Software Security Updates
WINDOWS: Waterfall-Setup-7.0.8.0-R2309211226.exe
LINUX: Waterfall-Setup-7.0.8.0-R2309211228.run
| Component | Prev version | New version |
| OpenSSL | 1.1.1s | 1.1.1u |
| Apache | 2.4.54 | 2.4.57 |
WINDOWS VERSION 7.0.7.0-R2301220555
LINUX VERSION 7.0.7.0-R2301220556
| Component | Old Version | New Version | Fixed Issues | Link |
|---|---|---|---|---|
| CURL | 7.81.0 | 7.86.0 | CVE-2022-42916 CVE-2022-42915 CVE-2022-32221 CVE-2022-35252 CVE-2022-32208 CVE-2022-32207 CVE-2022-32206 CVE-2022-32205 CVE-2022-27782 CVE-2022-27781 CVE-2022-27780 CVE-2022-27776 CVE-2022-27775 CVE-2022-27774 CVE-2022-22576 | https://curl.se/docs/releases.html |
| OpenSSL | 1.1.1m | 1.1.1s | CVE-2022-2097 CVE-2022-2068 CVE-2022-1292 CVE-2022-0778 | https://www.openssl.org/news/vulnerabilities-1.1.1.html |
| Apache | 2.4.50 | 2.4.54 | CVE-2022-31813 CVE-2022-30556 CVE-2022-30522 CVE-2022-29404 CVE-2022-28615 CVE-2022-28614 CVE-2022-28330 CVE-2022-26377 CVE-2022-23943 CVE-2022-22721 CVE-2022-22720 CVE-2022-22719 CVE-2021-44790 CVE-2021-44224 CVE-2021-42013 CVE-2021-41773 | https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES |
WINDOWS:
| Component | Old Version | New Version | Fixed Issues | Link |
|---|---|---|---|---|
| CURL | 7.76.1 | 7.81.0 | CVE-2021-22945 CVE-2021-22946 CVE-2021-22947 CVE-2021-22897 CVE-2021-22898 CVE-2021-22901 | https://curl.se/changes.html |
| OpenSSL | 1.1.1k | 1.1.1m | CVE-2021-3711 CVE-2021-3712 CVE-2021-4160 | https://www.openssl.org/news/vulnerabilities-1.1.1.html |
| libXML2 | 2.9.9 | 2.9.12 | CVE-2021-3537 CVE-2021-3518 CVE-2021-3517 CVE-2020-24977 CVE-2020-7595 CVE-2019-20388 CVE-2019-19956 | https://www.cvedetails.com/vulnerability-list/vendor_id-1962/product_id-3311/Xmlsoft-Libxml2.html |
WINDOWS: 7.0.5.0-R2107081105
LINUX: 7.0.5.0-R2107081112:
| Component | Old Version | New Version | Fixed Issues | Link |
|---|---|---|---|---|
| CURL | 7.74.0 | 7.76.1 | ||
| OpenSSL | 1.1.1g | 1.1.1k |
WINDOWS: 7.0.5.2-R2111111925
LINUX: 7.0.5.2-R2111111928
| Component | Old Version | New Version | Fixed Issues | Link |
|---|---|---|---|---|
| Apache | 2.4.50 |
WINDOWS: WATERFALL-SETUP-7.0.4.0-R2012281035.EXE
| Component | Old Version | New Version | Fixed Issues | Link |
|---|---|---|---|---|
| CURL | 7.70.0 | 7.74.0 | CVE-2020-8231 CVE-2020-8286 CVE-2020-8285 CVE-2020-8284 | https://curl.se/docs/CVE-2020-8231.html https://curl.se/docs/CVE-2020-8286.html https://curl.se/docs/CVE-2020-8285.html https://curl.se/docs/CVE-2020-8284.html |
LINUX: WATERFALL-SETUP-7.0.4.0-R2012281045.RUN
| Component | Old Version | New Version | Fixed Issues | Link |
|---|---|---|---|---|
