Post by Admin on Dec 28, 2023 20:01:48 GMT
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
RICOH InfoPrint Manager V4.12.3 – Security Update Release -- December 15th, 2023
Amy Buckingham, WW ATS
InfoPrint Manager V4.12.3 became available December 15th. This quarterly deliverable is intended to provide updates to Java and Open Source packages to prevent vulnerability and security exposures. The InfoCenter is updated with the V4.12.3 documentation. Note that for any trial requests, the customer will receive V4.12.3, on a 60-day trial basis. To request a trial, go to this URL: ricohsoftware.com/trial_request . For internal users, be sure to include 'ricoh' as part of the e-mail address to automatically be approved.
This release further solidifies InfoPrint Manager in the Commercial, Transactional and Office environments , over a wide range of Ricoh and OEM printers. It also continues to be customer driven, delivering customer and Ricoh requested enhancements.
Key Security and Issue Updates added in IPM 4.12.3:
Security fixes included in Release 4.12.3
Release 4.12.3 includes fixes for these CVEs:
Release 4.12.3 includes resolution for these CCRs:
AIX/Linux/Windows:
AIX:
Reminder: If you are upgrading multiple servers, keep all clients at the older (4.9.1 or earlier) level until all servers are upgraded to 4.9.2 or higher. Then upgrade the clients.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
IPM.Release.Notes.V4.12.3.zip (351.41 KB)
Amy Buckingham
Advisory Specialist, Solutions
RICOH Graphic Communications - DSBC
Ricoh USA, Inc.
Phone: 720.663.3512
Email: amy.buckingham@ricoh-usa.com
RICOH InfoPrint Manager V4.12.3 – Security Update Release -- December 15th, 2023
Amy Buckingham, WW ATS
InfoPrint Manager V4.12.3 became available December 15th. This quarterly deliverable is intended to provide updates to Java and Open Source packages to prevent vulnerability and security exposures. The InfoCenter is updated with the V4.12.3 documentation. Note that for any trial requests, the customer will receive V4.12.3, on a 60-day trial basis. To request a trial, go to this URL: ricohsoftware.com/trial_request . For internal users, be sure to include 'ricoh' as part of the e-mail address to automatically be approved.
This release further solidifies InfoPrint Manager in the Commercial, Transactional and Office environments , over a wide range of Ricoh and OEM printers. It also continues to be customer driven, delivering customer and Ricoh requested enhancements.
Key Security and Issue Updates added in IPM 4.12.3:
- Apache Tomcat 10.1.16
- OpenSSL 3.0.12
- Resolve hang during pdserver shutdown
- pioinfo backend hangs when certain printers do not respond to normal closing of communication socket
Security fixes included in Release 4.12.3
Release 4.12.3 includes fixes for these CVEs:
| Apache Tomcat 10.1.16 | Request smuggling CVE-2023-46589 |
| Apache Tomcat 10.1.16 | Request smuggling CVE-2023-45648 |
| Apache Tomcat 10.1.16 | Denial of service CVE-2023-44487 |
| Apache Tomcat 10.1.16 | Information disclosure CVE-2023-42795 |
| Apache Tomcat 10.1.16 | Open redirect CVE-2023-41080 |
| OpenSSL 3.0.12 | Incorrect cipher key & IV length processing CVE-2023-5363 |
| OpenSSL 3.0.12 | POLY1305 MAC implementation corrupts XMM registers on Windows CVE-2023-4807 |
Release 4.12.3 includes resolution for these CCRs:
AIX/Linux/Windows:
- IPM3-1215 Resolve hang during pdserver shutdown while issuing a stop_server command followed by a pdshutdown-xwhen=now command. Moreover, shutdown time is improved if server has PSF destination types.
- IPM3-1224 pioinfo backend hangs when certain printers do not respond to normal closing of communication socket.
AIX:
- PM3-1211 AIX fileset ipsc-psf.icu.rte failed while executing the ipsc-psf.icu.rte.config_u script, due to incorrect first line of the config_uscript“#!/bin/bash”.
- IPM3-1209 Incorrect locale exposed for InfoPrint Manager for Windows on pdserver.conf.
- IPM3-1217 Management Console and MVSD Service incorrectly report MVS Download Receiver process as running if it failed to start or if it was terminated and its PID was allocated meanwhile to another process.
Reminder: If you are upgrading multiple servers, keep all clients at the older (4.9.1 or earlier) level until all servers are upgraded to 4.9.2 or higher. Then upgrade the clients.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
IPM.Release.Notes.V4.12.3.zip (351.41 KB)
Amy Buckingham
Advisory Specialist, Solutions
RICOH Graphic Communications - DSBC
Ricoh USA, Inc.
Phone: 720.663.3512
Email: amy.buckingham@ricoh-usa.com