| Issue ID | Description |
|---|---|
| CFD-15343 (03178845) | Fixed an issue where user profile/VLAN assignment could remain incorrect after a username change (user versus machine authentication) by redoing reassignment instead of using stale roaming-cache data. |
| CFD-16019 (03213922) | Fixed ECWP fallback roaming where the AP could send a disassociation during client reassociation by removing vendor driver logic that initiated disassociation during TX validation (multicast L3 roaming scenarios). |
| CFD-16175 (03230588) | Fixed AP5020 upstream QoS rate limiting not being enforced by ensuring the FE correctly detects QoS-flagged packets and applies the configured per-client limit. |
| CFD-16508 (03220996, 03243636) | Fixed wired 802.1X supplicant authentication failures (EAP-TLS) after an OpenSSL upgrade by loading/parsing the private key in the application and attaching it directly to the SSL object. |
| HOS-23531 | Fixed a defect with 802.11w/MFP mode configuration. |
| HOS-23898 | Fixed a backwards compatibility issue for legacy authentication (such as PEAP-MSCHAPv2) for both wired and wireless (related: CFD-14824) by adding the MD4 cryptographic module back into IQ Engine. |