13828 Rate this article:

IDL & ENVI License Server Security Patch


NV5 (formerly Harris Geospatial Solutions) was recently made aware of a security vulnerability in the Flexera FlexNet Publisher technology that is utilized for license management of the IDL & ENVI software products. This security vulnerability applies to all current and older versions of our software and applies to scenarios where a license server is utilized which includes network floating (FL) type licenses and some node-locked (SN) type licenses that use a license manager.
The security vulnerability is limited to computers running a license manager server and should not be an issue when the license server components are only exposed on a trusted network. Nevertheless, we recognize the severity of this issue and are committed to making sure our customers can use the IDL & ENVI software in secure fashion. Consequently, to address this vulnerability Harris has acquired the latest  FlexNet Publisher (v11.13.1.3) then built new lmgrd and vendor daemon components that are being released as a security patch for the license manager. Harris recommends that all customers using a license manager for IDL & ENVI products update their license server installations.

Please note that we are also working diligently on our upcoming IDL 9.0 and ENVI 6.0 software versions for release later this year which will include these license manager component updates in an off-the-shelf / out-of-the-box fashion. We greatly appreciate your business and patience while we produced a software patch to resolve this security vulnerability. If you have questions or need assistance related to this security patch please contact our Technical Support team.