Ivanti Security and Patch News

Headlines

• (March 06, 2018) Citrix Receiver 4.9.2000, LTSR Cumulative Update 2
  • Citrix Receiver has been updated to 4.9.2000.

New Vulnerabilities

• Vulnerability ID – CTXR-012_INTL

Changed Vulnerabilities

• Vulnerability ID – CTXR-010_INTL
  • (Added the replacement information.)

New Patch Downloads

• CitrixReceiver4.9.2000.exe

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 6, 2018) March 2018 Office Non-Security Updates:
  • The March Office non-security release consists of non-security updates for the following software:
    • Office 2016
    • Office 2013
    • Office 2010

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 07, 2018) Malwarebytes 3.4.4.2398

  • Improved remediation for shortcuts and tasks

  • Added better handling for heavily infected systems to streamline detection & remediation

  • Continued improvements to overall protection, detection and remediation

  • Added Notification Center for easy access to most recent real-time block notifications

  • Added category to website blocked notification to show the reason why site was blocked

  • Improved report design for better usability

  • Added device name to My Account screen in preparation to sync with My Account portal

  • Updated the API used to interact with Windows Action/Security Center

  • Changed the 'Recover if missed by' setting for Scheduled Scans to be enabled by default for new scans

  • Numerous other user interface and copy improvements

  • Fixed issue where files did not save properly with anti-ransomware enabled

  • Fixed issue where notifications could stack so you might see multiple versions of same message

  • Fixed issue where Beta opt in setting would not honor Restore Defaults

  • Updated the 7-Zip library to the latest version, v.18.01

  • Improved upgrade process from earlier versions of Malwarebytes

  • Continued improvements to driver operation and management

  • Fixed several crashes, including a blue screen related to Web Protection

  • Addressed other miscellaneous defects

New Vulnerabilities

• Vulnerability ID – MBAM-009_INTL

New Patch Downloads

• mb3-setup-consumer-3.4.4.2398.exe

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 06, 2018) Google Chrome 65.0.3325.146
  • Google Chrome has updated to version 65.0.3325.146.

New Vulnerabilities

• Vulnerability ID – CHROME-219_INTL

Changed Vulnerabilities

• Vulnerability ID – CHROME-218_INTL
  • (Added the replacement information.)

New Patch Downloads

• GoogleChromeStandaloneEnterprise6503325146_x64.msi
• GoogleChromeStandaloneEnterprise6503325146_x86.msi

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (January 17, 2018) Windows Update Cleanup (Tool) for Windows Embedded POSReady 7(KB4056359)
  • This update enables the Disk Cleanup wizard. After you install this update, you can use the Windows Update Cleanup option to delete Windows updates that you no longer need on Windows Embedded POSReady 7 devices.

New Vulnerabilities

• Vulnerability ID – MSNS18-01-4056359_INTL

New Patch Downloads

• windows6.1-kb4056359-x86.msu
• windows6.1-Windows7-SP1-kb4056359-x64.msu

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 8, 2018) Cumulative Update for Windows 10 Version 1703: March 8, 2018(KB4092077)

  • This update includes quality improvements. No new operating system features are being introduced in this update.

  • Addresses issue where, after installing this update, some localized devices have incorrect strings or unusual behavior in different areas of the user interface (UI) that make the UI unusable.

New Vulnerabilities

• Vulnerability ID – MSNS18-03-4092077_INTL

Changed Vulnerabilities

• Vulnerability ID – MSNS18-02-4077528_INTL
  • (Added the replacement information.)

New Patch Downloads

• windows10.0-kb4092077-x64.msu
• windows10.0-kb4092077-x86.msu

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 07, 2018) GoodSync 10.8.0

  • Multiple Workers in SyncLib: Fixed crashes, caused by insufficient locking of Job Progress.

  • On File Change: Fixed rare crashes when *.tmp file was encountered and deleted.

  • Rewrote Crash Catcher, to catch more real crashes and fewer unrelated crashes.

  • Optimization: Turned Off /O2 optimization in SyncLib And GsFileSys, as it prevents crash analysis.

  • Generate SyncOp instead of New File Conflict, if non-intersecting L and R gen lists are far apart time-wise.

  • On File Change: make Job wait 30 sec between Analyze and Sync, if Errors or Conflicts were detected.

  • On File Change: make Job wait 30 sec after Sync, if User Stop was detected.

  • Sync Tree Toolbar: Fixed Item counts were not updated when new tree is built by Analyze.

  • Upload Jobs: Fixed Command Line errors in uploading jobs.

New Vulnerabilities

• Vulnerability ID – GOODSYNC-077_INTL

Changed Vulnerabilities

• Vulnerability ID – GOODSYNC-076_INTL
  • (Added the replacement information.)

