To all NoMachiners,
We’ve released a new version of of NoMachine version 5 to prevent a flaw in OpenSSL (CVE-2016-6304) which could lead to a denial-of-service attack. The vulnerability results when attackers issue an excessively large OCSP status request extension which exhausts memory on servers in default configuration.
The OpenSSL project released an update of its OpenSSL packages to patch this vulnerability, details of which are reported here:
https://www.openssl.org/news/openssl-1.0.1-notes.html
With this release we’ve also fixed the black screen on macOS issue, and a number of other bugs which were affecting previous releases. Go straight to the full announcement to get a complete list of what we’ve implemented:
https://www.nomachine.com/SU09N00176