The following issues from previous LMOS releases have been addressed in this release.

PD-16513 UI Authentication via LDAPS: Fixed a bug where LDAPS was not checking "Basic Constraints" as required for intermediate certs in a chain.
PD-16361 SSL Certificates: LoadMaster has been modified to reject an otherwise valid server certificate that lacks the Server Authentication purpose in the extendedKeyUsage field; no connection is established in this case.
PD-16157 High Availability (HA) Status: On the Open Telecom platform only, LoadMasters configured into HA show a status of Active/Active if multiple health checks are being executed and these connections remain open for long periods. This bug has been fixed and HA status is now displayed appropriately.
PD-16156 LDAP: Enhanced the UI and API to support the hyphen character (-) in LDAP endpoint names.
PD-16134 AWS Machine Instances: On the AWS cloud platform only, LM was observed not to boot properly when using certain newer machine sizes with BIOS versions above Version 9. This issue has been fixed.
PD-16122 Reliability and Stability: Fixed an issue with processing large amounts of chunked data from servers with compression enabled that could cause the system to become temporarily unavailable (and a failover to occur in High Availability mode).
PD-16057 Logging: In previous releases, various log messages included the file system location of the syslog configuration file. All such messages have been modified to remove the configuration file location.
PD-15869 Adaptive Health Check Agent: Updated the adaptive health check mechanism to use HTTP 1.1 (instead of HTTP 1.0) when making Real Server connections.
PD-15860 Real Server Configuration: Fixed an issue where the parameter values of a Real Server that has been created with a DNS FQDN (instead of an IP address) cannot be modified.
PD-15828 Single Sign On (SSO): On previous releases, access may be denied during SSO when correct credentials have been supplied, along with log messages indicating "XSS attack dtcode 7". This issue occurs because in some cases LoadMaster is not properly handling SameSite cookie options contained in the client request. This issue has been fixed.
PD-15788, PD-15337 Login Security: Fixed a bug that caused two issues: (1) the Failed Login Attempts parameter is ignored and users are not getting locked out; and, (2) it is possible under specific circumstances for a user to be logged into another user's current session.
PD-15689 MELA: Fixed an issue that caused the LoadMaster MELA Activation Check to fail when LoadMaster contacts Kemp 360 Central.
PD-15578 NTLM: In previous releases, when NTLM is enabled on a VS, the LoadMaster reads the request headers, determines that the Authorization header is not present, and sends a 401 reply without waiting for any in-transit client data (such as a POST) to complete. This has been fixed; LoadMaster will now wait for all data before sending a response.
PD-15563 Base System: Fixed an issue that caused spurious “kernel: hpet1: lost x rtc interrupts” messages to be seen in the logs.
PD-15471 API: Modified the ping, ping6, and traceroute APIs to support an FQDN or hostname as input.
PD-15470 GEO / DNS: Fixed an issue where the name resolution cache was not being flushed when the configuration was reloaded.
PD-15466 API: Fixed an issue with the getraidinfo and getraiddisksinfo APIs, where the response contained HTML-encoded angle brackets, instead of ASCII-encoded brackets.