This document describes new features and fixes introduced in the 10.5.5 release. For upgrade instructions and considerations, reference the Upgrade Guide for Recovery Series and Unitrends Backup.
This release includes updated Windows core and bare metal agents. The 10.5.5 core agent is recommended for all Windows assets and is required for Windows fixes in this release.
||Windows image-level backups – After upgrading from a pre-10.4.9 agent, the next backup is automatically promoted to a full.
The table below lists fixes included in this release. Unless stated otherwise, you can apply each fix by simply upgrading your appliance.
- Resolved a resource blocking issue that could cause an appliance to hang when attempting to add an asset.
- On-box recovery – Resolved an issue with the creation of a bridge network with certain hardware configurations.
- Windows image-level recovery – Resolved an issue if the first partition was an extended partition. This fix requires the 10.5.5 Windows agent.
Note: These security vulnerabilities were identified through independent audits performed by these companies: Dutch Institute for Vulnerability Disclosure (DIVD) and Critical Start.
Addressed these appliance security vulnerabilities:
- Unauthenticated SQL injection
- PostgresSQL trigger command injection
- Unauthenticated remote code execution
- Privilege escalation using arbitrary code and user apache
- Privilege escalation using unauthorized commands and session API
- Samba service could permit anonymous connections with read/write access
- HTTP request buffer overflow and format strings