8.3.1 Release Notes
Important Announcements and Notes
Read this section before you continue with the Release Notes below.
Outdated technical features are subject to removal in order to keep the CloudGen Firewall up to date and performing properly. See the following two paragraphs for the features that will be removed in this release and the features that are subject to removal in upcoming releases.
Certain features will be removed completely because they have become technically obsolete; other features have become outdated and will be replaced by improved technology.
Features No Longer Supported as of the 8.3.0/8.3.1 Release
Generic Forwarder
As of 8.3.0/8.3.1, networks that were entered in General Firewall Configuration -> Operational -> Generically Forwarded Networks are no longer supported and will be removed. Networks that are configured in this list will no longer be forwarded by the firewall after updating to release 8.3.0 or higher. You must configure a forwarding firewall service with corresponding rules to have this functionality.Protocol 254/FW compression
Firewall-to-Firewall compression has been discontinued and is no longer configurable. Traffic that was previously configured to use FW-2-FW compression will now be transported uncompressed.
Features that Will Become Obsolete in an Upcoming Release
FWAudit
WAN Optimization
CloudGen Firewall Web UI
Precautionary Security Measures for Control Centers
If you have a Control Center deployed with the CC wizard and there is no ECDSA CC SSH key configured at CC Identity, Barracuda Networks recommends the following to avoid possible security risks:
Manually create a new ECDSA "CC SSH key"
Create a legacy CC SSH key with more than 512 bits
Important Note for Users Wanting to Upgrade from Firmware Release 8.2.2
As of February 6, 2023, you can now upgrade from firmware release 8.2.2 to firmware release 8.3.1. This upgrade can be installed both on CloudGen Firewalls and on Control Centers. However, as this is a special upgrade, there are two different methods of how you must perform it depending on the type of your appliance.
For more information on how to upgrade from firmware release 8.2.2 to 8.3.1, see 8.3.1 Migration Notes.
Use the Appropriate Firewall Admin Release
Generally, Barracuda Networks recommends using the latest version of Firewall Admin for a new firmware release.
As of the public availability of this firmware 8.3.1, Barracuda Networks recommends using at least Firewall Admin version 8.3.1-64. You can download this version here: https://dlportal.barracudanetworks.com/#/packages/5466/FirewallAdmin_8.3.1-64.exe.
In case of upcoming hotfixes that solve known issues for Barracuda Firewall Admin, you can find the respective notes for the updated version(s) in this info box:
9.6.2022 – Hotfix for Firewall Admin 8.3.1-202: https://dlportal.barracudanetworks.com/#/packages/5478/FirewallAdmin_8.3.1-202.exe.
29.3.2032 – Hotfix 1094 for CloudGen Firewall 8.3.1: This hotfix updates the Microsoft Open Management Infrastructure package to version 1.7.0-0. This fixes a security vulnerability (CVE-2022-29149) and adds stability and functionality improvements. For more information, see https://dlportal.barracudanetworks.com/#/packages/5583/OMI-1.7.0-0-1094-8.3.1-180009149.tgz
29.5.2024 – Hotfix 1116 - Virus scanner engine update. This hotfix updates the virus scanner engine and fixes a license expiration issue.
Note: After installing the hotfix, you can only update from 8.3.1 to 9.0.2!
For more information, see https://dlportal.barracudanetworks.com/#/packages/5848/virscan-1116-8.3.2-216814708.tgz8.7.2024 – Hotfix 1122 - OpenSSH. The hotfixes fix the CVE-2024-6387 "regreSSHion" vulnerability. For more information, see https://dlportal.barracudanetworks.com/#/packages/5918/openssh-1122-8.3.3-220099653.tgz.
Release Notes
Firmware version 8.3.1 is a minor release.
Before installing the new firmware version:
Do not manually reboot your system at any time during the update unless otherwise instructed by Barracuda Networks Technical Support. Upgrading can take up to 60 minutes.
