Reflection FTP Client 14.1 Service Pack 3 Update 1 Release Notes

  • 7022038
  • 18-Apr-2014
  • 02-Mar-2018

Environment

Reflection FTP Client version 14.1 SP3 Update 1

Situation

Reflection FTP Client is a component of many Attachmate products. This technical note lists the features, security updates, and fixes in version 14.1 SP3 Update 1 (version 14.1.3.247).

Resolution

Reflection FTP Client 14.1 SP3 Update 1

The following issues are resolved in Reflection FTP Client 14.1 SP3 Update 1.

Security Updates

  • CVE-2014-0160- OpenSSL "Heartbleed" Vulnerability - This update includes updated OpenSSL libraries that resolve this issue. Note: This OpenSSL vulnerability affected only Reflection TLS 1.2 connections made to a malicious server. The default Reflection TLS 1.0 connections are not subject to this vulnerability.
  • CVE-2013-4353 - The ssl3_take_mac function allows remote TLS servers to cause a denial of service via a crafted TLS handshake. This update includes updated OpenSSL libraries that resolve this issue.

Resolved Issues

  • The "Download As" option now works correctly when you are connected to a NonStop (Guardian API) server.
  • When connected to a NonStop (Guardian API) server, the server pane now correctly displays files that contain an owner value that has multiple entries, such as "101,255".
  • This update resolves an issue that caused intermittent FTP Client crashes in module ntdll.dll when navigating server folders.

Secure Shell Changes

The following Secure Shell changes apply to the Reflection for Secure IT SSH client for Windows, the Reflection FTP Client, and the Reflection for Secure IT command line utilities.

Product Enhancements

This release includes changes that improve Secure Shell response times.

Specific issues resolved by this fix include slow SFTP file download times and slow X client display response in SSH connections.

To support these changes, the following Secure Shell configuration file keyword was added and is enabled by default. Note that applying this update automatically enables this setting; you do not need to make any configuration changes.

Nodelay - This setting addresses a change made by Microsoft that enables the Nagle algorithm on Windows tcp sockets by default, and can adversely affect performance in Secure Shell connections. Setting Nodelay to yes (the default) disables this algorithm and improves performance on most systems.

Resolved Issue

  • Command line input redirection (for example sftp<input.txt) now works correctly with the sftp and ssh command line utilities.

Additional Information

Reflection FTP Client Technical Resources: http://support.microfocus.com/product/?prod=FTP

Legacy KB ID

This article was originally published as Attachmate technical note 2728.