Release notes
- Last UpdatedOct 13, 2023
- 2 minute read
PI Connector for HART-IP
1.4.6.0
Overview
The 1.4.6.0 release of the PI Connector for HART-IP is a maintenance release that updates the AF Client Dependency to 2018 SP3 Patch 2.
Fixes and Enhancements
Fixes
There are no fixes with this release.
Enhancements
There are no enhancements with this release.
Known Issues
There are no known issues with this release.
System Requirements
Operating Systems
This release supports Windows 8.1 and Windows 10.
Server Platforms
This release supports Windows Server 2019, Windows Server 2016, Windows Server 2012 R2 and Windows Server 2012.
Distribution Kit Files
|
Product |
Software Version |
|---|---|
|
Microsoft .NET Framework 4.8 Setup |
4.8 |
|
Microsoft Visual C++ 2019 Redistributable (x86) |
14.21.27702.2 |
|
Microsoft Visual C++ 2019 Redistributable (x64) |
14.21.27702.2 |
|
PI AF Client 2018 SP3 Patch 2 |
2.10.8.440 |
|
PI Connector for HART-IP |
1.4.6.0 |
Installation and Upgrade
Installing PI Connector for HART-IP
Refer to the Install the connector section.
Uninstalling PI Connector for HART-IP
Refer to the Uninstall the connector section.
Security information and guidance
We are committed to releasing secure products. This section is intended to provide relevant security-related information to guide your installation or upgrade decision.
We proactively disclose aggregate information about the number and severity of security vulnerabilities addressed in each release. The tables below provide an overview of security issues addressed and their relative severity based on standard scoring.
No additional security vulnerabilities are applicable to this release.
Overview of New Vulnerabilities Found or Fixed
For this release of PI Connector for HART-IP, three high security vulnerabilities have been identified and fixed. The category of High (7.0 - 8.9) is based on the CVSS scoring system. These high-level security issues have been resolved in the PI Connector for HART-IP itself and PI AF Client 2018 SP3 Patch 2 sub-component which have been packaged in this release. To reduce exposure to these security issues, upgrade to the latest release.
Subcomponents of this release contain known vulnerabilities which are not exploitable in PI Connector for HART-IP.
This table lists the known vulnerabilities along with their mitigation in this product.
|
Component |
Version |
CVE or Reference |
CVSS |
Mitigation |
|---|---|---|---|---|
|
jQuery |
2.1.3 |
jQuery 2.2 and 1.12 Released (https://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/) |
7.9 |
The referenced component uglify.js is not used in this product’s development process. |
|
jQuery |
2.1.3 |
CVE-2015-9251 |
6.1 |
No cross-domain AJAX requests are made. |
|
jQuery |
2.1.3 |
CVE-2019-11358 |
6.1 |
Input is sanitized for all calls to the referenced ‘extend’ function. |
|
jQuery |
2.1.3 |
https://github.com/jquery/jquery/issues/2965 |
8.6 |
Input is sanitized for all calls to the referenced ‘parseHTML’ function. |
|
jQuery UI |
1.8.23 |
CVE-2016-7103 |
6.1 |
The referenced property ‘closeText’ is not used. |
|
jQuery UI |
1.8.23 |
CVE-2010-5312 |
4.3 |
The referenced “jQuery UI dialog” widget is not used. |
|
Knockout JS |
3.3.0 |
https://github.com/knockout/knockout/issues/1244 |
8.6 |
This product is not supported for use in Internet Explorer 7 (IE7). |
|
Knockout JS |
3.3.0 |
CVE-2019-14862 |
6.1 |
This product is not supported for use in Internet Explorer 7 (IE7). |
|
Bouncy Castle |
1.8.1 |
CVE-2020-15522 |
5.9 |
This vulnerability does not apply to PI Connectors because they do not use ECDSA Encryption. |