This document contains details about the Adobe Connect 11.4.6 release, including release dates, technical requirements, upgrades, improvements, and known issues.
Overview
Adobe Connect enables you to create rich digital training, webinars, and collaboration experiences. For an overview of Adobe Connect, see www.adobe.com/products/adobeconnect.html.
Adobe Connect 11.4.6 is a security release fixing various issues and is available as a patch.
Release dates
Adobe Connect 11.4.6 rolls out in the following phases:
On-premise deployments:
Will be available from Dec 20, 2022.
Managed services:
Contact your Adobe Connect Managed Services (ACMS) representative, or private cloud provider, to schedule an upgrade.
System requirements
For the latest system requirements, see the Adobe Connect Technical Specifications page.
Adobe Connect application
This update does not include a new version of the Adobe Connect application.
You will be prompted to install and run the new Adobe Connect application in the following situations:
- You attempt to login to a meeting using an older version of the Adobe Connect meeting application.
- You attempt to share your screen from a browser.
- You select “Switch to desktop application” from the meeting context menu.
If you are an administrator, ensure that end users have the latest Adobe Connect application. Download the latest stand-alone or MSI installers for the Adobe Connect application from this page, or install directly from the following URLs:
Upgrade paths for on-premise deployments
Here are the prerequisites for this release:
- From Adobe Connect 8.x, upgrade to Adobe Connect 9.x
- From Adobe Connect 9.x, upgrade to Adobe Connect 11.4 before applying this patch
- From Adobe Connect 10.x, upgrade to Adobe Connect 11.4 before applying this patch
Issues resolved
Issue Tracking Number |
Issue Description |
---|---|
4138437 |
Fixed reference to StringUtils in CoreDAL |
4138358 |
Added security config enhancements to block file access by extension |
4138294 |
Changed permission cache hinting to fix high SQL CPU utilization |
4138293 |
Allow MultipartHandler to use configurable size limit for file uploads |
4138224 |
Prevent MultipartHandler from allowing free use by unauthenticated users |
4138223 |
Fixed issue where failed upload left behind temp files |
4138208 |
Fixed issue with file upload authorization and explicit temp file deletion |
4137875 |
Fixed Pen Test vulnerability - XML Entity Expansion |
4137874 |
Fixed Pen Test vulnerability - Lack of Authorization Enforcement Allows for Authentication Brute Force Protection Bypass |
4137873 |
Upgraded Owasp Antisamy library |
4137839 |
Upgraded PuTTY to the latest version (0.77) |
4137837 |
Update Guava.jar to v31.1 |
4137836 |
Upgraded ESAPI to 2.5.0.0 |
4137834 |
Upgraded Tomcat to 9.0.68 |
4137833 |
Upgraded JDK security baseline to 1.8.0_351 |
4137832 |
Upgraded to gson-2.10 |
4137831 |
Upgraded commons-text from 1.9 to 1.10 |
4137830 |
Upgraded xmlsec from 3.0.0 to 3.0.1 |