PAN-OS Known issues and Upgrades

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

PAN-OS Known issues and Upgrades

L1 Bithead

Hello Everyone, 

 

In general, what is the industry practice to patch vulnerabilities in the PAN-OS. From time to time, Palo Alto release PAN-OS upgrades versions. However, with each new version there are known issues. Some of the known issues are fixed via the next new PAN-OS version and some of the known issues are not fixed by upgrades. For example, PAN OS version 10.1.4-h4 has lot of known issues and two of the high-risk issues (a - https://security.paloaltonetworks.com/CVE-2022-0024 b - https://security.paloaltonetworks.com/CVE-2022-0028  ) were fixed by much later version of PAN-OS.

 

In interim, till Palo upgrades the PAN-OS version to fix known issues from prior version, what is a general (best) practice to deal with the known issues? 

 

Does every one wait for Palo to release new PAN-OS version or try to fix high risk issues such as two examples above alternatively. 

 

 

2 accepted solutions

Accepted Solutions

Cyber Elite
Cyber Elite

Palo Alto TAC is keeping track of preferred releases.

10.1.x branch preferred release is 10.1.8-h2

 

It is always smart to check known issues for specific release before upgrade.

 

https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-...

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

View solution in original post

Cyber Elite
Cyber Elite

Raido_Rattameister_0-1673539688617.png

 

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

View solution in original post

3 REPLIES 3

Cyber Elite
Cyber Elite

Palo Alto TAC is keeping track of preferred releases.

10.1.x branch preferred release is 10.1.8-h2

 

It is always smart to check known issues for specific release before upgrade.

 

https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-...

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

@Raido_Rattameister Thank you for the response. It seems access to the link above is denied. 

Cyber Elite
Cyber Elite

Raido_Rattameister_0-1673539688617.png

 

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011
  • 2 accepted solutions
  • 3051 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!