This software contains fixes for many security vulnerabilities.
Note: Bulletin XRX16-002 is for media-based installation by a Xerox Service representative, bulletin XRX16-003 is for using Update Manager by customers internal IM staff or a Xerox Service representative.
This software contains fixes for many security vulnerabilities.
Note: Bulletin XRX16-002 is for media-based installation by a Xerox Service representative, bulletin XRX16-003 is for using Update Manager by customers internal IM staff or a Xerox Service representative.
The System Software Version and software patch listed below for the WorkCentre 7535/7556 contain cumulative updates that incorporate security vulnerability fixes up through 05 June 2015 as well as other non-security related defect fixes. This system software release with the software patch are Common Criteria certified.
This software contains fix for VxWorks TCP Sequence vulnerability on WorkCentre 3315.
This software contains fix for Logjam, Freak and VxWorks TCP Sequence vulnerabilities on WorkCentre 3325. Also adds FIPS compatible SNMPv3.
This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on Phaser 4600 and 4620.
This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on Phaser 4622. Also adds FIPS compatible SNMPv3.
This software contains fix for Poodle vulnerability on Xerox Color C60 and C70.
This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on Phaser 3635MFp.
V1.1
Xerox® Phaser® 6600 / WorkCentre® 6605
The System Software Version listed below for the WorkCentre 7970 is Common Criteria certified.
This software contains fix for OpenSSL MiTM (Man in the Middle) Vulnerability (CVE-2014-0224), upgrades to SSL options, and added Cross Frame Scripting protection.
This software contains fix for Logjam and VxWorks TCP Sequence vulnerabilities on WorkCentre 4260 and 4265.
WorkCenter 4265 release also contains fix for Freak vulnerability.
This software contains fix for Logjam vulnerability for ConnectKey products.
This software contains fix for Poodle and Logjam vulnerabilities on WorkCentre 4250.
This software contains fix for Poodle vulnerability on Phaser 6500 and WorkCentre 6505.
This software contains fix for Freak vulnerability on WorkCentre 6400.
This software release fixes many minor security issues on ColorQube 8570/8870 including Poodle, OpenSSL MitM and Heartbleed.
This software release contains fix for Freak and Ghost vulnerabilities on WorkCentre 77xx products.
Software upgrade patch for Free Flow Print Server fixes numerous security CVEs. Java 6 Update 101 Software is included in this release.
This covers Update Manager delivery of the patch.
Software upgrade patch for Free Flow Print Server fixes numerous security CVEs. Java 6 Update 101 Software is included in this release.
This covers media delivery of the patch.
This software release contains fix for Poodle vulnerability on Phaser 6020 and 6022 and WorkCentre 6025 and 6027.
This software release contains fix for Poodle and Freak vulnerabilities on Phaser 3052/3260 and 3020 and WorkCentre 3215/3225 and 3025BI and3025NI.
This software release contains fix for Poodle vulnerability on Phaser 3610 and WorkCentre 3615.
This bulletin and the software upgrade for the Phaser 3635MFP, fix the OpenSSL Poodle and Freak vulnerabilities.
Includes fix for Poodle and the FREAK OpenSSL vulnerabilities.
Includes fix for Poodle vulnerability.
Includes fixes for Freak and Poodle vulnerabilities.
Includes fix for OpenSSL MitM (Man in the Middle) vulnerability.
Includes fixes for Freak and Poodle vulnerabilities.
NOTE: Correction has been made in naming convention. Technical contents has not changed nor the software. Use this version instead of XRX15AE_V1.0
This includes fix for POODLE vulnerability.
Includes fixes for Freak, OpenSSL MiTM, Ghost and Poodle vulnerabilities.
Updated to clarify model designation.
NOTE: This document has had a new version created to remove an error in the vulnerabilities the software update corrects.
This software update does not correct the FREAK/LogJam vulnerabilities.
Cumulative update for Common Criteria Certification
v1.0
06/11/15
Background
The System Software Version for the WorkCentre 4265 contains cumulative updates that incorporate security vulnerability fixes up through 30 September 2014 as well as other non-security related defect fixes. This release is Common Criteria certified.
The system software release for the product listed below is designed to be installed by the customer. Please follow the procedures contained in the bulletin to install the solution. The system software version is a full system release so the patch criticality rating is not applicable.
Cumulative update for Common Criteria Certification
v1.0
06/09/15
NOTE: This file was updated to correct a software version.
Background
The System Software Versions for the WorkCentre 3655 and WorkCentre 6655 are cumulative updates that incorporate security vulnerability fixes up through 28 January 2015 as well as other non-security related defect fixes. These releases are Common Criteria certified.
The system software releases for the products listed below are designed to be installed by the customer. Please follow the procedures contained in the bulletin to install the solution. The system software versions are full system releases so the patch criticality rating is not applicable.
These software releases are compressed into zip files and can be accessed via the links below or via the links on the Xerox Security Site.
Cumulative update for Common Criteria Certification
v1.0
06/08/15
Background
The System Software Version in this bulletin for the WorkCentre 5945/5955 contains cumulative updates that incorporate security vulnerability fixes up through 01 December 2014 as well as other non-security related defect fixes. This release is Common Criteria certified (see https://www.xerox.com/information-security/common-criteria-certified/enus.html).
The system software release for the product is designed to be installed by the customer. Please follow the procedures contained in the bulletin to install the solution. The system software version is a full system release so the patch criticality rating is not applicable.
NOTE: This document and software applies to the WorkCentre 5632/5638 and WorkCentre 5135/5150.