action.skip

Reflection for Secure IT Client for Windows 8.3 Service Pack 2 Release Notes

Last Updated: October 2024


Introduction

Reflection for Secure IT Client for Windows 8.3 Service Pack 2 is available now for new and existing customers. These release notes provide information about how to obtain this release and a list of features and fixes included in this version of Reflection for Secure IT Client for Windows. They also include fixes in Reflection FTP, which is included with Reflection for Secure IT Client for Windows.

For important information regarding security updates, see Support Portal - Reflection for Secure IT Client for Windows.


What's New

Reflection for Secure IT Client for Windows 8.3 Service Pack 2 includes new security enhancements and resolved issues:

Security Enhancements

  • Improved how the product requests IP addresses when configured to allow both IPv6 and IPv4.

  • Added support for AES-GCM authenticated encryption in SSH. This cipher is proposed at the beginning of the ciphers list in a default connection.

  • Updated to OpenSSL 3.0.15 to address the following CVEs:

    • CVE-2023-5678

    • CVE-2023-6237

    • CVE-2024-0727

    • CVE-2024-4603

    • CVE-2024-6119


Resolved Issues

Reflection for Secure IT Client for Windows Enhancements

  • Resolved formatting errors when pasting content from the Scratch Pad to Microsoft Word.

  • When entering a hostname in a new or existing VT session with a Telnet connection, the hostname will be preserved when configuring security settings.


Security

  • Tested and verified that the guidance to address CVE-2013-3900 would not disrupt Reflection for Secure IT Client for Windows functionality.

Reflection FTP Client

  • Resolved intermittent transfer failures with large files.

  • Fixed how the Reflection FTP Client handles sensitive data when performing a memory dump.

  • Resolved failures when initializing an Active Mode FTP connection.

    A wait has been implemented for the FD_ACCEPT and the LIST command response before starting the TLS handshake.

Installation

Maintained customers are now eligible to download the latest product releases (see Welcome to the Support Experience). You will be prompted to login and accept the Software License Agreement before you can download a file.


Contacting Support

For specific product issues, contact Rocket Technical Support.

Additional technical information or advice is available from several sources:


© 1985-2024 Rocket Software, Inc. or its affiliates. All Rights Reserved.