Endpoint

Sophos Anti-Virus for Linux 9

For Preview Customers

About these release notes

These are the release notes for Sophos Anti-Virus for Linux Preview versions, managed by Sophos Enterprise Console or standalone.

Some of the features mentioned in these release notes are only available on managed computers or if you have the appropriate license.

Note

You may find that you cannot yet download and use the latest version on the list below. This is because Sophos releases the software over a number of days, but publishes the release notes on the first day.

Version 9

Sophos Anti-Virus

9.15.1

November 2018

9.15.0

July 2018

9.14.2

January 2018

9.14.0

July 2017

9.13.2

June 2017

Engine update

9.13.2

May 2017

9.13.1

Jan 2017

9.12.3

Jan 2017

Engine update

9.12.3

Nov 2016

Engine update

9.12.3

Sept 2016

9.12.2

July 2016

9.12.0

June 2016

Engine update

9.12.0

May 2016

Threat detection engine

3.74.2

3.72.1

3.70.2

3.69.2

3.68.2

3.68.0

3.68.0

3.67.3

3.67.0

3.65.2

3.65.2

3.64.3

3.64.0

Version 9.15.1

Updated Components

  • The threat detection engine has been updated from 3.72.1 to 3.74.2. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.
  • We have updated Python to version 2.7.15.
  • We have updated OpenSSL to 1.0.2p.

Version 9.15.0

Updated Components

  • The threat detection engine has been updated from 3.70.2 to 3.72.1. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.
  • We have updated curl to version 7.59.0.
  • We have updated Python to version 2.7.14.
  • We have updated libexpat to 2.2.5.
  • We have updated OpenSSL to 1.0.2n.
  • We have updated Boost to 1.66.0.
  • We have updated Samba to 4.8.0.

Version 9.14.2

Updated Components

  • The threat detection engine has been updated from 3.69.2 to 3.70.2. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.
  • We have updated curl to version 7.56.0.
  • We have updated Python to version 2.7.13.
  • We have updated libexpat to 2.2.3.
  • We have updated OpenSSL to 1.0.2m.
  • We have updated Boost to 1.65.1.
  • We have updated Samba to 4.6.6.

Version 9.14.0

New features

  • We have updated the product to use RMS 4.1.

Updated Components

  • The threat detection engine has been updated to 3.69.2. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.
  • We have updated curl to version 7.54.0.
  • We have updated zlib to version 1.2.11.
  • We have updated python-cryptography to version 1.8.1.
  • We have updated TALPA to version 1.23.1.
  • We have updated Boost to version 1.59.0.
  • We have updated OpenSSL to 1.0.2k.
  • We have updated libexpat to 2.2.1.
  • We have updated pycrypto to 2.6.1.

Version 9.13.2 Engine update

Updated Components

The threat detection engine has been updated from 3.68.0 to 3.68.2. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.

Version 9.13.2

New features

  • We have updated the SAMBA libraries to 4.6.1.

Version 9.13.1

New features

  • We have updated OpenSSL to 1.0.2j.
  • We have updated libexpat to 2.2.0.
  • We have made improvements to namespace and container handling.

Updated Components

The threat detection engine has been updated to 3.68.0. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.

Resolved issues

Issue ID

Description

LINUXEP-3194

Talpa does not compile on OpenSUSE Tumbleweed with Kernel version 4.7.2 .

LINUXEP-3215

Talpa reports errors when bind mounting a single file.

Version 9.12.3 Engine update

New features

Resolved issues

No resolved issues.

Version 9.12.3 Engine update

New features

Resolved issues

No resolved issues.

Version 9.12.3

New features

Resolved issues

Issue ID

Description

LINUXEP-2442

Diagnose updated to include resolv.conf and hosts file.

LINUXEP-2703

Improvements to sophosmgmtd to handle unknown policies.

Version 9.12.2

New features

  • We have updated libexpat to 2.1.1 because of a vulnerability in 2.1.0.
  • The threat detection engine has been updated. For information about the changes to the threat detection engine, see the threat detection engine release notes.
  • We have also updated the readme files to include licenses for third party software.

Resolved issues

No resolved issues.

Version 9.12.0 Engine update

New features

Resolved issues

No resolved issues.

Version 9.12.0

New features

  • Sophos Anti-Virus now includes support for Ubuntu 16.04.
  • We have updated OpenSSL to 1.0.2h.
  • Automatic sample submission is now available for Live Protection.
  • A new version of Talpa, 1.21.5, which fixes Talpa-related issues, has been added.

