Reflection for UNIX and OpenVMS version 14.1 SP4 Update 1
Reflection for HP with NS/VT version 14.1 SP4 Update 1
Reflection X version 14.1 SP4 Update 1
Reflection Suite for X version 14.1 SP4 Update 1
Reflection for the Multi-Host Enterprise Professional Edition version 14.1 SP4 Update 1
Reflection for the Multi-Host Enterprise Standard Edition version 14.1 SP4 Update 1
Reflection 14.1 Service Pack 4 Update 1 is available to maintained customers to apply to an existing installation of version 14.1 or higher. This technical note provides information about the fixes included in this update.
This update is version 220.127.116.119, which is identified as version 14.1.4489 in Control Panel > Programs. This update includes Reflection FTP Client version 14.1.558.
If this update is applied to Reflection X or Reflection Suite for X, then Reflection X is updated to version 14.1.921, which is also identified as version 18.104.22.1681.
Obtaining and Installing the Update
Maintained customers are eligible to download the latest product releases from the Attachmate Downloads website: https://download.attachmate.com/Upgrades/. For information about logging into and using the Downloads website, see KB 7021965.
The 32-bit update applies to version 14.1 of all products listed in the Applies To section at the top of this technical note. Note: If you have 64-bit Reflection X installed, you must apply the 64-bit service pack.
Note: If you use Reflection Administratorâs Toolkit, it must be updated to the latest Tookit version (ratkit-14.1.4-prod-w32.exe) after updating Reflection 14.1 to Service Pack 4 or higher.
This update includes fixes previous released in 14.1 Service Pack 4 (as described in KB 7021739), and the following new fixes:
- Security updates for CVE-2015-4000, CVE-2015-0204, CVE-2015-0289, and CVE-2015-0292. For more information, see https://support.microfocus.com/security/.
- To avoid non-authenticated servers in TLS/SSL encrypted communications, anonymous Diffie-Hellman cipher suites (containing DH_anon) are no longer available.
- Resolved errors on Windows 10 regarding Reflection Security Component, RSSCCM.DLL, and RSCAPI.DLL. For more information, see KB 7021741.
- With Reflection for IBM, when using a Dynamic Data Exchange (DDE) application to send a string to the host, a timing issue could cause some characters to be missing.
- When Reflection FTP Client is run as a published application under Citrix XenApp 6.5, a timing issue could occasionally cause an application crash with the error âReflection FTP Client has stopped workingâ at load time.
- When Reflection for UNIX and OpenVMS is run on a multi-user system, the application could crash when run under a standard user account.
When this update is applied to Reflection X or Reflection Suite for X, the following additional fixes are included:
- Security updates for CVE-2015-0255, CVE-2015-1802, CVE-2015-1803, and CVE-2015-1804. For more information, see https://support.microfocus.com/security/.
- Resolved RX267 error that may display when starting Reflection X. For more information, see KB 7021742.
- When using multi-window mode with Reflection Xâs internal window management, after a window is moved, popdown menus now display in the correct location.
- When communicating with a remote host to start X clients, backslash characters are no longer treated as escape characters. All prompts and responses are handled as they display in the .rxc file or X Manager user interface. For example, if the user name is mydomain\ronald, the \r is no longer converted to a carriage return.