CodeMeter 7.21aRelease Date: 2021-June-15
Operating Systems Windows, Linux, Mac OS X
Download Windows (48.21MB): Click HereInfoNotice of published security vulnerabilitiesFor CodeMeter the two security vulnerabilities CVE-2021-20093 and CVE-2021-20094 have been reported to us by a security service provider, which have been published on June 16th, 2021. A detailed overview of the vulnerabilities is available at
https://www.wibu.com/support/security-advisories.html. Due to the classification of the vulnerabilities Wibu-Systems strongly recommends an update to this version. Due to the backwards compatibility this is usually possible without problems, but should be discussed with the manufacturer of the software licensed with CodeMeter.
NewLicense Option Station ShareTo improve the compatibility eith regard to the license access StationShare of applications running in different technologies (Native / .NET / Java) or with different library versions on the same computer, CodeMeter License Server and CodeMeter libraries have been extended.
With Version 7.20, a different calculation of the so-called 'StationShareId' had to be made under Windows. This new, incompatible 'StationShareId' resulted in more than one license being required in mixed operation. With the new version, the libraries send both the new and the old 'StationShareId' to CodeMeter License Server. CodeMeter License Server can then assign applications with older library versions (e.g. applications encrypted with older CodeMeter Protection Suite Versions) to the current accesses (FB75407).
Features:FB75798: CodeMeter Libraries: CodeMeter libraries now send their version number to CodeMeter License Server. This makes it possible to react differently to certain versions of a CodeMeter library at server side in the future.
Bugfixes:FB76916: CodeMeter License Server: By sending tampered packets to CodeMeter License Server it was possible to cause a crash or to read data from the heap memory (CVE-2021-20093). See also Security Advisory WIBU-210423-01 at
https://www.wibu.com/de/support/security-advisories.html.
FB76917: CodeMeter License Server: By sending tampered packets via the CmWAN protocol, it was possible to cause a crash. This was only possible, if the CmWAN protocol, which is disabled by default, was enabled (CVE-2021-20094). See also Security Advisory WIBU-210423-02 at
https://www.wibu.com/de/support/security-advisories.html.
FB74327: CodeMeter License Server: The WibuCm library now checks the Authenticode signature of the CodeMeter.exe from "WIBU-SYSTEMS AG" at restart on Windows. If necessary CmAccess2 returns the error CMERROR_VERIFY_FAILED (308).