Release notes
- Last UpdatedOct 30, 2023
- 2 minute read
- PI System
- PI Connector for BACnet 1.3.8.0
- Connectors
PI Connector for BACnet
1.3.8.0
Overview
The 1.3.8.0 release of the PI Connector for BACnet is a maintenance release that updates the AF Client Dependency to 2018 SP3 Patch 2.
Fixes and Enhancements
Fixes
There are no fixes with this release of PI Connector for BACnet.
Enhancements
There are no fixes with this release of PI Connector for BACnet.
System Requirements
Operating Systems
This release supports Windows 10.
Distribution Kit Files
|
Product |
Software Version |
|---|---|
|
Microsoft .NET Framework 4.8 Setup |
4.8 |
|
Microsoft Visual C++ 2019 Redistributable (x86) |
14.21.27702 |
|
Microsoft Visual C++ 2019 Redistributable (x64) |
14.21.27702 |
|
PI AF Client 2018 SP3 Patch 2 |
2.10.8.440 |
|
PI Connector for BACnet |
1.3.8.0 |
Installation and Upgrade
Installing PI Connector for BACnet
Refer to the Install the connector section.
Uninstalling PI Connector for BACnet
Refer to the Uninstall the connector section.
Security information and guidance
We are committed to releasing secure products. This section is intended to provide relevant security-related information to guide your installation or upgrade decision.
We proactively disclose aggregate information about the number and severity of security vulnerabilities addressed in each release. The tables below provide an overview of security issues addressed and their relative severity based on standard scoring.
Overview of New Vulnerabilities Found or Fixed
For this release, three high security vulnerabilities have been identified and fixed. The category of High (7.0 – 8.9) is based on the CVSS scoring system. These high-level security issues have been resolved in the PI Connector for BACnet itself and PI AF Client 2018 SP3 Patch 2 sub-component, which have been packaged in this release. To reduce exposure to these security issues, upgrade to the latest release.
No additional security vulnerabilities are applicable to this release. Subcomponents of this release contain known vulnerabilities which are not exploitable in PI Connector for BACnet.
This table lists the known vulnerabilities along with their mitigation in this product.
|
Component |
Version |
CVE or Reference |
CVSS |
Mitigation |
|---|---|---|---|---|
|
jQuery |
2.1.3 |
jQuery 2.2 and 1.12 Released (https://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/) |
7.9 |
The referenced component uglify.js is not used in this product’s development process. |
|
jQuery |
2.1.3 |
CVE-2015-9251 |
6.1 |
No cross-domain AJAX requests are made. |
|
jQuery |
2.1.3 |
CVE-2019-11358 |
6.1 |
Input is sanitized for all calls to the referenced ‘extend’ function. |
|
jQuery |
2.1.3 |
https://github.com/jquery/jquery/issues/2965 |
8.6 |
Input is sanitized for all calls to the referenced ‘parseHTML’ function. |
|
jQuery UI |
1.8.23 |
CVE-2016-7103 |
6.1 |
The referenced property ‘closeText’ is not used. |
|
jQuery UI |
1.8.23 |
CVE-2010-5312 |
4.3 |
The referenced “jQuery UI dialog” widget is not used. |
|
Knockout JS |
3.3.0 |
https://github.com/knockout/knockout/issues/1244 |
8.6 |
This product is not supported for use in Internet Explorer 7 (IE7). |
|
Knockout JS |
3.3.0 |
CVE-2019-14862 |
6.1 |
This product is not supported for use in Internet Explorer 7 (IE7). |
|
Bouncy Castle |
1.8.1 |
CVE-2020-15522 |
5.9 |
This vulnerability does not apply to PI Connectors because they do not use ECDSA Encryption. |