Resolved issues

Issue ID

Description

LINUXEP-804

Sophos Anti-Virus now identifies and ignores mount calls from an IP command.

LINUXEP-1814

The ACE/TAO implementation has been modified to correct issues with atomic registry file updating.

LINUXEP-1816

An on-demand scan issue has been fixed by increasing the argument limit passed on to the savscan command.

LINUXEP-1820

The yum command now runs as root to prevent errors.

LINUXEP-1938

Log message has been downgraded from error level to debug.

LINUXEP-2018

Debug errors were reported. These should no longer been shown.

Known issues and limitations

Issue ID Description
LINUXEP-1816 An on-demand scan fails if you specify scanning for more than 1000 files or directories.

In version 9.11.0 and later, when using savscan from the command line, the scan fails if you specify scanning for directories that contain more than 1000 files or directories.

LINUXEP-897 On some Japanese systems, characters in desktop alerts are corrupted.

On the Japanese version of RHEL/CentOS/Oracle Linux 7, desktop alerts may include corrupted characters. You should install the xorg-x11-fonts-misc fonts.

WKI67300 On Red Hat Enterprise Linux version 6 or version 5 64-bit, desktop pop-up alerts are not displayed.

To fix this problem, install the latest libXpm from the appropriate package on the Red Hat installation DVD.

This package is needed by desktop pop-up alerts but is not installed by default by Red Hat.

DEF92486 On-access scanning with fanotify on NFSv4 can block all access to files.

Running on-access scanning with fanotify on an NFSv4 file system can result in all file access being blocked. This is a kernel issue. Sophos is working with the Linux community to resolve it. Workrounds are to use Talpa instead, downgrade to NFSv3, or exclude any NFSv4 shares from on-access scanning.

DEF96261 On-access scanning with fanotify on CIFS causes 30 seconds delay in file creation and access.

If on-access scanning is run with fanotify on a CIFS (Common Internet File System) local share, users can experience a delay of around 30 seconds when creating or accessing files. This is a kernel issue and Sophos is working with the Linux community to resolve it. Workarounds are to disable CIFS oplocks or exclude the CIFS share from on-access scanning.

DEF74349 Enterprise Console does not show that a file has been quarantined.

On a Sophos Anti-Virus installation that is managed by Sophos Enterprise Console, if an on-demand scan quarantines a file, savlog shows that the file has been quarantined, but in Enterprise Console, "action taken" is blank.

Additional information

  • Installation in non-UTF-8 and non-ASCII encoded locations

    You can't install Sophos Anti-Virus in a location that is specified by a non-UTF-8 and non-ASCII path.

  • Installation on computers using non-UTF-8 and non-ASCII encoding

    On a computer that is using non-UTF-8 and non-ASCII encoding, to install from the deployment package that is created by mkinstpkg.sh, run the installation script as follows:

    LANG=C ./sophos-av/install.sh
  • Japanese language support

    Sophos Anti-Virus can be installed on computers that are using ja_JP.eucJP and ja_JP.UTF8. Installation on computers with ja_JP.sjis locale (Japanese with Shift-JIS encoding) is not supported.

  • Fonts required on Japanese systems

    On the Japanese version of RHEL/CentOS/Oracle Linux 7, you must install the xorg-x11-fonts-misc fonts. This ensures that desktop messages are correctly displayed.

  • Sophos Remote Management System doesn't start if Sophos Anti-Virus has been installed from NFS filesystem

    If you install Sophos Anti-Virus from an NFS filesystem, Sophos Remote Management System won't start. To work around this, use an alternative installation source instead, for example a Samba share.

  • Sophos Anti-Virus and PureMessage for UNIX

    If you install Sophos Anti-Virus on a mail server that is running Sophos PureMessage for UNIX, you must make sure that scanning of MIME files is disabled in Sophos Anti-Virus. This is because scanning MIME files with Sophos Anti-Virus might prevent PureMessage from accessing files that contain viruses. By default, MIME scanning is disabled.

Technical support

You can find technical support for Sophos products in any of these ways:

Legal notices

Copyright © 2018 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.

Sophos, Sophos Anti-Virus and SafeGuard are registered trademarks of Sophos Limited, Sophos Group and Utimaco Safeware AG, as applicable. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.