Reflection for Secure IT Windows Client 7.2 Service Pack 3 (SP3) Update 1 is available for maintained customers who have version 7.2 installed and to customers who have downloaded and installed the version 7.2 evaluation package. This technical note provides information about how to obtain your update and a list of features and fixes included in the update. This note also includes a list of features and fixes in Reflection FTP Client 14.1, which is included with Reflection for Secure IT Windows Client.
Note the following:
- A newer version of this product, Reflection for Secure IT Windows Client 7.2 Service Pack 4, released January 2015. For details, see KB 7021990.
- For a list of features included Reflection for Secure IT Client for Windows service packs, see KB 7021991.
- For important information regarding security updates and Reflection for Secure IT, see https://support.microfocus.com/security/.
Obtaining the Update
Maintained customers are eligible to download the latest product releases from the Attachmate Download Library web site: https://download.attachmate.com/Upgrades/. For information about logging into and using the Download Library, see KB 7021965.
Note: This update is identified as Update 220.127.116.11 in the Windows Programs and Features (or Add or Remove Programs) Control Panel.
For information about platform support in Reflection, see KB 7022010.
Secure Shell Changes
The following Secure Shell changes apply to the Reflection for Secure IT SSH client for Windows, the Reflection FTP Client, and the Reflection for Secure IT command line utilities.
This release includes changes that improve Secure Shell response times.
Specific issues resolved by this fix include slow SFTP file download times and slow X client display response in SSH connections.
To support these changes, the following Secure Shell configuration file keyword was added and is enabled by default. Note that applying this update automatically enables this setting; you do not need to make any configuration changes.
Nodelay - This setting addresses a change made by Microsoft that enables the Nagle algorithm on Windows tcp sockets by default, and can adversely affect performance in Secure Shell connections. Setting Nodelay to yes (the default) disables this algorithm and improves performance on most systems.
- Command line input redirection (for example sftp<input.txt) now works correctly with the sftp command line utility
Reflection FTP Client 14.1 SP3 Update 1
The following issues are resolved in Reflection FTP Client 14.1 SP3 Update 1.
- CVE-2014-0160- OpenSSL "Heartbleed" Vulnerability - This update includes updated OpenSSL libraries that resolve this issue. Note: This OpenSSL vulnerability affected only Reflection TLS 1.2 connections made to a malicious server. The default Reflection TLS 1.0 connections are not subject to this vulnerability.
- CVE-2013-4353 - The ssl3_take_mac function allows remote TLS servers to cause a denial of service via a crafted TLS handshake. This update includes updated OpenSSL libraries that resolve this issue.
- The "Download As" option now works correctly when you are connected to a NonStop (Guardian API) server.
- When connected to a NonStop (Guardian API) server, the server pane now correctly displays files that contain an owner value that has multiple entries, such as "101,255".
- This update resolves an issue that caused intermittent FTP Client crashes in module ntdll.dll when navigating server folders.
Legacy KB ID
This document was originally published as Attachmate Technical Note 2727.