Cisco
ASA Interim Release Notes
The software
images listed below are Interim releases.
They contain bug fixes which address specific issues found since the
last Feature or Maintenance release.
The images are fully supported by Cisco TAC and will remain on the
download site only until the next Maintenance release is available. If you do
not have a specific problem which is resolved by an Interim release, we
recommend that you use the Feature or Maintenance release images.
Important: These images were not fully regression
tested. Each individual fix was
unit tested, and the image has had a limited amount of automated regression
testing to confirm a baseline of functionality. Keep this testing status in mind if you decide to run them
in a production environment. We
strongly encourage you to upgrade to a fully tested Maintenance or Feature release
when it becomes available.
Revision: Version 8.2.2(16) – 05/26/2010
Files: asa822-16-k8.bin,
asa822-16-smp-k8.bin
Defects resolved since 8.2.2(12):
|
NAT with ACL statements causing long
time to reboot. |
|
|
standby unit crashes at show failover
with active traffic |
|
|
standby unit crashes at snp_sp_main.c |
Revision: Version 8.2.2(12) – 04/21/2010
Files: asa822-12-k8.bin,
asa822-12-smp-k8.bin
Defects resolved since 8.2.2(9):
|
Configure fail state link without IP
addr causes LAND attack syslogs |
|
|
SIP builds many secondary conns with
register msg but no registrar |
|
|
Removed ACL permits inbound packets |
|
|
ASA 8.2.1.4 Crash when webvpn capture
is configured |
|
|
4GE-SSM will not transmit all fragments |
|
|
ASA: Unable to pass traffic through an
Airlink router w DTLS enabled |
|
|
ASA 8.04 - certificate chain not being
sent during rekey w/ IPSEC RA |
|
|
Actions attached to class class-default
don't apply to traffic |
|
|
Slow memory leak in WebVPN related to
CIFS cache |
|
|
Thread Name: netfs_thread_init |
|
|
SNAP frames are sent from Management
interface in Transparent mode ASA |
|
|
Memory Leak In CIFS can casue memory
depletion |
|
|
Copy to disk0 without ":",
prefills dest as disk0, cant delete/view file |
|
|
Memory leak happens due to huge number
of LDAP authentication failure |
|
|
show failover command authorization not
available |
|
|
ASA 5580 8.2(2) traceback with traffic
across 10 Gig interfaces |
|
|
Option to change Pane Title missing
from customization editor |
|
|
Active ASA unit tracebacks in Thread
Name: ssh |
|
|
ldap-dn password is in the clear within
running config |
|
|
IKE not passing Cert attr to LDAP
server causing Authorization failure |
|
|
asa standby unit reboots after acl
config changes |
|
|
ASA/w 4-GE-SSM shows module status
unresponsive after power surge |
|
|
Certificate map fails to match with
case sensitive SAN |
|
|
quiting "show controller"
command with 'q' key triggers failover |
|
|
ASA 8.2.2 memory leak in inspect |
|
|
ISAKMP Packet decode for IKE-Frag shows
incorrect Frag ID (byte-swap) |
|
|
Received unexpected event EV_TERMINATE
in state MM_SND_MSG6_H |
Revision: Version 8.2.2(9) – 03/30/2010
Files: asa822-9-k8.bin,
asa822-9-smp-k8.bin
Defects resolved since 8.2.2:
|
dhcp-network-scope ip that matches
interface can cause route deletion |
|
|
ASA stops accepting IP from DHCP when
DHCP Scope option is configured |
|
|
WARNING: The vlan id entered is not
currently configured under any int |
|
|
ASA 8.0(4) traceback in Dispatch Unit
due to stack corruption |
|
|
MAC OSX: Smarttunnel applications don't
use name resolution |
|
|
Traceback in unicorn thread
(outway_buffer_i) |
|
|
DH group 5 freezes IKE processing for
about 80ms |
|
|
ASA unable to assign IP address for VPN
client from DHCP intermittently |
|
|
ASA traceback in 'Thread Name: ssh'
when working with captures |
|
|
enable_15 user can execute some
commands on fallback to LOCAL db. |
|
|
ASA: SIP inspect not opening pinhole