New Patch Downloads

• GoodSync-v1080-Setup.exe
• GoodSync-v1080-WindowsServer-Setup.exe

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 05, 2018) GoToMeeting 8.21.0

  • New "Share my screen" window

  • New look and feel to "End meeting" window

  • Removal of Video Sharing Labs feature

  • Fix for missing attendee in list

  • Fix for inconsistent audio state in Macs

  • Improvements to the Windows Control Panel layout

  • Additional fixes & minor changes

  • View additional changes at: https://community.logmein.com/t5/GoToMeeting-News/GoToMeeting-Desktop-v8-21-0-b8404-Release-Notes/ba-p/193213

New Vulnerabilities

• Vulnerability ID – GOTOM-038_INTL

Changed Vulnerabilities

• Vulnerability ID – GOTOM-037_INTL
  • (Added the replacement information.)

New Patch Downloads

• g2msetup8218404-it.zip

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 06, 2018) Plex Media Server 1.12.0

  • (Analysis) Detect ATSC closed captions in video files (#7110)

  • (Analysis) Distinguish HEVC codec tags to work around iOS platform limitation (#7882)

  • (Web) Updated Plex Web to 3.37.2

  • (Companion) Resolve a rare crash

  • (Hubs) "On Deck" and "Continue Watching" could appear empty when the "Weeks to Consider for On Deck" preference was set (#7305)

  • (Photos) Re-scanning a photo section which had a significant amount of files renamed could lead to database lockups (#7653)

  • (Photos) The folder structure in the photos view could sometimes become flattened (#8206)

  • (Transcoder) The server could become unresponsive when playing via DASH (#8166)

  • Avoid generating invalid XML when media contains invalid metadata (#8192).

  • Certain ID3 tags in audio files resulted in titles with trailing "///" characters (#6577)

  • Collections could appear in grid even when disabled in library (#8103)

  • Fix an issue where loudness analysis was performed simultaneously on the same library (#8021)

  • Fix loudness analysis on libraries taking up large amounts of memory (#8071)

New Vulnerabilities

• Vulnerability ID – PLXS-015_INTL

Changed Vulnerabilities

• Vulnerability ID – PLXS-014_INTL
  • (Added the replacement information.)

New Patch Downloads

• Plex-Media-Server-1.12.0.4829.exe

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 07, 2018) Opera 51.0.2830.55

  • DNA-66446 UI labels use a smaller font size than other UI elements

  • DNA-67392 Crash at content::MediaStreamManager::FinalizeOpenDevice(std::basic_string const&, content::MediaStreamManager::DeviceRequest*)

  • DNA-67846 Opera opened on windows start

New Vulnerabilities

• Vulnerability ID – OPERA-158_INTL

Changed Vulnerabilities

• Vulnerability ID – OPERA-157_INTL
  • (Added the replacement information.)

New Patch Downloads

• Opera_51.0.2830.55_Setup.exe
• Opera_51.0.2830.55_Setup_x64.exe

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 6, 2018) Google Chrome 65.0.3325.146:
  • The Chrome team is delighted to announce the promotion of Chrome 65 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 65.0.3325.146 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 65.

New Vulnerabilities

• Vulnerability ID – GoogleChrome65.0.3325.146

New Downloads

• googlechrome.dmg

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com. 

Ivanti Security and Patch News

Headlines

• (March 05, 2018) Apache Tomcat 9.0.6

  • Fix:  43866: Add additional attributes to the Manager to provide control over which listeners are called when an attribute is added to the session when it has already been added under the same name. This is to aid clustering scenarios where setAttribute() is often called to signal that the attribute value has been mutated and needs to be replicated but it may not be required, or even desired, for the associated listeners to be triggered. The default behaviour has not been changed. (markt)

  • Fix:  Minor optimization when calling class transformers. (rjung)

  • Add:  Pass errors triggered by invalid requests or unavailable services to the application provided error handling and/or the container provided error handling (ErrorReportValve) as appropriate. (markt)

  • See changelog for more info:

  • https://tomcat.apache.org/tomcat-9.0-doc/changelog.html

New Vulnerabilities

• Vulnerability ID – TOMCAT-101_INTL

New Patch Downloads

• apache-tomcat-9.0.6.exe

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 8, 2018) Visual Studio 2017 version 15.6.1

  • Release Date: March 8, 2018 - Visual Studio 2017 version 15.6.1

  • Issues Fixed in this Release

  • These are the customer-reported issues addressed in this release:

  • AnkhSVN 2.7.12815 failed to load "Pending Changes" view after updating to VS 2017 15.6.0.

