gateway 7.8.2.x Release Notes

About this release

This document contains important information about the current release. 

Hardware firmware upgrade

If you are using a Thales hardware component for running a Hardware Security Module (HSM) with Secure Web Gateway, make sure that you are also using the appropriate firmware.

The Secure Web Gateway repository provides nfast-driver version 12.40 for running the Thales HSM component.

If your monitor and module firmware does not support this driver version, you must obtain the required firmware version from Thales and perform a firmware upgrade before upgrading to a new Secure Web Gateway version.

For more information about running a Hardware Security Module (HSM) with Secure Web Gateway, see the Secure Web Gateway 10.1.x Product Guide.

Resolved issues and a change in update 7.8.2.32

Secure Web Gateway 7.8.2.32 is provided as a main release. It resolves issues present in previous releases.

Changed    

The Web Hybrid Legacy settings are no longer available for configuring an appliance system.

Resolved issues   

JIRA issue numbers are provided in the reference column.

Vulnerabilities   
Reference Resolution

WP-4731

This Secure Web Gateway release includes updates addressing publicly disclosed CVEs, regardless of whether a CVE has been shown to impact customers.

The following medium and higher-level CVEs (CVSS 3.0 >= 4) were involved:

  • CVE-2022-2310 - For Impact details, see Security Bulletin SB10384.

For more information about these CVEs and their impact, see the Red Hat CVE portal.

Resolved issues in update 7.8.2.31

Secure Web Gateway 7.8.2.31 is provided as a main release. It resolves issues present in previous releases.

Resolved issues

This release resolves the following issue.

Vulnerabilities 
Reference Resolution

WP-4432, WP-4454, WP-4591

 

This Secure Web Gateway release includes updates addressing publicly disclosed CVEs, regardless of whether a CVE has been shown to impact customers.

The following medium and higher-level CVEs (CVSS 3.0 >= 4) were involved:

  • CVE-2022-23990
  • CVE-2022-23852
  • CVE-2022-45960
  • CVE-2022-22822
  • CVE-2022-22823
  • CVE-2022-22824
  • CVE-2022-22825
  • CVE-2021-46143
  • CVE-2022-22826
  • CVE-2022-22827
  • CVE-2022-25236
  • CVE-2022-25235
  • CVE-2022-25315
  • CVE-2022-1254
  • CVE-2018-25032

For more information about these CVEs and their impact, see the Red Hat CVE portal.

 

 

  • Was this article helpful?