Environment
Reflection 2014 R1
Reflection Pro 2014 R1
Reflection X 2014 R1
Reflection for IBM 2014 R1
Reflection for UNIX and OpenVMS 2014 R1
Situation
Update 1 is available for maintained customers who have Reflection 2014 or Reflection Pro 2014 installed. This technical note provides information about how to obtain your update and a list of features and fixes included in Update 1.
Note: Update 1 features and fixes are included in Service Pack 1 that released November 2014. For more information, see Technical Notes 2749 and 2754.
Resolution
Obtaining the Update
Maintained customers are eligible to download the latest product releases from the Attachmate Download Library web site: https://download.attachmate.com/Upgrades/.
You will be prompted to login and accept the Software License Agreement before you can select and download a file. For more information on using the Download Library web site, see KB 7021965.
For information about purchasing Reflection 2014, please e-mail us: SalesRecept@attachmate.com.
Supported Platforms
For information about platform support in Reflection 2014, Reflection for IBM 2014, and Reflection for UNIX and OpenVMS 2014, see KB 7021449.
For information about platform support in Reflection Pro 2014 and Reflection X 2014, see KB 7021441.
Applying an Update
For information about applying an update to Reflection 2014, see KB 7021464
Reflection 2014 Workspace
New Features
- The macro performance in Reflection has been improved when using the EXTRA! COM interface from other applications like Microsoft Word or Excel.
- Support for using the Reflection for the Web ID Manager to allocate Terminal IDs was added.
Resolved Issues
Security Issues
- CVE-2014-0160 - OpenSSL "Heartbleed" Vulnerability - This update includes updated OpenSSL libraries that resolve this issue. Note: This OpenSSL vulnerability affected only Reflection TLS 1.2 connections made to a malicious server. The default Reflection TLS 1.0 connections are not subject to this vulnerability. (See KB 7021974 for additional information)
API, Automation, or Macro Issues
- The prompt-for-disconnection message no longer displays when called from the EXTRA Session.Close method.
- When stepping through a VBA macro, the focus is now returned to the Reflection VBA panel after the dismissal of a dialog box created in the macro.
- The EXTRA! Basic Editor will close without error while shutting down a session that was opened via the Reflection Workspace.
- The HLLAPI Query Session Status (Function 22) will return correct values regardless of the HLLAPI functions previously called.
- The Hummingbird HostExplorer macro Row() function will return screen data without trailing spaces or a null string if the line is completely blank.
- A call to the EXTRA! System.ActiveSession property in a Reflection VBA macro will now correctly return a reference to a session.
- The Value property for the Area object in the EXTRA! COM API can now be used to put text as well as read text from the screen.
VT Issues
- The terminal type negotiation field of "Use only the following type" is now correctly migrated when opening a KEA! VT configuration .KTC file.
- Resolved a "Could not read file" error that can occur when trying to open a Reflection .RDOX file that was created from a KEA! VT configuration .KTC file.
- Corrected issues related to using VBA code to set up VT session logging to a printer that then sends output to a file.
- The Thai character set is now handled properly for both keyboard input and screen display in a VT session.
Also see Secure Shell Changes for additional Secure Shell changes that apply to Reflection 2014 VT sessions.
Other Issues
- The AltGr key (the right Alt key) now works correctly in default keyboard layouts in IBM, VT, or 6530 terminal display sessions. The AltGr is a modifier key found on many computer keyboards and is primarily used to type certain international characters, such as currency symbols (for example, the euro currency symbol) and accented letters. (See KB 7021437 for more information.)
- An IBM 5250 DBCS printer session now correctly detects the end of the print job and releases the host output to a printer or file as specified.
- Resolved a crash in Reflection that can occur when configuring a secure shell (SSH) session on a machine with no default Windows printer assigned.
Reflection X Advantage
The following resolved issues are available in Reflection X Advantage 5.0 Update 1, which is included in Reflection 2014 Update 1.
- When installed on UNIX systems, this update updates the Java Runtime Environment to version 7 Update 55 (JRE 1.7.0_55).
Note: To update the version of Java used by Reflection X Advantage running on Windows systems, download the separate Attachmate Java installer from the Reflection 2014 download page. For more information, see KB 7021833.
- On Windows systems, the Attachmate Java package now installs as expected when you install Reflection using setup.exe and include command line switches. Prior to this update, after installations done using setup.exe in combination with any command line switches, Reflection X Advantage applications failed to start with an error message saying, "Application failed to start because the JVM library at C:\Program Files\Common\folders\Attachmate\JDK\Java7\jre\bin\server\jvm.dll did not load."
