We always try to keep on top of security upgrades. This build upgrades the OpenSSL library to the latest version.
To be geeky about it this build, (1) Fixed a problem with verifying a certificate chain when using the X509_V_FLAG_X509_STRICT flag (CVE-2021-3450) and (2) Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client (CVE-2021-3449).
The latest release version is now WebCrossing 6.4 6a197da 2021-05-10.
All self-hosted customers with valid support and maintenance contracts can download this new version at no cost.
If you are a self-hosted customer and have a valid support and maintenance contract, please contact support for access to the new server. If your support and maintenance contract has expired, please contact us to renew so we can provide you with this important update.
