LM-7299 L7 Request Logging for LoadMaster 360 User Insights: Fixed an issue that could cause L7 request logging to become disabled and some Virtual Services to restart.
LM-7281 Web Application Firewall (WAF): Fixed a memory leak observed when the SecXmlExternalEntity directive is used in a custom rule.
LM-7275 OWASP Core Rule Set (CRS): Fixed an issue first observed in 7.2.60 that prevented the OWASP CRS from being updated to the latest v3 release (3.3.7).
LM-7230 Certificates User Interface (UI): Fixed an issue where spurious text is displayed in the Common Name (CN) field when the CN contains an asterisk (*).
LM-7206 Security/Stability: Fixed a possible buffer overflow and segmentation fault that could occur if a carefully-crafted command is executed when logged into the system through SSH.
LM-7049 High Availability (HA): Fixed an issue that (in particular circumstances) could cause a kernel panic resulting in the following error in the debug log: Kernel panic - not syncing: Fatal exception.
LM-7048 ACME Certificates: Fixed an issue where an ACME certificate cannot be deleted if the certificate name contains a substring of another certificate name.
LM-6939 Security/Stability: Closed possible command injection vulnerabilities in the aclcontrol and modvs API commands.
LM-6929 Certificates: Fixed an issue where adding a certificate fails because of internal errors occurring when processing base64 data.
LM-6925 Virtual Service Templates/Reliability: When a customer-created template is used to create a Virtual Service, the normal behavior is to disable the new Virtual Service on creation. It has been observed that (in some cases) a different Virtual Service will be disabled instead. This issue has been fixed.
LM-6895 UI in Amazon Web Services (AWS) Cloud: Fixed an internal error that could cause the UI to become unavailable. This issue only affects units deployed in the AWS public cloud.
LM-6871 Historical Graphs UI/Stability: Fixed an internal issue that could cause the UI to become unresponsive after enabling and disabling Virtual Services in historical graphs.
LM-6847 Health Checks: Fixed an issue where health checks did not recognize changes made to the Outbound Cipher Set until after a reboot. Such changes are now recognized in the next health check cycle after they are made.
LM-6774 WAF: Fixed an issue with large POSTs containing chunked data that could cause the request to fail.
LM-6755 Application Programming Interface (API): Fixed an issue where valid tcpdump commands fail due to incorrect parsing of options.
LM-6481 Clustering UI: Fixed an issue where SubVSs are being incorrectly marked unavailable.
LM-6455 HTTP/2: Fixed an issue where a carefully-crafted request could result in HTTP request smuggling if HTTP/2 is enabled on the Virtual Service.
LM-6223 Kubernetes Ingress Controller (KIC): Fixed an issue where changes to Virtual Service settings made through the Checkcodes, Checkpattern, and Checkheaders ingress notations were not reflected in the Virtual Service configuration.
LM-6188 Single Sign On/L7 Request Log: Fixed an issue where requests to a Virtual Service fail when NTLM-Proxy and KCD are enabled and the L7 request log is also enabled (through LoadMaster 360 User Insights).
LM-5307 HTTP/2: Fixed an issue that caused body modification content rules to fail when HTTP/2 is enabled.
LM-2983 LM-2292 HTTP/2: Fixed internal issues that could cause a system crash and reboot when HTTP/2 is enabled.
LM-2596 ESP Extended User Logs: Fixed an issue where extended user logs were not being generated for a SubVS with ESP and “Delegate To Server” client-side authentication enabled.
LM-2308 ESP Log UI: The UI for ESP logs has been modified to correct issues with displaying date ranges. Date range selection controls have been removed in favor of displaying a list of log files that include the date stamp of the first and last logs in the file name. If the dates of the first and last logs in the file are the same or there are no logs in the file, then only one date stamp is shown in the file name. The currently in-use log file is presented without any date stamp in the filename.