09-19-2019 03:12 PM - edited 09-19-2019 03:28 PM
Hello all , my server works fine (volume license manager v 3.2)
I need to update Flexnet Publisher from 11.5 to 11.6. It is marked as a vulnerability and I need to mitigate this ASAP.
The only support article I found has old packages http://www.ni.com/tutorial/6032/en/
I tried to replace the old lmgrd.exe (11.5) with an 11.6 version I got from Matlab. It did not work
A candid question: I started working on this problem this week - is it National Instruments who has to provide the updates or LabView and Multisim, the software where I have subscriptions ?
Log starts
======================================
9:08:14 (lmgrd) FlexNet Licensing (v11.15.0.0 build 215548 i86_n3) started on <Licensing server> (IBM PC) (9/19/2019)
9:08:14 (lmgrd) Copyright (c) 1988-2017 Flexera Software LLC. All Rights Reserved.
9:08:14 (lmgrd) World Wide Web: http://www.flexerasoftware.com
9:08:14 (lmgrd) License file(s): C:\ProgramData\National Instruments\Volume License Manager\nivlm.lic
....
9:08:14 (lmgrd) Starting vendor daemons ...
9:08:14 (lmgrd) Started nilm (pid 5332)
9:08:14 (nilm) FlexNet Licensing version v11.15.0.0 build 215548 i86_n3
9:08:14 (nilm) SLOG: Summary LOG statistics is enabled.
09-30-2019 12:38 PM
Hi BenYuly,
I think I may not be understanding your question, and LabVIEW and Multisim are both owned by NI. However, National Instruments provides updates to our licensing deamon (nilm.exe), but not the license manager deamon (lmgrd.exe), which is created by Flexera Software. As I understand it, we currently do not have a new version of the licensing deamon that is compatible with version 11.6; 11.5 is the latest we are working with.
Can you give a bit more information about that vulnerability and where you're seeing that? That may be helpful information for our R&D teams.
10-18-2019 12:18 PM
Dear Claire,
Thanks for your response. The problem is, 11.5 has a security vulnerability that needs to be patched. We really need the NI daemon to be compatible with the latest version to be secure.
Is there an ETA for compatibility with the latest version?
Thanks!
10-21-2019 03:38 PM
Hi Ben Yuly,
As I understand, this is something that we are looking to address, but we do not have specific public timelines for a release at this time.
Best,
10-30-2019 01:18 PM
This is something that really needs to be escalated. It's causing us major headaches here at Penn State as our VLM is used University-wide. Our IT department has firewalled our VLM server from most of the university until this is fixed, causing a disruption in teaching.
Is there somebody within NI that we can appeal to who can accelerate this process?
10-30-2019 01:36 PM
Hi Joe,
I will escalate this to that team as I understand this is extremely frustrating and is causing disruptions. I know that this is something that we are working to fix, but that process just takes some time.
11-07-2019 01:02 PM
Any updates on the timeline for this?
02-12-2020 08:38 AM
VLM 3.2.2 patch (released November 2019) upgraded the Flexnet Publisher libraries to address CVE-2018-20033. Details: