Junos Software Service Release version 17.4R2-S8 is now available for download from the Junos software download site
Download Junos Software Service Release:
- Go to Junos Platforms - Download Software page
- Input your product in the "Find a Product" search box
- From the Type/OS drop-down menu, select Junos SR
- From the Version drop-down menu, select your version
- Click the Software tab
- Select the Install Package as need and follow the prompts
Junos Software service Release version 17.4R2-S8 is now available.
The following are incremental changes in 17.4R2-S8.
| PR Number |
Synopsis |
Description |
| 1305424 |
The mgd might crash when Ephemeral DB is used
|
This type of crash indicates simultaneous operation on an ephemeral instance. When a process wants to open ephemeral config in merge view, some other activity (like purging, deletion/recreation) is being carried out on this ephemeral instance. The occurrence of this core is rare.
|
| 1397744 |
Junos OS: SRX Series: Denial of Service vulnerability in srxpfe related to PIM (CVE-2019-0075)
|
A vulnerability in the srxpfe process on Protocol Independent Multicast (PIM) enabled SRX series devices may lead to crash of the srxpfe process and an FPC reboot while processing (PIM) messages.
|
| 1405423 |
MX Series: Denial of Service vulnerability in MS-PIC component on MS-MIC or MS-MPC (CVE-2019-0065)
|
On MX Series, when the SIP ALG is enabled, receipt of a certain malformed SIP packet may crash the MS-PIC component on MS-MIC or MS-MPC. Refer to https://kb.juniper.net/JSA10964 for more information.
|
| 1410401 |
Junos OS: Session fixation vulnerability in J-Web (CVE-2019-0062)
|
A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device.
|
| 1419515 |
Junos OS: PKI key pairs are exported with insecure file permissions (CVE-2019-0073)
|
The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow another user on the Junos OS device with shell access to read them.
|
| 1446931 |
NAT service-set in certain scale might fail to get programmed
|
In NAT/stateful-firewall scenario using service PIC on MX platforms, the service-set might fail to get programmed after configuration commit if the configuration scale is in particular range hitting the issue.
|
| 1449468 |
Increase in the maximum value of delegation-cleanup-timeout
|
Increase in the maximum value of delegation-cleanup-timeout - You can now configure a maximum of 2147483647 seconds as the delegation cleanup time for a Path Computation Client (PCC). This extends the time taken by the PCC to retain the last provided path over a PCEP session from the last session down time. With the increase in maximum value of delegation-cleanup-timeout from 600 to 2147483647 seconds, you can benefit during a Path Computation Element (PCE) failover, or other network issues that may disrupt the PCEP session with the main active stateful PCE.
|
| 1460027 |
PPTP NOT working with DNAT44
|
PPTP ALG will not work with destination-nat dnat-44 in 18.3R3.
|