- This update resolves an issue that caused flashing followed by an application error when a client window is configured as transient for itself.
- Reflection now handles oversized glyphs without failing with ArrayIndexOutOfBoundsException: -2558.
- Sessions now start correctly when you are running version 5.0 of X Manager for Domains and connect to a domain controller running an older version.
- This update resolves a problem in which the release of a pointer grab could cause Reflection to fail with NullPointerException.
Reflection X 14.x
The following features, security updates, and resolved issues are available in Reflection X 14.1 SP3 Update 1, which is included in Reflection 2014 Update 1.
New Features
- Reflection X now enables IPv6 by default on new
installs. (Network Settings > Enable IPv6 listening socket). Note the
following:
- Applying this update to a workstation on which you have already installed and run Reflection X does not change your current IPv6 setting.
- If you apply this update to an administrative installation point, and then use the updated administrative installation to install Reflection on a workstation that did not previously have Reflection X installed, the new installation will have IPv6 enabled by default.
- The Reflection X IPv6 setting cannot be enabled if your system does not support IPv6.
- The "About Reflection X" dialog box now includes IPv6 addresses when IPv6 is enabled and active.
Security Updates
This update includes fixes for the following security vulnerabilities
- CVE-2013-6424 - Reflection X now rejects upside-down trapezoids to avoid an integer overflow and possible denial of service attack.
- CVE-2013-6462 - Reflection X now manages the reading of BDF font files with very long comment lines in order to avoid a possible denial of service attack.
- CVE-2013-4396 - Reflection X incorporates an X.org fix for this vulnerability to avoid using freed memory.
Resolved Issues
- The first attempt to move or resize some Java X client applications no long results in the Java window returning to its original position and size.
- Password caching enabled using regconv -pw now works correctly.
- Resolves a problem seen in version 14.1 SP2 and higher that caused a missing log file error.
- Bitmap and pixmap images are now copied correctly to the Windows clipboard.
- Resolves an issue introduced in version 14.1 SP1 that caused slow performance when resizing some X client applications.
- Reflection X now works correctly with a 3DConnexion SpacePilot device using current driver software.
- The "Exit when last client closed" setting now works correctly when the window mode is set to "X terminal desktop" and the Reflection Window Manager is selected.
- Reflection X can now add fonts with XLFD filenames that include more than 14 '-' characters.
- The CentOS desktop now draws correctly when the RENDER extension is enabled.
- When a runrx.exe command line includes multiple macros (such as %HN% and %IP#%), the macros are now all expanded correctly.
- When the Window mode is set to "X terminal desktop," an X window display that spans two monitors is now updated correctly.
- This update adds support for newer OpenGL/GLX extensions: GL_ARB_get_program, GL_NV_fragment_program, GL_ARB_vertex_array_object, GLX_ARB_create_context, and GLX_ARB_create_context_profile.
- Improvements to trace processing were made including:
- decoding additional OpenGL 4.x and OpenGL extension constants
- a fix for tracing with more than one active screen
- decoding WM_HINTS property correctly
- SSH connections started with rxstart.exe no longer use excess CPU.]
Also see Secure Shell Changes for additional Secure Shell changes that apply to Reflection X 14.1.
FTP Client Changes
The following security updates and resolved issues are available in Reflection FTP Client 15.7, which is included in Reflection 2014 Update 1.
Security Update
- CVE-2014-0160- OpenSSL "Heartbleed" Vulnerability - This update includes updated OpenSSL libraries that resolve this issue. Note: This OpenSSL vulnerability affected only Reflection TLS 1.2 connections made to a malicious server. The default Reflection TLS 1.0 connections are not subject to this vulnerability.
Resolved Issues
- This update resolves an issue that could cause the FTP Client to crash after viewing the Site Properties dialog box.
Also see Secure Shell Changes for additional Secure Shell changes that apply to the FTP Client.
Secure Shell Changes
The following Secure Shell changes apply to these products included in Reflection 2014 Update 1. (These settings do not affect Reflection X Advantage, which uses a different Secure Shell implementation.)
Reflection Workspace 2014
Reflection X 14.1
Reflection FTP Client 15.7
This release includes changes that improve Secure Shell response times.
Specific issues resolved by this fix include slow SFTP file download times and slow X client display response in SSH connections.
To support these changes, the following Secure Shell configuration file keyword was added and is enabled by default. Note that applying this update automatically enables this setting; you do not need to make any configuration changes.
Nodelay - This setting addresses a change made by Microsoft that enables the Nagle algorithm on Windows tcp sockets by default, and can adversely affect performance in Secure Shell connections. Setting Nodelay to yes (the default) disables this algorithm and improves performance on most systems.