| CURL | 7.70.0 | 7.73.0 | CVE-2020-8231 | https://curl.se/docs/CVE-2020-8231.html |
WINDOWS: WATERFALL-SETUP-7.0.3.0-R2008201034.EXE
| Component | Old Version | New Version | Fixed Issues | Link |
|---|---|---|---|---|
| OpenSSL | 1.1.1d | 1.1.1g | CVE-2019-1551 CVE-2020-1967 | https://www.openssl.org/news/vulnerabilities.html#2020 |
| CURL | 7.65.3 | 7.70.0 | CVE-2019-5481 CVE-2019-5482 CVE-2019-15601 | https://curl.haxx.se/changes.html |
| FFMPEG | 3.2.4 | 4.2.2 | CVE-2019-12730 CVE-2018-1999010 CVE-2018-14395 CVE-2018-14394 CVE-2017-9996 CVE-2017-9994 CVE-2017-9993 CVE-2017-9992 CVE-2017-9991 CVE-2017-9608 CVE-2017-7859 | https://www.cvedetails.com/vulnerability-list/vendor_id-3611/product_id-6315/version_id-212272/Ffmpeg-Ffmpeg-3.2.4.html |
| Apache | 2.4.41 | 2.4.43 | CVE-2020-1934 CVE-2020-1927 | https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-66/Apache-Http-Server.html https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES |
LINUX: WATERFALL-SETUP-7.0.3.0-R2008201040.RUN
| Component | Old Version | New Version | Fixed Issues | Link |
|---|---|---|---|---|
| GNU File | 5.11 | 5.37 | CVE-2014-8116 CVE-2014-8117 CVE-2014-9652 CVE-2014-9653 CVE-2014-9620 | https://github.com/file/file/blob/master/ChangeLog |
WINDOWS: WATERFALL-SETUP-7.0.2.0-R2002231042
| Component | Old Version | New Version | Fixed Issues | Link |
| OpenSSL | 1.0.2q | 1.1.1d | CVE-2019-1559 CVE-2019-1563 CVE-2019-1547 CVE-2019-1552 | https://www.openssl.org/news/vulnerabilities.html#y2019 |
| XERCES-C | 3.1.1 | 3.2.2 | CVE-2015-0252 | https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-31348/version_id-180832/Apache-Xerces-c-3.1.1.html |
| libCURL | 7.63.0 | 7.65.3 | CVE-2019-5435 CVE-2019-5436 CVE-2018-16890 CVE-2019-3822 CVE-2019-3823 | https://curl.haxx.se/changes.html |
| GNU File | 5.03 | 5.37 | CVE-2014-8116 CVE-2014-8117 CVE-2014-9652 CVE-2014-9653 | https://github.com/file/file/blob/master/ChangeLog |
| 7zip | 9.20 | 19.00 | CVE-2018-10172 CVE-2018-10115 CVE-2018-5996 CVE-2017-17969 CVE-2016-7804 CVE-2016-2335 CVE-2016-2334 | https://www.cvedetails.com/vulnerability-list/vendor_id-9220/7-zip.html |
| WGET | 1.20 | 1.20.3 | CVE-2019-5953 CVE-2018-20483 | https://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-332/GNU-Wget.html |
| libxml2 | 2.9.2 | 2.9.9 | CVE-2018-14567 CVE-2018-14404 CVE-2018-9251 CVE-2017-18258 CVE-2017-16932 CVE-2017-16931 CVE-2017-15412 CVE-2017-9050 CVE-2017-9049 CVE-2017-9048 CVE-2017-9047 CVE-2017-8872 CVE-2017-7376 CVE-2017-7375 CVE-2017-5969 CVE-2017-5130 CVE-2016-9598 CVE-2016-9597 CVE-2016-9596 CVE-2016-9318 CVE-2016-5131 CVE-2016-4616 CVE-2016-4615 CVE-2016-4614 CVE-2016-4483 CVE-2016-4449 CVE-2016-4448 CVE-2016-4447 CVE-2016-3705 CVE-2016-3627 CVE-2016-2073 CVE-2015-8806 CVE-2015-8710 CVE-2015-8317 CVE-2015-8242 CVE-2015-8241 CVE-2015-8035 CVE-2015-7942 CVE-2015-7941 CVE-2015-7500 CVE-2015-7499 CVE-2015-7498 CVE-2015-7497 CVE-2015-6838 CVE-2015-6837 CVE-2015-5312 | https://www.cvedetails.com/vulnerability-list/vendor_id-1962/product_id-3311/Xmlsoft-Libxml2.html |
