What’s New in RLM 17.0

Important

Version 17.0 adds ID Licensing functionality with RLM Cloud, allowing you to create and assign users directly to RLM Cloud license servers. See: ID Licensing Tab

  • Named users can also now be viewed and removed with rlmutil.

  • Building the dev kit will now generate a sha256 hash file for ISV binaries.

    • When the hash file is present, RLM will now validate the ISV binary against the hash. This does not affect ISV servers using the .set file.

    • This change mitigates CVE-2021-44153.

    • See ISV Binary Hash for more information.

Warning

In v17 RLM will continue to run the ISV binary if no hash file is present. Starting in v18 the ISV hash file will be required to run ISV binaries.

Problems fixed in this release

  • CVE-2021-37498

  • CVE-2021-37499

  • CVE-2021-44153

  • Bug: Fixed regression which caused RLM to not be able to retrieve hostid from hardware dongles.

  • Bug: RLM will now locate license files when the filepath contains an @ symbol.

  • Bug: Removed clock jump warning at startup of license server.

  • Bug: Named user count is now displayed in the web interface.

Platform changes

  • 32-bit Linux no longer supported

API Additions

Activation changes

The following activation changes have been made to mitigate CVE-2021-37498:

  • LAN IP addresses are now blacklisted from Web UI activation requests.

  • Only ports 80 and 443 are allowed for Web UI activation requests.

Dependency Changes

The method that RLM handles dependencies on Linux has changed in v17. See Configure and build your RLM Kit and Package your software for shipment for more information.

Known issues in this release

  • License signing with rlmsign fails when the filename contains a non-ASCII character.

  • RLM Cloud web services API fails to retrieve log files if it contains wide/8-bit characters (can still retrieve log files via web portal).

  • Product returned from rlm_actinfo2() is incorrect if variable is not sized specifically.

  • RLM web interface performance may be slow when running RLM on Windows. Sentinel HASP drivers can be installed to improve this.

  • Unable to reset passwords without at least one login.