Your Reflection for Secure IT Windows Client includes new features, improves usability, and resolves several previous issues.
This service pack improves usability and resolves several previous issues.
Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure that our products meet all your needs.
Reflection for Secure IT Windows Client 8.0.1 is available now for new and existing customers. This technical note provides information about how to obtain your update and a list of features and fixes included in the update. This note also includes fixes in Reflection FTP Client 16.0, which is included with Reflection for Secure IT Windows Client. 8.0.1 is cumulative and also applies the features and fixes provided in earlier updates and service packs. For a list of these features and fixes see the following:
For important information regarding security updates and installing Reflection for Secure IT, see Technical Note 2288.
RSIT Win Client 8.0.1 adds support for Windows 10. For further information about platform support in Reflection, see Technical Note 1944.
This release includes fixes for the following reported security vulnerabilities. For additional information, see Technical Note 2288.
CVE-2015-0204: OpenSSL Client RSA Silent Downgrade Vulnerability
CVE-2015-4000: Diffie-Hellman Logjam Vulnerabilities
CVE-2015-0289: NULL pointer dereferences
CVE-2015-0292: Base64 decode
CVE-2016-0705: Double-free in DSA code
BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
CVE-2016-0702: Side channel attack on modular exponentiation
CVE 2016-2018 – OpenSSL Security Advisory
Windows Credentials can now be used for AS400 FTP Sign-On.
Command line SFTP only writes the end of a large file listing when the connection is closed.
ActivClient 7.0 configured for PKCS#11 is now usable with reflection products.
After configuring Client Authentication with "Automatically select client certificate" (the default) chosen, the automatic chooser no longer chooses an expired certificate when a valid certificate exists in the list.
The following UTF-8 characters are now drawn correctly: U+25a0, U+203b, U+2234, U+2235, U+2312, U+223d.
A problem closing the connection when downloading a large CRL (2 MB) exceeds the connection timeout has been resolved. Previously if the time required to download the CRL exceeded the connection timeout, Reflection lost the connection to the server with an exception error in rssh.exe.
The sftp command line client now returns to command prompt after connection timed-out with exit code 84 on Windows 8, Windows Server 2012, and Windows 10.
Reflection for Secure IT Windows Client 8.0.1 is now supported on Windows 10.
Reflection ftpCOM API IsConnected and LastError properties now return correct status after a Host disconnect event.
An issue that could cause the Reflection FTP Client to shut down unexpectedly while transferring a large number of files going to an OpenVMS (Process software) SSH server has been resolved.
Connections using SSL/TLS now support DH cipher suites, and no longer support 40-bit and 56-bit cipher suites.
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal/.
Copyright © 2017 Attachmate Corporation, a Micro Focus company. All Rights Reserved.