Luxembourg, September 28th, 2016

NoMachine makes available updated software packages for users of version 4 to prevent a flaw in OpenSSL (CVE-2016-6304) which could lead to a denial-of-service attack. The vulnerability results when attackers issue an excessively large OCSP status request extension which exhausts memory on servers in default configuration.

The OpenSSL project released an update of its OpenSSL packages to patch this vulnerability, details of which are reported here:

https://www.openssl.org/news/openssl-1.0.1-notes.html

All NoMachine 4 users are advised to update their client and server installations with this latest NoMachine release, 4.6.24, which contains the updated OpenSSL components (1.0.1u). Users of version 5, please consult the combined Software Update & Security Advisory here:

https://www.nomachine.com/SU09N00176

Supported Platforms

Windows 32-bit/64-bit XP/Vista/7/8/8.1/10

Mac Intel OS X 64-bit 10.5/10.6/10.7/10.8/10.9/10.10/10.11, macOS 10.12

Linux 32-bit and 64-bit

Red Hat Enterprise 4/5/6/7
SLED 10.x/11.x
SLES 10/11/12
Open SUSE 10.x/11.x/12.x/13.x
Mandriva 2009/2010/2011
Fedora 10/11/12/13/14/15/16/17/18/19/20/21/22/23
Debian GNU Linux 4.0 Etch/5.0 Lenny/6.0 Squeeze/7.0 Wheezy/8.0 Jessie
Ubuntu 8.04 Hardy Heron/8.10 Intrepid Ibex/9.04 Jaunty Jackalope/
9.10 Karmic Koala/10.4 Lucid Lynx/10.10 Maverick Meerkat/11.04 Natty Narwhal/
11.10 Oneiric Ocelot/12.04 Precise Pangolin/12.10 Quantal Quetzal/13.04 Raring Ringtail/
13.10 Saucy Salamander/14.04 Trusty Tahr/14.10 Utopic Unicorn/
15.04 Vivid Vervet/15.10 Wily Werewolf/16.04 Xenial Xerus

Download NoMachine Packages

You can obtain these latest packages suitable for your Operating System either by using the automatic updates system available in version 4 software already installed, or via the customer area. Customers with valid subscriptions should log in to their customer area and download the appropriate "Update version" for the Production Version 4.

Automatic updates

The automatic check for updates has been enabled since version 4.6.3 and is scheduled to check our repositories every two days.

To update any of the NoMachine servers immediately:

- Run the NoMachine GUI from your Programs Menu.

- Click on 'Preferences' and 'Updates'.

- Then click on the 'Check now' button.

To update the NoMachine Enterprise Client immediately:

- Click on 'Preferences' and 'Updates'.

- Then click on the 'Check now' button.

More information about the check for automatic updates is available here: https://www.nomachine.com/AR05M00847

Manual package update

Please follow the instructions to update your installation manually:

On Windows:

- Download and save the EXE file.
- Double click on the NoMachine executable file.
- As for the installation, the Setup Wizard will take you through all steps necessary for updating NoMachine.

On Mac:

- Download and save the DMG file.
- Double-click on the Disk Image to open it and double-click on the NoMachine program icon.
- As for the installation, the Installer will take you through through all steps necessary for updating NoMachine.

On Linux:

You can use the graphical package manager provided by your Linux distribution or update NoMachine by command line by following instructions below.
If you don't have the sudo utility installed, log on as superuser ("root") and run the commands without sudo.

RPM

- Download and save the RPM file.
- Update your NoMachine installation by running:

# rpm -Uvh <pkgName>_<pkgVersion>_<arch>.rpm

DEB

- Download and save the DEB file.
- Update your NoMachine installation by running:

$ sudo dpkg -i <pkgName>_<pkgVersion>_<arch>.deb

TAR.GZ

- Download and save the TAR.GZ file.
- Update your NoMachine installation by running:

$ cd /usr
$ sudo tar xvzf <pkgName>_<pkgVersion>_<arch>.tar.gz
$ sudo /usr/NX/nxserver --update

If you are installing Enterprise Client or Node run respectively:

$ sudo /usr/NX/nxclient --update
$ sudo /usr/NX/nxnode --update

Documents

Installation and configuration guides for the NoMachine products are available at:

https://www.nomachine.com/documents

The NoMachine Security Team