for contact header of SIP 183 msg |
|
|
Null0 route installed for EIGRP summary
routes is ignored in routing tbl |
|
|
tcp-intercept doesn't start 3WH to
inside |
|
|
ASA traceback thread name dispatch
unit, assertion calendar_queue.h |
|
|
ASDM fails to load due to out of DMA
memory when logging is configured |
|
|
Webvpn- rewrite : ASA inserts
lang=VBScript incorrectly |
|
|
SLA monitor fails to fail back when ip
verify reverse is applied |
|
|
SSL lib error. Function: DO_SSL3_WRITE
while making cert only SSLVPN |
|
|
Traceback: CTM message handler - L2TP
and crypto reset - stack overflow |
|
|
assertion "t->stack[0] ==
STKINIT" failed: file "thread.c", line 743 |
|
|
vpn-session-db shows incorrect
group-policy for failed memberOf ldap-map |
|
|
ASA: Webvpn CIFs does not refresh
updated files |
|
|
LDAP CRL Download Fails due to empty
attribute pki-cro |
|
|
ASA traceback in Thread Name:
Checkheaps |
|
|
SNAP frame with MAC address learned on
management-only interface is sent |
|
|
ASA not getting IPv6 ND sollicitation
on subinterfaces |
|
|
IPsec: Outbound context may be deleted
prematurely |
|
|
AnyConnect 2.4 can't connect but both
auths are successful |
|
|
Traceback on secondary with SIP
connection replication |
|
|
ASA - 1550 block leaking due to email
proxy |
|
|
re-adding class in policy-map causes
undesired behavior-see CSCte80609 |
|
|
ASA: ip IPSec SA not brought up if similar icmp SA is up |
|
|
ASA assert
"new_flow->conn->conn_set == NULL" failed: file "snp_mcast.c" |
|
|
ASA traceback when new DHCPD commands
entered |
|
|
TCP RSTs returned from inline IPS are
dropped on multi-context ASA |
|
|
traceback in checkheaps during backup
of asa with smartcare appliance |
|
|
ASA running 8.0.4.32 traceback in
Thread Name: Dispatch Unit |
|
|
CTA does not respond for EAP from ASA
8.0.5 with NAC |
|
|
Error event causes Syslog 199011
"Close on bad channel in process/fiber" |
|
|
VPN session not replicate to Standby
after Failover State Link failure |
|
|
checkheaps causes nested traceback |
|
|
WebVPN: Plugin SSO not working with
special characters in username or pw |
|
|
FTP download for files larger than 2GB
doesn't work properly |
|
|
ASA5580 drops outbound ESP pkt if
original pkt needs to be fragmented |
|
|
eip 0x08a7464d
<policymap_attach_action+573 at qos/policymap.c:1399> |
|
|
CA ServiceDesk hidden frame not showing |
|
|
Active ASA tracebacks in Thread Name:
Dispatch Unit |
|
|
Fails to export Local CA Cert after
rebooting ASA |
|
|
Certificate authentication failing on
ASA: incorrect key for validation |
|
|
ASA doesn't allow username length of
<4 characters |
|
|
msgid in Language Localization are not
synchronized |
|
|
SSL sockets stuck in CLOSE_WAIT status
using webvpn |
|
|
Encoded error message issue in
/+CSCOE+/logon.html |
|
|
ASA5580 traceback in thread
DATAPATH-2-476, eip rt_timer_cancel_callback |
|
|
assertion "*cntp != 0"
failed: file "mp-datastruct/mp_mutex_rw_lock.h" |
|
|
Cookie being set improperly due to
webvpn misreading firefox flags |
|
|
WebVPN Smart Tunnel failing for
ProPalms Application |
|
|
https/ssh connections to the ASA
produce fiber scheduler error syslog |
|
|
VPN user cannot ping to inside
interface with management-access config |
|
|
ASA 8.2 webvpn custom login page shows
Javascript error with IE |
|
|
AC Essentials not enabled w/ active ssl
session should provide msg |
|
|
Call-home XML schema incorrect |
|
|
WebVPN user-storage does not work if
user logon as DOMAIN\Username |
|
|
ASA 8.0(5) - "LU allocate
connection failed" |
|
|
ASA HW client: deny rule for DHCP
should account for remote subnets |
|
|
FO: "service resetoutside"
exists only in standby unit after failover |
|
|
ASA - Memory depleting 1% per day due
to snmp-server ipsec configuration |
|
|
Traceback in Dispatch Unit (Old pc
0x08180444 ebp 0xc793d980) |