IMPORTANT Note for Hotfix-1083
SAML/ADFS Authentication also relies on the parameter Session Cookie Lifetime and can be configured at Box > Infrastructure Service > Authentication Service > SAML/ADFS Authentication, in section SAML Configuration. Switch to Advanced Mode in the left menu area, and click CONFIGURATION MODE to get access to this parameter.
If you have SAML/ADFS Authentication enabled and the value for the parameter Session Cookie Lifetime is not 0, you must set the value to 0 after installing hotfix-1083.
Changelog
To keep our customers informed, the "Known Issues" list and the release of hotfixes resolving these known issues are now updated regularly. If there are intermediate updates to this release, the corresponding notes will be found in this info box.
6.7.2022 – Hotfix-1083: Cumulative hotfix. For more information, see https://dlportal.barracudanetworks.com/#/packages/5519/cumulative-1083-8.3.1-157033585.tgz.
See also the following IMPORTANT note in the yellow info box.3.11.2022 – Hotfix-1086: OpenSSL 3.0.7. For more information, see:
https://dlportal.barracudanetworks.com/#/packages/5554/openssl-1086-8.3.1-167387414.tgz AND
https://campus.barracuda.com/product/cloudgenwan/doc/96024723/release-notes-8-3-1/13.12.2022 – Hotfix-1087: Cumulative Hotfix 8.3.1. For more information, see https://dlportal.barracudanetworks.com/#/packages/5559/cumulative-1087-8.3.1-170933727.tgz.
19.12.2022 – Hotfix-1088: Reporting Service. For more information, see:
https://dlportal.barracudanetworks.com/#/packages/5557/reporting-1088-8.3.1-170832995.tgz AND
https://campus.barracuda.com/product/cloudgenwan/doc/96024723/release-notes-8-3-1/26.1.2023 – Hotfix-1089: Security update. Fixes a security vulnerabilty (reported by SEC Consult) in the local Web UI. For more information, see: https://dlportal.barracudanetworks.com/#/packages/5560/webui-sdwan-1089-8.3.1-174141891.tgz AND
https://campus.barracuda.com/product/cloudgenwan/doc/96024723/release-notes-8-3-1/9.2.2023 – Hotfix-1092: OpenSSL - For more information, see https://dlportal.barracudanetworks.com/#/packages/5577/openssl-1092-8.3.1-175869362.tgz.
15.2.2023 – Update package: Update package for Barracuda CloudGen Firewall, Barracuda CloudGen WAN, and Barracuda Firewall Control Center from 8.x to 8.3.1 with hotfixes. For more information, see https://dlportal.barracudanetworks.com/#/packages/5580/update.GWAY-8.3.1-0086+5hotfixes.tgz.
15.2.2023 – Patch package: Patch package for Barracuda CloudGen Firewall, Barracuda CloudGen WAN, and Barracuda Firewall Control Center from 8.3.x to 8.3.1 with hotfixes. For more information, see https://dlportal.barracudanetworks.com/#/packages/5580/update.GWAY-8.3.1-0086+5hotfixes.tgz.
8.7.2024 – Hotfix 1122 - OpenSSH. The hotfixes fix the CVE-2024-6387 "regreSSHion" vulnerability. For more information, see https://dlportal.barracudanetworks.com/#/packages/5918/openssh-1122-8.3.3-220099653.tgz.
The following devices have reached EoL status:
Device Type | Model | EoL Date |
|---|---|---|
CloudGen Firewall | F800 Rev. B | 2022-03-01 |
CloudGen Firewall | F900 Rev. A | 2021-11-31 |
Control Center | C400 | 2022-02-28 |
Control Center | C610 | 2022-02-28 |
Modem | M10 (3G/UMTS) | 2019-03-31 |
Modem | M11 (3G UMTS) | 2021-09-30 |
Contact Us
Barracuda Campus
Barracuda Support