We have released a maintenance update to RLM v15.1BL1. This release primarily addresses a critical security vulnerability in the Mongoose web server:
- Upgraded Mongoose to 7.11 addressing 2 critical vulnerabilities. (The CVE for these vulnerabilities will not be published publicly until August 25th.)
If you have already updated to v15.1BL1, we strongly recommend updating to v15.1BL2. In addition to addressing this vulnerability we have fixed a number of regressions in v15.1 related to the web interface, as well as closing memory leaks in the client library:
- Fixed OpenSSL memory leaks in client library.
- Fixed empty password causing shutdown when using -nows.
- Fixed issue where password licenses were not shown when entering password in web server.
- Fixed wrong license being checked out when checking out token licenses with a password.
- Fixed modification of transfer definitions in web server.
- Fixed issue where user couldn’t remove checked out license using web server in certain cases.
Important note: Starting in 15.1, passwords for the web interface are now case sensitive. The rlm.pw file will need to be regenerated after updating from v15.0 or earlier.
If you have not already updated to 15.1, some of the new features include:
- The embedded web server has been changed from GoAhead to Mongoose.
- The RLM web server now requires login to access.
- Running RLM as root/administrator is no longer restricted.
- The web interface now supports HTTPS.
Bug fixes include:
- License checkout now obeys single license count on Linux when using multiple checkouts in single process.
- RLMCloud users are no longer able to view all license file names via the logs.
- The -l switch now works correctly on Linux systems with upper-case computer names.
- Version 9 settings files now work with version 14.2 and later.
- Mitigated 4 vulnerabilities.
Note: All RLM kits contain both the machine-independent and the machine-dependent part (including the Reference manual).
Documentation:
- RLM Getting Started Guide
- RLM-Embedded Getting Started Guide
- RLM Reference Manual
- RLM Embedded Reference Manual
- RLM License Administration Manual
- Release Notes
- README
RLM Activation Pro
To install:
- Unix/Mac: download, gunzip the kit, tar xf, then run INSTALL. See README above. (If your browser gunzipped the file during transfer, you should skip the gunzip step). Note arm64_m2 does not have Java support.
- Windows: download, execute the installer, then run “nmake” in the binary directory (x86_w4, x64_w4, x86_w3, or x64_w3).
Java:
- Java for Unix (java_unix.tar.gz) (RLM has java support only on the following Unix platforms: x86_l2, x64_l1, x86_m2, and x64_m2. Windows kits include the Java interface.) (1023 kb)
Linux:
- Linux ARM 64-bit (arm64_l1.tar.gz) (1.8 Mb)
- Linux x86 32-bit (x86 _l2.tar.gz – v15.1BL2) (gcc v3.2.2) (3.7 Mb)
- Linux x86 64-bit (x64 _l1.tar.gz – v15.1BL2) (gcc v3.2.2) (3.8 Mb)
Mac
- MAC x86 64-bit (x64 _m2.tar.gz) (MAC OS/X Catalina and later) (1.9 Mb)
- MAC arm 64-bit (arm64_m2.tar.gz) (Big Sur) (1.9 Mb)
Windows:
- Windows 32-bit (rlm.v15.1BL2-x86_w4.zip) (Visual Studio 2015, 2017, 2019, 2022) (11.8 Mb)
- Windows 64-bit (rlm.v15.1BL2-x64_w4.zip) (Visual Studio 2015, 2017, 2019, 2022) (13.0 Mb)
For general questions, please send email to support@reprisesoftware.com.