Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bommi
Contributor III

FortiOS 5.4.9 is out!

NSE 4/5/7
3 Solutions
kphed

nick22d - Thanks for the reply.  Unfortunately, as a large MSSP for predominately financial institutions, we cannot upgrade our customers' Fortigates to a new FortiOS just because it's the "latest version".  All the HA and GUI bugs that arose in FortiOS v5.4.6 and v5.4.7 are great examples of why one should not blindly upgrade to the new firmware iteration before extensive testing is complete.

View solution in original post

bommi

NSE 4/5/7
jeroenb
New Contributor

we upgrade our forti OS form 5.4.8 to 5.4.9

Reason for the upgrade is a potentially vulnerable leak.

 

https://fortiguard.com/psirt/FG-IR-17-160

 

 

 

 

View solution in original post

14 REPLIES 14
kphed
New Contributor III

Has anyone upgraded to v5.4.9?  Is anyone experiencing any issues with v5.4.8 to justify upgrading to v5.4.9?

 

Our organization recently adopted v5.4.8 and have not experienced any issues as of late with approximately 100+ Fortigates of varying models running full UTMs.

Nicholas_Doropoulos

It is generally considered a best practice to keep your Fortigate up to date with the latest version installed. One of the main benefits is patching previously discovered vulnerabilities. Have a look at the link below for issues related to specific versions of Fortigate:

 

[link]https://fortiguard.com/[/link]

NSE5, CCSE, CCNA R&S, CompTIA A+, CompTIA Network+, CompTIA Security+, MTA Security, ITIL v3

NSE5, CCSE, CCNA R&S, CompTIA A+, CompTIA Network+, CompTIA Security+, MTA Security, ITIL v3
kphed

nick22d - Thanks for the reply.  Unfortunately, as a large MSSP for predominately financial institutions, we cannot upgrade our customers' Fortigates to a new FortiOS just because it's the "latest version".  All the HA and GUI bugs that arose in FortiOS v5.4.6 and v5.4.7 are great examples of why one should not blindly upgrade to the new firmware iteration before extensive testing is complete.

simonorch

There are two CVE's i can't find any information on, only that the numbers are reserved.

Anyone know more?

 

2017-14185 2017-14187

NSE8
Fortinet Expert partner - Norway

NSE8Fortinet Expert partner - Norway
ddskier

Upgraded a couple of development / test firewalls from 5.4.8 to 5.4.9.    Don't see any issues associated to the upgrade.

 

Will report as I ssslllloooowwwwllly roll this upgrade out to various production firewalls.

-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D

-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D
ddskier

Rolled this version out everywhere.  No issues.

-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D

-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D
r0bbienz

Same here - rolled out in weekend on a 100d cluster and no issues - my problem with the browser crashing when looking at fortiview cloud applications isnt fixed :(

Baptiste

Since upgrade to 5.4.9, some VPN SSL users complain that they are frequently disconnected.

do you have same issue ?

2 FGT 100D  + FTK200

3 FGT 60E  FAZ VM  some FAP 210B/221C/223C/321C/421E

2 FGT 100D + FTK200 3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
bommi
Contributor III

Just check if you see an crash of the sslvpnd using this command:

diag debug crashlog read

 

Regards

bommi

NSE 4/5/7

NSE 4/5/7
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors