Support-Advisories-2020-yellow-header

 

Support Advisories

Monetra 8.16.0 Available (Security Fix)

Posted by SpeedLine Support on Jan 6, 2021 4:01:04 PM

Monetra 8.16.0 has been released and is available for upgrade. This release contains a security fix, so all customers using Monetra should upgrade to this version as soon as possible. 

Release notes:

Effective 12/9/2020

Monetra 8.16.0 has been released to the public and is a feature enhancement/security/maintenance release.

This release is highly recommended for all users of Monetra and should be considered the most modern and stable release available.

Changelog

Database Schema: v4.13 (compatible with v4.0)

Security:

  • [High] OpenSSL has been updated to 1.1.1i. This release addresses a single high priority security vulnerability that could lead to a Denial of Service attack. For more information please see: https://www.openssl.org/news/secadv/20201208.txt
  • [Low] c-ares has been updated to 1.17.1. This release addresses a few low priority vulnerabilities that are not expected to be possible to trigger in the way Monetra uses this library. For more information see: https://c-ares.haxx.se/changelog.html

Certifications:

  • Global Payments has been recertified. The specification in use has changed from their TEXT processing specification to ISO8583. This certification includes the latest industry mandates such as Card on File and Online Return Authorizations. The certification includes support for the Ingenico TETRA line of devices.
  • Global Payments Big Batch upload specification has been recertified to ensure compliance with the latest industry requirements.

Features:

  • In the Monetra logs, the [CONNID XXX] and [TRANSID XXX] entries are now guaranteed to be unique across both restarts of Monetra as well as across different machines. They are displayed as up to a 16 character hex value. In main.conf there is a new node_id configuration value that should be set to a unique value per node. The acceptable range is 0-15.

Fixes:

  • The profile_id wasn't being saved during an edituser request.

Integration Changes:

  • Global Payments no longer supports dialup communication (dial backup) due to switching to the ISO8583 specification where that is not possible.

ThirdParty Library Updates:

  • SQLite updated to 3.34.0
  • OpenSSL updated to 1.1.1i
  • C-ares updated to 1.17.1

Topics: Monetra Updates

Find out About Customer Communications

Subscribe to Support Email Updates

Advisories by Topic

see all

Recent Advisories

For Customers

Contact

General Inquiries:

1-888-400-9185
info@speedlinesolutions.com

Support:

1-888-923-9185
support@speedlinesolutions.com

Resources

About

 
Copyright ©2020 by SpeedLine Solutions Inc.  |  Terms Of Use  |  Privacy Statement