A new SCS hotfix has been released to address an OpenSSL vulnerability and to resolve a few bugs. Changes have been made to the SCS Source Kit as well as SCS Lite.
The OpenSSL version used by the Intel SCS, Intel SCS Lite and the Activator utility has been updated to resolve a vulnerability that existed in OpenSSL versions from 0.9.8f to 0.9.8m. (Record of Death vulnerability: In TLS connections, certain incorrectly formatted records can cause an OpenSSL client or server to crash due to a read attempt at NULL.)
Bugs fixed:
Reconfiguration failure using a Wifi profile with a passphrase if a Wifi profile with the same name and priority exists in the Intel AMT device (SCS and SCS Lite)
Configuring an Intel AMT system with only the host name in the subject (or as the first Common Name),resulted in not being able toconnect to the system using the WebUI interface. The browser displays an error that the certificate name does not match the server name.
