Lexmark EC6.0 release notes (April 2022)

Security Issues Addressed
CVE-2021-44734 Embedded web server input sanitization vulnerability
CVE-2021-44737 PJL directory traversal vulnerability
CVE-2021-44738 Postscript buffer overflow
CVE-2021-23840 Open SSL vulnerability
CVE-2020-13481 Cross site request forgery vulnerability
CVE-2020-10094 Stored cross site scripting vulnerability
CVE-2019-1559 TLS protocol vulnerability
Cross site scripting vulnerabilities:
CVE-2019-19773
CVE-2019-19772
CVE-2019-18791 Stored cross site scripting vulnerability
CVE-2019-10058 Account Lockout
CVE-2019-10059 Information disclosure via finger service
Lexmark overflow vulnerabilities:
CVE-2019-9930
CVE-2019-9932
CVE-2019-9933
CVE-2019-9931 SNMP denial of service vulnerability
CVE-2019-6489 Shortcut integrity vulnerability
CVE-2018-18894 Directory Traversal vulnerability
CVE-2018-15519 Buffer overflow vulnerability
KRACK vulnerabilities:
CVE-2017-13077
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13082
CVE-2017-13084
CVE-2017-13086
CVE-2017-13087
CVE-2017-13088
Updated Java certificates for Remote Operator Panel and Scan Profiles applets
Enhanced security for failed login attempts
Field Issues Addressed and Other Improvements
Fix for an issue where the printer won’t go into sleep mode while using Card Authentication
Resolve an issue with intermittent blank white screen appearing on the operator panel
Fix for the device operator panel becoming intermittently stuck/non-responsive
Added support for “Always use default SMTP reply address” setting
Expanded support for LDAP+GSSAPI connection with certain DNS servers
Fix for PDF/A-1b scan conformance
Enhance capability to enroll in Lexmark Cloud Services
Resolve an issue where a card reader intermittently fails to respond
Improvements to SMB communication with servers that reject unencrypted access when SMBv3 is enabled
Fix for a 976:0 Service Network Software error
Enhanced support for HTTPS fax
Resolved multiple causes of 900.00 error messages
Multiple translations improvements
Fixes for various incorrect output when printing (missing characters, missing images, alignment issues, incorrect font, etc)
Resolved multiple causes of 900.43 error messages caused by printing

New Features
Added support for SMBv2 and SMBv3
See KB Article FA1227 for the instructions on how to enable SMBv3
Added support for TLSv1.1 and TLSv1.2
Security Issues Addressed
CVE-2014-3566 POODLE SSLv3 vulnerability
CVE-2015-0235 GHOST glibc vulnerability
CVE-2015-0204 FREAK OpenSSL vulnerability
CVE-2015-4000 Logjam OpenSSL vulnerability
CVE-2016-2183 Sweet32 DES/triple DES cipher vulnerability
CVE-2017-11103 Orpheus' Lyre Heimdal Kerberos vulnerability
Updated MFP Pre‑installed Apps
Scan to Network version 4.5.14
Forms and Favorites version 4.2.0
Remote Operator Panel version 3.3.2
WS-Scan version 3.3.2
USB My MFP version 3.3.2
Updated SFP Pre‑installed Apps
Background and Idle Screen 3.11.0
Forms and Favorites version 3.2.0
Remote Operator Panel version 3.3.2
Eco-Setting 3.0.11
Showroom 2.5.1
Field Issues Addressed and Other Improvements
Added DLE support for EC6.0
Translations changes
Updated java certificates for Remote Operator Panel and Scan Profile applets
Change Auto Continue default value from 0 (disabled) to 5 seconds
Fix various print output issues
Fix various 900.xx Firmware Errors from PCL5/PCL‑XL/PS/PDF print jobs