Luxembourg, September 28th, 2016

NoMachine makes available updated software packages for users of version 5 to prevent a flaw in OpenSSL (CVE-2016-6304) which could lead to a denial-of-service attack. The vulnerability results when attackers issue an excessively large OCSP status request extension which exhausts memory on servers in default configuration.

The OpenSSL project released an update of its OpenSSL packages to patch this vulnerability, details of which are reported here:

https://www.openssl.org/news/openssl-1.0.1-notes.html

All NoMachine users are advised to update their client and server installations with this latest NoMachine release, 5.1.54, which contains the updated OpenSSL components (1.0.1u). Users of version 4, please consult the combined Software Update & Security Advisory here:

https://www.nomachine.com/SU09N00177

Additionally, this release fixes a black screen issue occurring on macOS Sierra and a number of other issues affecting previous NoMachine software versions. It also implements the following Feature Request:

FR09N03194 - Giving a short-cut to open and close the NoMachine virtual keyboard in a web session

The complete list of fixed Trouble Reports is:

TR08N07149 - Black screen occurs when connecting to macOS Sierra
TR07N07080 - Display is not correctly redrawn using Synopsys Laker ADP
TR09N07182 - Cannot connect or reconnect virtual desktops due to sessions db being locked
TR08N07158 - Cannot connect to the remote desktop when connection limits are reached (Error 5)
TR08N07160 - Cannot connect to the remote node when load-balancing is disabled for such node
TR07N07039 - Cannot create sessions on a remote node when username contains '+'
TR09N07187 - Current connections on the remote nodes are closed when the nxd process terminates
TR07N07021 - Error "Cannot find default environment" occurs when user's shell is ksh
TR07N07040 - German keyboard layout is not correct in web sessions
TR08N07111 - Kerberos tickets are not deleted when the NoMachine session is finished
TR08N07109 - Kerberos tickets are not forwarded correctly in a multinode environment
TR02N06423 - NoMachine client moved to the first display gets a wrong resolution after that the second monitor is disconnected on OS X
TR08N07141 - nxserver --daemon is blocked for five seconds when UPnP is enabled on Google Compute Engine
TR07N07047 - Sleep and stand by modes on Windows 10 machine do not work after session disconnect
TR09N07194 - The '/' key does not work in the NoMachine web player's UI
TR06M05593 - The greeting message is not shown correctly when text is long
TR06M05637 - The NoMachine file transfer tracking window becomes unusable on GNOME

Supported Platforms

Windows 32-bit/64-bit XP/Vista/7/8/8.1/10

Mac Intel 64-bit OS X 10.5/10.6/10.7/10.8/10.9/10.10/10.11, macOS 10.12

Linux 32-bit and 64-bit

Red Hat Enterprise 4/5/6/7
SLED 10.x/11.x
SLES 10/11/12
Open SUSE 10.x/11.x/12.x/13.x
Mandriva 2009/2010/2011
Fedora 10/11/12/13/14/15/16/17/18/19/20/21/22/23
Debian GNU Linux 4.0 Etch/5.0 Lenny/6.0 Squeeze/7.0 Wheezy/8.0 Jessie
Ubuntu 8.04 Hardy Heron/8.10 Intrepid Ibex/9.04 Jaunty Jackalope/
9.10 Karmic Koala/10.4 Lucid Lynx/10.10 Maverick Meerkat/11.04 Natty Narwhal/
11.10 Oneiric Ocelot/12.04 Precise Pangolin/12.10 Quantal Quetzal/13.04 Raring Ringtail/
13.10 Saucy Salamander/14.04 Trusty Tahr/14.10 Utopic Unicorn/
15.04 Vivid Vervet/15.10 Wily Werewolf/16.04 Xenial Xerus

Download NoMachine Packages

You can download the latest packages suitable for your Operating System from the NoMachine Web site at the following URL:

http://www.nomachine.com/download

Customers with valid subscriptions should log in to their customer area at https://www.nomachine.com/support#login and download the "Update version" for their "Production Version".

Automatic updates

The automatic check for updates has been enabled since version 4.6.3 and is scheduled to check our repositories every two days.

To update any of the NoMachine servers immediately:

- Run the NoMachine GUI from your Programs Menu.

- Click on 'Preferences' and 'Updates'.

- Then click on the 'Check now' button.

To update the NoMachine Enterprise Client immediately:

- Click on 'Preferences' and 'Updates'.

- Then click on the 'Check now' button.

More information about the check for automatic updates is available here: https://www.nomachine.com/AR05M00847

Manual package update

Please follow the instructions to update your installation manually:

On Windows:

- Download and save the EXE file.
- Double click on the NoMachine executable file.
- As for the installation, the Setup Wizard will take you through all steps necessary for updating NoMachine.

On Mac:

- Download and save the DMG file.
- Double-click on the Disk Image to open it and double-click on the NoMachine program icon.
- As for the installation, the Installer will take you through through all steps necessary for updating NoMachine.

On Linux:

You can use the graphical package manager provided by your Linux distribution or update NoMachine by command line by following instructions below.
If you don't have the sudo utility installed, log on as superuser ("root") and run the commands without sudo.

RPM

- Download and save the RPM file.
- Update your NoMachine installation by running:

# rpm -Uvh <pkgName>_<pkgVersion>_<arch>.rpm

DEB

- Download and save the DEB file.
- Update your NoMachine installation by running:

$ sudo dpkg -i <pkgName>_<pkgVersion>_<arch>.deb

TAR.GZ

- Download and save the TAR.GZ file.
- Update your NoMachine installation by running:

$ cd /usr
$ sudo tar xvzf <pkgName>_<pkgVersion>_<arch>.tar.gz
$ sudo /usr/NX/nxserver --update

If you are installing Enterprise Client or Node run respectively:

$ sudo /usr/NX/nxclient --update
$ sudo /usr/NX/nxnode --update

Documents

Installation and configuration guides for the NoMachine products are available at:

https://www.nomachine.com/documents

The NoMachine Security Team