Host Access Management and Security Server 12.4.2 - New Features and Release Notes

  • 7021937
  • 28-Mar-2017
  • 02-Mar-2018


Host Access Management and Security Server version 12.4 Update 2


This document lists the new features and fixes in Host Access Management and Security Server version 12.4.2.


New Features since version 12.4.0

Host Access Management and Security Server 12.4 Update 2 includes the following features (in addition to the 12.4 features described in Technical Note 2885):

  • The HTTPS Certificate Utility provides the ability to generate a new private key and a Certificate Signing Request (CSR), and then import the signed certificate and private key.
  • Java update 8u131
  • Upgrade to Apache Tomcat 8.0.43
  • Bouncy Castle is the provider for keystore operations. The cryptographic files have the .bcfks extension. See KB 7021635 for more information.
  • On the Security Proxy Server, multiple cipher suites of the same key type can use the same certificate. That is, all RSA cipher suites use one RSA certificate, and all DSA cipher suites use one DSA certificate.

Fixes since version 12.4.0

  • To resolve issues where installation and starting of applications may be slow or appear to hang on headless UNIX systems, urandom was added to the Management and Security Server installer as the Entropy Gathering Device (EGD).

If your organization does not permit the use of urandom, see the examples in the Management and Security Server 12.4.2 Installation Guide > After you install.

MSS Documentation:

  • Resolved vulnerabilities:
Apache Commons FileUpload 1.1.1
CVE-2014-0050 High
CVE-2013-0248 Low

Apache Struts 1.3.10
CVE-2016-1181 Medium
CVE-2014-0114 High
CVE-2015-0899 Medium
CVE-2016-1182 Medium

Apache Struts 1.3.10
CVE-2014-0114 High
CVE-2015-0899 Medium
CVE-2016-1181 Medium
CVE-2016-1182 Medium

Bouncy Castle 1.3.7
CVE-2007-6721 High


For the latest Security Updates, see

For technical resources including documentation and technical notes, see

For product information--including the Management and Security Server (MSS) Add-Ons, see

Additional Information

Legacy KB ID

This document was originally published as Attachmate Technical Note 2901.