New Vulnerabilities

• Vulnerability ID – MSNS18-03-VS2017_INTL

Changed Vulnerabilities

• Vulnerability ID – MSNS18-02-VS2017_INTL
  • (Added the replacement information.)

New Patch Downloads

• vs2017_Community1561.exe
• vs2017_Enterprise1561.exe
• vs2017_Professional1561.exe
• vs2017_TeamExplorer1561.exe
• vs2017_TestProfessional1561.exe

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 06, 2018) Microsoft Power BI Desktop 2.56.5023.621

  • Microsoft Power BI Desktop has been updated from version 2.55.5010.641 to version 2.56.5023.621.

New Vulnerabilities

• Vulnerability ID – PBID-026_INTL

Changed Vulnerabilities

• Vulnerability ID – PBID-025_INTL
  • (Added the replacement information.)

New Patch Downloads

• PBIDesktop2565023621_x64.msi
• PBIDesktop2565023621_x86.msi

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 12, 2018) Apache Tomcat 8.5.29

  • Minor optimization when calling class transformers. (rjung)

  • Prevent Tomcat from applying gzip compression to content that is already compressed with brotli compression. Based on a patch provided by burka. (markt)

  • 62090: Null container names are not allowed. (remm)

  • 62104: Fix programmatic login regression as the NonLoginAuthenticator has to be set for it to work (if no login method is specified). (remm)

  • 62117: Improve error message in catalina.sh when calling kill -0 <pid> fails. Based on a suggestion from Mark Morschhaeuser. (markt)

  • 62118: Correctly create a JNDI ServiceRef using the specified interface rather than the concrete type. Based on a suggestion by Ángel Álvarez Páscua. (markt)

  • Fix for RequestDumperFilter log attribute. Patch provided by Kirill Romanov via Github. (violetagg)

  • 62123: Avoid ConcurrentModificationException when attempting to clean up application triggered RMI memory leaks on web application stop. (markt)

  • Correct a regression in the fix for 60276 that meant that compression was applied to all MIME types. Patch provided by Stefan Knoblich. (markt)

New Vulnerabilities

• Vulnerability ID – TOMCAT-103_INTL

Changed Vulnerabilities

• Vulnerability ID – TOMCAT-097_INTL
  • (Added the replacement information.)

New Patch Downloads

• apache-tomcat-8.5.29.exe

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 12, 2018) Apache Tomcat 8.0.50

  • Prevent a stack trace being written to standard out when running on Java 10 due to changes in the LogManager implementation. (markt)

  • Avoid duplicate load attempts if one has been made already. (remm)

  • Avoid NPE in ThreadLocalLeakPreventionListener if there is no Engine. (remm)

  • 62000: When a JNDI reference cannot be resolved, ensure that the root cause exception is reported rather than swallowed. (markt)

  • 62036: When caching an authenticated user Principal in the session when the web application is configured with the NonLoginAuthenticator, cache the internal Principal object rather than the user facing Principal object as Tomcat requires the internal object to correctly process later authorization checks. (markt)

  • 62067: Correctly apply security constraints mapped to the context root using a URL pattern of "". (markt)

  • When using Tomcat embedded, only perform Authenticator configuration once during web application start. (markt)

  • Process all ServletSecurity annotations at web application start rather than at servlet load time to ensure constraints are applied consistently. (markt)

  • Minor optimization when calling class tranformers. (rjung)

New Vulnerabilities

• Vulnerability ID – TOMCAT-102_INTL

Changed Vulnerabilities

• Vulnerability ID – TOMCAT-099_INTL
  • (Added the replacement information.)

New Patch Downloads

• apache-tomcat-8.0.50.exe

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 12, 2018) TortoiseHG 4.5.2

  • TortoiseHg 4.5.2 is a regularly scheduled bug-fix release, primarily containing the security fixes in Mercurial 4.5.2

New Vulnerabilities

• Vulnerability ID – TOHG-014_INTL

Changed Vulnerabilities

• Vulnerability ID – TOHG-013_INTL
  • (Added the replacement information.)

New Patch Downloads

• tortoisehg-4.5.2-x64.msi
• tortoisehg-4.5.2-x86.msi

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 12, 2018) Slack Machine-Wide Installer 3.1.0

  • We’re using a new font for Japanese. It’s clearer, more legible, and goes well with aubergine. (Which is the default color of your sidebar. As well as a vegetable.)

  • Sometimes Slack takes too long to start up. If that happens, a) we’re sorry that it does, but b) you’ll now see a link with some helpful troubleshooting ideas.

  • When a file’s done downloading, a new notification will dutifully let you know.

  • If you’ve asked Slack to launch right when your computer turns on, Slack now does so much more quietly — with less extraneous loading screen action, and fewer fanfares.

