The Protection PLUS 5 SDK version 220.127.116.11 release updates PLUSNative libraries to use OpenSSL 1.0.2d, which fixes a high-severity flaw in OpenSSL. The only Protection PLUS 5 SDK release affected by this OpenSSL flaw is 18.104.22.168, which was released on July 6th, 2015. Prior releases of Protection PLUS 5 SDK did not use versions of OpenSSL that were affected by this flaw. Protection PLUS 5 SDK .NET Edition is NOT affected.
The Protection PLUS 5 SDK version 22.214.171.124 release is only for the following (affected) editions:
If your licensed application uses the dependency-free builds of the PLUSNative static libraries, then upgrading to version 126.96.36.199 is not required. However, it is very important that you ensure the version of OpenSSL your application(s) link is either not affected or is patched as soon as reasonably possible.
Direct impact on Protection PLUS 5 SDK is mitigated through the use of our own layer of encryption and digital signatures. Consequently, the primary reason for a prompt patch is to mitigate the potential for impact in licensed applications that use OpenSSL for other transmissions.
For more details, please read the release notes.
Mike Wozniak is one of the co-founders of SoftwareKey.com and responsible for marketing, content and product strategy. When he isn't plotting new ways to help customers solve licensing and business automation challenges, he likes to travel and entertain guests who come to visit the Orlando area. He also writes most of the licensing tips here.
Instant Protection PLUS 3 Version 188.8.131.52 Released
Protection PLUS 5 SDK Major Updates for Android Users
Protection PLUS 5 SDK version 184.108.40.206 released
SOLO Server 220.127.116.11 Released with a New GDPR Module and Other Enhancements
Now an Easier Way to Define Custom License Data
SOLO Server 18.104.22.168 Released with Enhancements to Custom License Parameters and Multi-Tenant Catalog Features