Jump to: navigation, search

8.5.100.06

Genesys Security Pack on UNIX 8.5.x Release Notes

Release Date Release Type Restrictions AIX Linux Solaris Windows
12/22/15 General X X X

Helpful Links


What's New

This release contains the following new features and enhancements:

  • New secure socket layer implementation: The default secure socket layer implementation has been changed to use OpenSSL to facilitate communication in the SSL/TLS protocol suite. This includes the following enhancements: For backward compatibility purposes, the previous implementation using RSA is also provided. For more information about these changes, refer to the "Genesys Implementation of Secure Protocol Connections" topic of the Framework Deployment Guide.
  • More secure default certificate signature algorithm: Security Pack scripts have been changed to use SHA1 by default, with an option to use SHA256. Genesys strongly recommends that SHA256 be used for all new certificate generation. The previous default algorithm, MD5, is considered vulnerable and is not to be used. MD5 signed certificates might not be accepted by modern TLS protocol versions. MD5 signed certificates pose a significant security threat and must be reissued as soon as possible.
  • Enhanced logging: To simplify troubleshooting of secure connections, Security Pack 8.5.100.06 or newer offers additional logging of the secure connection establishment phase.


Resolved Issues

This release contains the following resolved issues:


This release fixes the memory leak in Genesys Security Pack that originated in third-party software used by Genesys Security Pack. The leak was specific to RSA, which is no longer used by Security Pack. (MFWK-16911)


If mutual TLS is configured on both the client and server (tls-mutual=true), the client and server applications now connect properly using TLS. Previously in this scenario, the client application would terminate unexpectedy while trying to connect to the server using mutual TLS. (MFWK-16908)


Upgrade Notes

No special procedure is required to upgrade to release 8.5.100.06.

Feedback

Comment on this article:

blog comments powered by Disqus
This page was last modified on November 2, 2018, at 07:33.