  • For Windows 10 users, we now offer the option to disable hardware acceleration. If you’re seeing glitchy graphics and other unpleasantness, try toggling this option to on.

  • Badges about unread messages would linger on the dock icon, even after said messages had been read. These badges will linger no more.

  • Slack would occasionally crash when it wasn’t allowed to put files in the Temp folder. Now, it will simply use the Downloads folder, instead.

  • Some users who clicked on a magic link were not taken to their workspace. We have set our cauldrons to a slow simmer and magic links should now work as expected.

  • When trying to connect via a proxy, Slack no longer refuses to load.

  • Sometimes, during a support conversation, we’d ask you to reset your app data with the click of a button. Clicking this button will now actually reset all the necessary data, rather than some. Which is good for everyone.

  • Now you can download a file from Slack, delete it, and then download it again. If that seems like the way the Slack should’ve always worked, well, you aren’t wrong.

  • Right clicking “something” and choosing “Search with Google” had a tendency to search for “so”, “me”, or “thing.” It will now search for the entire text. So if you really do want to Google “something” (or something else), we’ll have your back.

  • Images sometimes were appearing in notifications, contrary to the wishes of those who had chosen to hide message previews. This is now fixed, your wishes respected.

  • Clicking the close, minimize, and maximize buttons would occasionally do nothing at all. You can now close, minimize, or, preferably, maximize Slack.

  • If you dismiss a tooltip, it will leave promptly and politely.

  • Previously, Slack would override a system’s TEMP variable. If you know what that means, know now that it is fixed.

  • Some anti-virus software had become overly suspicious of Slack. We are not a virus, and we’ll do better about letting your anti-virus software know.

  • If you’ve chosen to disable hardware acceleration, we’ll also put the brakes on a few other visual flourishes, particularly around notifications. This decelerates the desirable parts further, making the worse things better and the people happier.

New Vulnerabilities

• Vulnerability ID – SMWI-023_INTL

Changed Vulnerabilities

• Vulnerability ID – SMWI-022_INTL
  • (Added the replacement information.)

New Patch Downloads

• SlackSetup310_x64.msi
• SlackSetup310_x86.msi

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (March 09, 2018) Plex Media Player 2.6.0

  • Fixed missing separator line for Online Content in libraries

  • Fixed an issue with the player controls sometimes unexpectedly disappearing after changing playing item

  • Fixed video restarting from offset when changing the audio or subtitle streams

  • Fixed movie filters dropdown getting cut off on certain screen sizes

  • Fixed an issue where it wasn't possible to close the player until the content finished loading

  • Fixed the player remaining paused after changing an item in the play queue

  • Fixed title getting cut off on Live TV preplay pages

  • Fixed the player controls briefly appearing when closing the player

  • Fixed seeking in Live TV playback in desktop mode

  • Fixed a rare bug that could cause the app to become unresponsive to key input after signing in

  • Fixed some issues with item actions for some older servers

  • Fixed an issue that prevented using keyboard shortcuts to mark an item as unwatched

  • Desktop web-client updated to 3.37.2
  • Added subtitle support for videos in the photo player
  • Remember last active library when switching between dashboard types

New Vulnerabilities

• Vulnerability ID – PLXP-008_INTL

Changed Vulnerabilities

• Vulnerability ID – PLXP-007_INTL
  • (Added the replacement information.)

New Patch Downloads

• PlexMediaPlayer-2.6.0.803-win-x64.exe

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein.  This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit http://www.ivanti.com.

Ivanti Security and Patch News

Headlines

• (February 7, 2018) Mozilla Firefox 58.0.2 for Mac:
  • Avoid a signature validation issue during update on macOS
  • Blocklisted graphics drivers related to off main thread painting crashes
  • Tab crash during printing
  • Fix clicking links and scrolling emails on Microsoft Hotmail and Outlook (OWA) webmail

New Vulnerabilities

• Vulnerability ID – Firefox58.0.2_Update

Changed Vulnerabilities

• Vulnerability ID – Firefox58.0.1_Update
  • (Added the replacement information.)

New Downloads

• Firefox 58.0.2.dmg

Where to Send Feedback

At Ivanti, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you—our partners and customers—in providing the best possible solutions to meet your needs now and in the future.  Please continue to provide feedback by contacting our local support organization.

Best regards,

The Ivanti Content Team

Copyright © 2018 Ivanti Software.  All rights reserved. Ivanti is either a registered trademark or trademark of Ivanti Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

  Information in this document is provided for information purposes only.  The information presented here is subject to change without notice.  This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. Ivanti disclaims any liability with respect to this document and Ivanti has no responsibility or liability for any third party products of any content contained on any site referenced herein. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product