About this release

This document contains important information about the current release. We recommend that you read the whole document.

McAfee® Web Gateway (Web Gateway) 7.8.2.4 is provided as a main release. It is an update that resolves issues present in previous versions.

Vulnerabilities removed in versions 7.8.2 and 7.8.2.2

The following vulnerabilities were already removed in version 7.8.2 and its 7.8.2.2 update, which were both provided as controlled releases. It was not mentioned, however, in the release notes for these versions that these vulnerabilities had been removed.

  • Web Gateway was affected by the CVE-2018-2952/RHSA-2018-0980 vulnerability, which could be exploited by performing improper write operations when using openSSL, allowing for zero-length file creation. After an appropriate fix has been implemented, Web Gateway is not affected anymore. (7.8.2 - 1236737)
  • Web Gateway was affected by the CVE-2018-1336 vulnerability, which posed a threat to the use of the Apache Tomcat server. After an appropriate fix has been implemented, Web Gateway is not affected anymore. (7.8.2 -1248233)
  • Web Gateway was affected by the CVE-2018-2952/RHSA-2018:2242 vulnerability, which created a security risk when importing openjdk. After an appropriate fix has been implemented, Web Gateway is not affected anymore. (7.8.2.2 -1253085)

Fixes that removed these vulnerabilities were also implemented in version 8.0 and mentioned in the release notes.