Endpoint

Sophos Anti-Virus for Linux 9

For Recommended Customers

About these release notes

These are the release notes for Sophos Anti-Virus for Linux Recommended versions, managed by Sophos Enterprise Console or standalone.

Some of the features mentioned in these release notes are only available on managed computers or if you have the appropriate license.

Note: You may find that you cannot yet download and use the latest version on the list below. This is because Sophos releases the software over a number of days, but publishes the release notes on the first day.

Version 9.13.2

Sophos Anti-Virus (SAV) 9.13.2
Threat detection engine 3.68.0

New features

  • We have updated the SAMBA libraries to 4.6.1.

Version 9.13.1

Sophos Anti-Virus (SAV) 9.13.1
Threat detection engine 3.68.0

New features

  • We have updated OpenSSL to 1.0.2j.
  • We have updated libexpat to 2.2.0.
  • We have made improvements to namespace and container handling.

Updated Components

The threat detection engine has been updated to 3.68.0. For information about the changes to the threat detection engine, see the Sophos Threat Detection Engine release notes.

Version 9.12.3 (Engine update only)

Sophos Anti-Virus (SAV) 9.12.3
Threat detection engine 3.67.3

New features

Resolved issues

No resolved issues.

Version 9.12.3

Sophos Anti-Virus (SAV) 9.12.3
Threat detection engine 3.65.2

New features

  • We have updated Python to 2.7.12.
  • RMS has been updated to use Transport Layer Security (TLS) 1.2.

Resolved issues

Issue ID Description
LINUXEP-2442 Diagnose updated to include resolv.conf and hosts file.
LINUXEP-2703 Improvements to sophosmgmtd to handle unknown policies.

Version 9.12.2

Sophos Anti-Virus (SAV) 9.12.2
Threat detection engine 3.65.2

New features

  • We have updated libexpat to 2.1.1 because of a vulnerability in 2.1.0.
  • The threat detection engine has been updated. For information about the changes to the threat detection engine, see the threat detection engine release notes.
  • We have also updated the readme files to include licenses for third party software.

Resolved issues

No resolved issues.

Known issues and limitations

Issue ID Description
LINUXEP-897 On some Japanese systems, characters in desktop alerts are corrupted.

On the Japanese version of RHEL/CentOS/Oracle Linux 7, desktop alerts may include corrupted characters. You should install the xorg-x11-fonts-misc fonts.

WKI67300 On Red Hat Enterprise Linux version 6 or version 5 64-bit, desktop pop-up alerts are not displayed.

To fix this problem, install the latest libXpm from the appropriate package on the Red Hat installation DVD.

This package is needed by desktop pop-up alerts but is not installed by default by Red Hat.

DEF92486 On-access scanning with fanotify on NFSv4 can block all access to files.

Running on-access scanning with fanotify on an NFSv4 file system can result in all file access being blocked. This is a kernel issue. Sophos is working with the Linux community to resolve it. Workrounds are to use Talpa instead, downgrade to NFSv3, or exclude any NFSv4 shares from on-access scanning.

DEF96261 On-access scanning with fanotify on CIFS causes 30 seconds delay in file creation and access.

If on-access scanning is run with fanotify on a CIFS (Common Internet File System) local share, users can experience a delay of around 30 seconds when creating or accessing files. This is a kernel issue and Sophos is working with the Linux community to resolve it. Workarounds are to disable CIFS oplocks or exclude the CIFS share from on-access scanning.

DEF74349 Enterprise Console does not show that a file has been quarantined.

On a Sophos Anti-Virus installation that is managed by Sophos Enterprise Console, if an on-demand scan quarantines a file, savlog shows that the file has been quarantined, but in Enterprise Console, "action taken" is blank.

Additional information

  • Installation in non-UTF-8 and non-ASCII encoded locations

    You can't install Sophos Anti-Virus in a location that is specified by a non-UTF-8 and non-ASCII path.

  • Installation on computers using non-UTF-8 and non-ASCII encoding

    On a computer that is using non-UTF-8 and non-ASCII encoding, to install from the deployment package that is created by mkinstpkg.sh, run the installation script as follows:

    LANG=C ./sophos-av/install.sh
  • Japanese language support

    Sophos Anti-Virus can be installed on computers that are using ja_JP.eucJP and ja_JP.UTF8. Installation on computers with ja_JP.sjis locale (Japanese with Shift-JIS encoding) is not supported.

  • Fonts required on Japanese systems

    On the Japanese version of RHEL/CentOS/Oracle Linux 7, you must install the xorg-x11-fonts-misc fonts. This ensures that desktop messages are correctly displayed.

  • Sophos Remote Management System doesn't start if Sophos Anti-Virus has been installed from NFS filesystem

    If you install Sophos Anti-Virus from an NFS filesystem, Sophos Remote Management System won't start. To work around this, use an alternative installation source instead, for example a Samba share.

  • Sophos Anti-Virus and PureMessage for UNIX

    If you install Sophos Anti-Virus on a mail server that is running Sophos PureMessage for UNIX, you must make sure that scanning of MIME files is disabled in Sophos Anti-Virus. This is because scanning MIME files with Sophos Anti-Virus might prevent PureMessage from accessing files that contain viruses. By default, MIME scanning is disabled.

Technical support

You can find technical support for Sophos products in any of these ways:

Legal notices

Copyright © 2007–2017 Sophos Limited. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.

Sophos, Sophos Anti-Virus and SafeGuard are registered trademarks of Sophos Limited, Sophos Group and Utimaco Safeware AG, as applicable. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.