The ability to upload third-party content has been removed from the > System > Maintenance page, to address concerns raise by CVE-2021-41550 and CVE-2021-41551. Users can no longer use the Connection Broker Administrator Web interface to upload ZIPfiles, PL-files, or any other files with the exception of custom logos and favicons, into the Connection Broker /home/leo/app/tpc directory, to prevent bad actors from uploading malicious scripts into a Leostream environment. Leostream recommends updating to Connection Broker 9.1 for any customers who have exposed their Connection Broker Administrator Web Interface to the internet.
Connection Broker 9.1 Features:
Connection Broker 9.1 Resolved Issues:
Leostream Gateway 184.108.40.206
Leostream Agent 7.4.8 for Microsoft Windows operating systems
Leostream Agent 5.2.6 for Linux and macOS
Leostream Connect 4.4.2 for Microsoft Windows operating systems
Leostream Connect 3.8.2 for Linux and macOS
To view the full list release notes, please visit here!