MessageWay Remote Execution Server Maintenance Release
Maintenance Release Name:
mwres-6.1.0-mr08-win32
Release date: January 5,
2021
Prerequisite: MessageWay
Remote Execution Server 6.1.0 and MessageWay 6.1.0 mr09
Obsoletes Maintenance Releases (formerly called Hotfixes): All
previous MessageWay Remote Execution Server 6.1.0 Hotfixes
Files:
This Maintenance Release contains the files listed below:
Files changed in this Maintenance Release
mwres-6.1.0-mr08-win32:
| libeay32.dll |
OpenSSL crypto library |
|
mwres-6.1.0-mr08-win32_readme.html |
This Readme file |
Files changed in previous Hotfixes and rolled into this
Maintenance Release:
|
mwresd.exe |
MessageWay RES server Version 6.1.0.3 |
|
mwres-6.1.0-mr03-win32.exe |
RES Installer |
Installing the MessageWay RES Server
Maintenance Release:
1) Download the
Maintenance Release install package sent by Progress.
2) Logon to the
perimeter server as the user that installed the MessageWay RES service.
3)
Copy the Maintenance Release install package to the perimeter server and unzip.
4) Step 3 will automatically create a new subdirectory named after the
Maintenance Release install package.
5) Stop the MessageWay RES
service.
6) Stop any remote processes that had
been invoked by mwresd.
7) Locate and run the install program (mwres-6.1.0-mr08-win32.exe)
in the subdirectory structure created in step 3 (...\servers_mrs\windows\).
8) Answer the prompts as they appear.
9) Start the MessageWay RES service.
The Maintenance
Release is now installed on the server. A backup copy of every replaced object was saved in the \Program Files
(x86)\MessageWay\res\backups subdirectory.
To verify that the
Maintenance Release installed properly, view the \Program Files
(x86)\MessageWay\res\updates\ChangeLog.txt file. That file is updated
whenever a
Maintenance Release is installed. Additionally, this Maintenance Release Readme file is saved in the
\Program Files
(x86)\MessageWay\res\updates subdirectory for future reference.
( January 5, 2021 ) Issues closed in
mwres-6.1.0-mr08-win32
IMPORTANT NOTE about Security Updates for this release:
MessageWay now includes the OpenSSL 1.0.2u and FIPS 2.0.16 releases.
They
address many vulnerabilities that can be
found in the release notes on the Openssl.org site.
Specifically, see the
following link for further details about this release of OpenSSL:
https://www.openssl.org/news/openssl-1.0.2-notes.html
Specifically, see the following link for further details about this release of
FIPS:
https://www.openssl.org/docs/fips/SecurityPolicy-2.0.16.pdf
MessageWay Remote Execution Server - Issue #950 (Program
changed: libeay32.dll)
Issue 950: See Important
Note about Security Updates for this issue above.
( December 21, 2018 ) Issues closed in
mwres-6.1.0-mr07-win32
IMPORTANT NOTE about Security Updates for this release:
MessageWay now includes the OpenSSL 1.0.2p and FIPS 2.0.16 releases.
They
address many vulnerabilities that can be
found in the release notes on the Openssl.org site.
Specifically, see the
following link for further details about this release of OpenSSL:
https://www.openssl.org/news/openssl-1.0.2-notes.html
Specifically, see the following link for further details about this release of
FIPS:
https://www.openssl.org/docs/fips/SecurityPolicy-2.0.16.pdf
MessageWay Remote Execution Server - Issue #4118 (Program
changed: libeay32.dll)
Issue 4118: See Important
Note about Security Updates for this issue above.
( March 31, 2018 ) Issues closed in
mwres-6.1.0-mr06-win32
IMPORTANT NOTE about Security Updates for this release:
MessageWay now includes the OpenSSL 1.0.2n and FIPS 2.0.16 releases.
They
address many vulnerabilities that can be
found in the release notes on the Openssl.org site.
Specifically, see the
following link for further details about this release of OpenSSL:
https://www.openssl.org/news/openssl-1.0.2-notes.html
Specifically, see the following link for further details about this release of
FIPS:
https://www.openssl.org/docs/fips/SecurityPolicy-2.0.16.pdf
MessageWay Remote Execution Server - Issue #4118 (Program
changed: libeay32.dll)
Issue 4118: See Important
Note about Security Updates for this issue above.
( February 28, 2017 ) Issues closed in
mwres-6.1.0-mr05-win32
IMPORTANT NOTE about Security Updates for this release:
MessageWay now includes the OpenSSL 1.0.2j and FIPS 2.0.12 releases.
They
address many vulnerabilities that can be
found in the release notes on the Openssl.org site.
Specifically, see the
following link for further details about this release of OpenSSL:
https://www.openssl.org/news/openssl-1.0.2-notes.html
Specifically, see the following link for further details about this release of
FIPS:
https://www.openssl.org/docs/fips/SecurityPolicy-2.0.12.pdf
MessageWay Remote Execution Server - Issue #4246 (Program
changed: libeay32.dll)
Issue 4246: See Important
Note about Security Updates for this issue above.
(
April 13, 2016
) Issues closed in
mwres-6.1.0-mr03-win32
IMPORTANT NOTE about Security Updates for this release (Issue-4025,
4144):
MessageWay now includes the OpenSSL 1.0.1r and FIPS 2.0.11 releases.
They address many vulnerabilities
that can be found in the release notes on the Openssl.org site.
Specifically, see the following link for further details about this release of
OpenSSL:
https://www.openssl.org/news/openssl-1.0.1-notes.html
Specifically, see the following link for further details about this release of
FIPS:
https://www.openssl.org/docs/fips/SecurityPolicy-2.0.11.pdf
MessageWay Remote Execution Server - Issue #4152 (Program
changed: mwres-6.1.0-mr03-win32.exe )
Issue 4152:
Installer does not check that RES is stopped before performing the install,
causing install to fail if RES is running. Changes:
This problem has been fixed.
MessageWay Remote Execution Server - Issue #4025, 4144 (Program
changed: libeay32.dll)
Issue 4025, 4144: See Important
Note about Security Updates for this issue above.
( May 14, 2015 ) Issues closed in
mwres-6.1.0-mr02
IMPORTANT NOTE about Security Updates for this release (Issue-3975):
MessageWay now includes the OpenSSL 0.9.8ze and FIPS 1.2.2 releases.
They address the following higher profile vulnerabilities and many others
that can be found in the release notes on the Openssl.org site.
CVE-2014-0160, Heartbleed vulnerability, the OpenSSL 0.9.8.ze is not
vulnerable to the issue outlined in this CVE report.
CVE-2014-0224,
SSL/TLS MITM vulnerability, the OpenSSL 0.9.8.ze version contains the updates to
address this vulnerability.
CVE-2014-3566, POODLE
vulnerability, MessageWay no longer supports the SSLv3 protocol for secure
sessions.
CVE-2015-0204, FREAK vulnerability, the OpenSSL
0.9.8.ze version contains the updates to address this vulnerability.
MessageWay Remote Execution Server - Issue #3827 (Program
changed: mwresd - version 6.1.0.3)
Issue 3827:
The MessageWay RES client was unable to connect to a MessageWay RES server,
though it can connect to earlier versions of the server. Changes: This
problem has been fixed.
MessageWay Remote Execution Server - Issue #3975 (Program
changed: libeay32.dll)
Issue 3975: See Important
Note about Security Updates for this issue above.
|
