Apparantly, Lotus releases lower than 6.5.4 have a security vulnerability issue:About Secunia Research | Flexera
does anyone know:
If a patch is available and
If so, where to download it?
I’d like to avoid en entire upgrade (from 6.5.2 to 6.5.4) if possible
Tks,
-MC
Subject: Is a patch available to fix the <6.5.4 security vulnerability and if so, where?
If you’re affected by this then you’ve got some malicious application developers (or an app that lets users arbitrarily inject information into @SetHTTPHeader), and you’ve probably got bigger problems than just this.
There may be a hotfix for this issue, in which case you should contact Lotus Support.
And there’s so many other items fixed in 6.5.4 (the most since 5.0.2) that I’d strongly recommend an upgrade if possible.
Subject: RE: Is a patch available to fix the <6.5.4 security vulnerability and if so, where?
Is this what you are talking about:
If you search the Support site for “vulnerability” and sort by date, you should get all of the issues and the fixes.
HTH.
Gregg