We use 6.0.6 and will go to 6.0.8 for vulnerability issues within the next few weeks. Mainly the following: 73111—Dataplane restarts were caused by a race condition between dataplane packet processes, where the session resource allocation became out of sync between central processing units (CPUs). A fix was added to keep session resource allocation in sync between dataplane processes. 71486—A fix was made to address an issue with user input sanitization to prevent Cross-site Scripting (XSS) attacks against the web interface. 71321—Removed support for SSL 3.0 from the GlobalProtect gateway, GlobalProtect portal, and Captive Portal due to CVE-2014-3566 (POODLE). 71320—Removed support for SSL 3.0 from the web interface due to CVE-2014-3566 (POODLE).
... View more