Serena was notified by Flexera that it resolved two security vulnerabilities in FlexNet publisher (CVE-2015-8277), which is the code-base that the Serena License Manager is built upon.

 

To give our customers access to this fix, Serena released a HotFix for SLM 2.2.0 that can be download from KB article P2761.

 

Although the vulnerability is said to exist in all releases of FlexNet Publisher, and therefore all releases of SLM, a fix is only available for the latest code base, which is why Serena can only provide a solution for SLM 2.2.0. Users of older SLM releases should first upgrade to SLM 2.2.0 if they want to deploy the fixes in SLM 2.2.0.1.