Release Notes: Ly.xx.

P817

READ THIS FIRST: Special notes and considerations

- Upgrade guidelines:
- This firmware release is intended for customers with current firmware versions
Ly.xx.P816 or older (releases where the 3 digits after “P” are equal to or less
than 816)
- If the current firmware on the device is Ly.xx.P818 or newer (releases where the
3 digits after “P” are equal to or greater than 818), do NOT update to this release.
- E46x models:
- If your device is an E46x model using firmware LR.LBH.P799 or older (numbers
lower than 799), an intermediate firmware update may be required.
- If the firmware update to LR.LBH.P817 fails, please contact the Technical
Support Center (TSC) to get the intermediate firmware, LR.LBH.P764.
- Other models:
- If the device firmware is not found on support.lexmark.com, contact TSC to
receive the firmware

Supported Models:

Model Firmware Version

Mono Single Function Devices

E46x Series LR.LBH.P817

T650, T652, T654 LR.JP.P817

W85x Series LP.JB.P817

Mono Multi Function Devices

X46x Series LR.BS.P817

X65x Series LR.MN.P817

X86x Series LP.SP.P817

Color Single Function Devices

C73x Series LR.SK.P817

 Color Multi Function Devices

X73x Series LR.FL.P817

CUSTOMER RELEASE NOTES:

Base firmware EC6.3, Ly.xx.P817, for the following devices (changes since EC6.2,
Ly.xx.P631g)

New features:
- Changes in Ly.xx.P631j/k
− Added support for SMBv2 and SMBv3
- Please see KB article # FA1227 for the instructions on how to enable
SMBv3
− Added support for TLSv1.1 and TLSv1.2
− Updated openSSL to version 1.0.2j

Security Issues Addressed:

- Changes in Ly.xx.P817
− SNMP Denial of Service Vulnerability - CVE-2019-9931
− Lexmark Overflow Vulnerabilities
− CVE-2019-9930
− CVE-2019-9932
− CVE-2019-9933
− Account Lockout - CVE-2019-10058
− Information Disclosure via finger service - CVE-2019-10059
− Shortcut Integrity vulnerability - CVE-2019-6489
− Directory Traversal Vulnerability - CVE-2018-18894
− Lexmark Buffer Overflow Vulnerability - CVE-2018-15519
- Changes in Ly.xx.P631j/k
− Orpheus' Lyre Vulnerability – CVE-2017-11103
− Logjam Vulnerability in Diffie-Hellman Key Exchange – CVE-2015-4000
− FREAK: Factoring Attack on RSA-Export Vulnerability – CVE-2015-0204
− GHOST Glibc Buffer Overflow Vulnerability – CVE-2015-0235
− POODLE Vulnerability – CVE-2014-3566
− Multiple OpenSSL Vulnerabilities
− CVE-2014-0224
− CVE-2014-0198
− CVE-2010-5298
− CVE-2014-3470
 − CVE-2014-0076

Field Issues Addressed and Other Improvements:

- Changes in Ly.xx.P817
− Fix for a crash that occurs when attempting to access print release on certain
devices running Ly.xx.P631j/k or Ly.xx.P8zz firmware
- Changes in Ly.xx.P631k
− Fix for an issue where the printer becomes stuck in a Busy state and cannot flash
firmware after printing IPDS duplex jobs