| SQLite3 | 3.26.0 | 3.30.1 | CVE-2019-16168 CVE-2019-9937 CVE-2019-9936 CVE-2019-8457 CVE-2019-5018 |
LINUX: WATERFALL-SETUP-7.0.2.0-R2002230958
| Component | Old Version | New Version | Fixed Issues | Link |
|---|---|---|---|---|
| GNU File | 5.11 | 5.37 | CVE-2014-8116 CVE-2014-8117 CVE-2014-9652 CVE-2014-9653 CVE-2014-9620 | https://github.com/file/file/blob/master/ChangeLog |
WINDOWS: WATERFALL-SETUP-7.0.1.0-R1908281503
| Component | Old Version | New Version | Fixed Issues | Link |
|---|---|---|---|---|
| OpenSSL | 1.0.2p | 1.0.2q | CVE-2018-5407 CVE-2018-0734 | https://www.openssl.org/news/openssl-1.0.2-notes.html |
| Apache | 2.4.29 | 2.4.39 | CVE-2019-0197 CVE-2019-0196 CVE-2019-0211 CVE-2019-0196 CVE-2019-0217 CVE-2019-0215 CVE-2019-0220 CVE-2018-17199 CVE-2018-17189 CVE-2019-0190 CVE-2018-8011 CVE-2018-1333 CVE-2017-15710 CVE-2018-1283 CVE-2018-1303 CVE-2018-1301 CVE-2017-15715 CVE-2018-1312 CVE-2018-1302 | https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES |
LINUX: WATERFALL-SETUP-7.0.1.0-R1908281434
| Component | Old Version | New Version | Fixed Issues | Link |
|---|---|---|---|---|
| libCURL | 7.61.0 | 7.63.0 | CVE-2018-16839 CVE-2018-16840 CVE-2018-16842 CVE-2018-14618 | https://curl.haxx.se/changes.html |
OLDER RELEASES
| RELEASE | DATE | DESCRIPTION |
|---|---|---|
| WF-Setup-5.1.0.0-r1805101931 | 5/10/2018 | Updated ICCP library from version 5.4 to 6.1. The ICCP library is used only by the ICCP connector. For details see: https://www.sisconet.com/uncategorized/product-release-iccp-lite-plus/ |
| WF-Setup-5.1.0.0-r1712241132 | 12/24/2017 | Added connectors, functionality and fixed non-security-related defects. |
| WF-Setup-5.1.0.0-r1710091113 | 10/9/2017 | Added connectors, functionality and fixed non-security-related defects. |
| WF-Setup-5.1.0.0-r1708160240 | 8/16/2017 | Updated OpenSSL library from version 1.0r2f to 1.02g. OpenSSL is used only by the connectors: TCP Multicast, Syslog, Splunk and OPC UA. For details see: https://www.openssl.org/news/openssl-1.0.2-notes.html |
| WF-Setup-5.1.0.0-r1707061728 | 7/6/2017 | Updated ACE library from version 5.7.6 to 6.0.3. The ACE library is used in all Unidirectional Gateway installations. For details see: https://github.com/DOCGroup/ACE_TAO/blob/master/ACE/NEWS |
