Release Notes

This document describes the new features, changes and enhancements for Entire Connection Version 9.1.4. This is the successor of Entire Connection Version 9.1.3.

The following topics are covered:


Supported Operating Systems

Entire Connection supports the following 64-bit operating system platforms:

  • Microsoft Windows 10

  • Microsoft Windows Server 2016

  • Microsoft Windows Server 2019

Make sure the machine on which you are going to run the installer contains the latest Windows updates before you start the installation.

Home editions of Microsoft Windows are not supported.

The runtime components of Entire Connection are always 32-bit applications, even on 64-bit platforms.

For further information, see Prerequisites in the Installation section.

Compiler Used to Build Entire Connection

Entire Connection was built and tested with the following compiler:

  • Microsoft Visual Studio 2019

Important Notes

  • To address vulnerabilities of previous OpenSSL/TLS versions, this release of Entire Connection includes OpenSSL/TLS 1.1.1k.

  • To address vulnerabilities of previous SSH2 versions, this release of Entire Connection includes libssh2 1.8.2.

    To address vulnerabilities in libssh2 1.8.2, Red Hat, among others, has published the following statement: https://access.redhat.com/security/cve/cve-2019-13115.

    This vulnerability has been rated as having a security impact of Moderate. After evaluation and in accordance with the criteria noted in the product support life cycle, there are no plans to address this issue in an upcoming release.

  • CVE-2019-13115: A vulnerability was discovered in libssh2 versions before 1.9.0.

    In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to a _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.

    For more details, see https://nvd.nist.gov/vuln/detail/CVE-2019-13115#vulnCurrentDescriptionTitle.

    This vulnerability has been rated as having a security impact of Moderate and will not be addressed in the current version of Entire Connection.

  • To address vulnerabilities of previous ICU versions, this release of Entire Connection includes ICU 63.2.0.0.