Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rookie90284903
New Contributor

Recommended Release for FortiOS for FortiGate

Refer to the list:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Recommended-Release-for-FortiOS/ta-p/22717...

 

May I ask why there is still no FortiGate model recommended to use FortiOS 7.2 and 7.4?

 

FortiOS 7.0 is nearing its End of Engineering Support (EOES) (less than 5 months from now), and for some latest vulnerabilities the 7.0 patch this time (7.0.13) was released slower than the 7.2 patch (7.2.6).

 

We usually upgrade version branch before EOES of our currently-in-use branch. But this "recommended list" is giving us concerns.

7 REPLIES 7
kgeorge
Staff
Staff

Hello @rookie90284903,

 

Like to inform you that, this article you mentioned is in the process of getting updated. 

We should be able to see the details that you are looking for updated in near future.

 

 

 

Regards,
Klint George
rookie90284903
New Contributor

FortiOS 7.0.X EOES 2024/3/30, less than 4 months from now.

rookie90284903
New Contributor

I see that the recommended list (https://community.fortinet.com/t5/FortiGate/Technical-Tip-Recommended-Release-for-FortiOS/ta-p/22717...) has been updated. But 7.2 and 7.4 are still not on the recommended list.

 

Yet, again, in one of the latest vulnerabilities, only 7.2 and 7.4 have patch (or not affected), while 7.0 is affected and has no patch. And the recommended solution for 7.0 is "migrate to a fixed release" (that means 7.2 and 7.4?)

https://www.fortiguard.com/psirt/FG-IR-23-432

rookie90284903
New Contributor

FortiOS 7.0.X EOES 2024/3/30, less than 3 months from now. Yet,

 

7.2 and 7.4 still not on the recommended list:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Recommended-Release-for-FortiOS/ta-p/22717...

 

7.0 still has no patch for a vulnerability revealed in mid Dec 2023:

https://www.fortiguard.com/psirt/FG-IR-23-432

 

rookie90284903
New Contributor

FortiOS 7.0.X EOES 2024/3/30, less than 2 months from now. However,

 

7.2 and 7.4 are still not on the recommended list:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Recommended-Release-for-FortiOS/ta-p/22717...

 

7.0 still has no patch for a vulnerability revealed in mid Dec 2023, and the recommended solution is to migrate to a fixed release = 7.2 or 7.4?

https://www.fortiguard.com/psirt/FG-IR-23-432

 

The two recommendations seem to contradict with each other.

hbac

Hi @rookie90284903,

 

Please note that the recommended FortiOS article is updated every quarter. It should be updated at the end of Q1 this year. 

 

We are planning to patch CVE-2023-47536 in 7.0.15. 

 

Regards, 

rookie90284903
New Contributor

One more vulnerability announced on 2024/2/8 that has no fix in 7.0, and the recommended solution is to migrate to a fixed release (= 7.2 or 7.4?).

Medium: https://www.fortiguard.com/psirt/FG-IR-23-301

 

And the one mentioned above, announced in mid Dec 2023.

Low: https://www.fortiguard.com/psirt/FG-IR-23-432

 

Top Kudoed Authors