~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Service Pack 6 for ThinPro 8.1 6.2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1. Service Pack 6 for ThinPro 8.1 ============================================================================ HP announces the service pack 'Service Pack 6 for ThinPro 8.1'. 2. Support Matrix ============================================================================ Package Platform Image ---------------------------------------------------------------------------- ThinPro8.1_SP-6.2-signed.xar PC 8.1 ThinPro8.1_SP-6.2-signed.xar mt21 8.1 ThinPro8.1_SP-6.2-signed.xar mt22 8.1 ThinPro8.1_SP-6.2-signed.xar mt32 8.1 ThinPro8.1_SP-6.2-signed.xar mt440 8.1 ThinPro8.1_SP-6.2-signed.xar mt45 8.1 ThinPro8.1_SP-6.2-signed.xar mt46 8.1 ThinPro8.1_SP-6.2-signed.xar mt645 8.1 ThinPro8.1_SP-6.2-signed.xar mt645g8 8.1 ThinPro8.1_SP-6.2-signed.xar t430 8.1 ThinPro8.1_SP-6.2-signed.xar t530 8.1 ThinPro8.1_SP-6.2-signed.xar t540 8.1 ThinPro8.1_SP-6.2-signed.xar t550 8.1 ThinPro8.1_SP-6.2-signed.xar t630 8.1 ThinPro8.1_SP-6.2-signed.xar t640 8.1 ThinPro8.1_SP-6.2-signed.xar t655 8.1 ThinPro8.1_SP-6.2-signed.xar t660 8.1 ThinPro8.1_SP-6.2-signed.xar t730 8.1 ThinPro8.1_SP-6.2-signed.xar t740 8.1 ThinPro8.1_SP-6.2-signed.xar t755 8.1 3. What's New ============================================================================ SP6 (v6.2) - Added support for LAN/WLAN auto-switching on the mt645 platform - Fixed black screen issues when connecting or disconnecting multiple monitors on t660 and t755 systems after sleep or resume - Resolved issues with monitor layout auto-resetting and cursor limitations when closing or opening lids on mt645 and mt440 devices - Fixed black screen issues when reconnecting a Z32K G3 monitor via USB-C - Addressed an issue where the laptop screen auto-enabled after resuming from sleep with an external monitor - Resolved an issue preventing partial registry profile imports - Fixed registry-related issues causing input and output volume inconsistencies with Bluetooth headsets - Fixed delays in identifying Wi-Fi cards after reboot or power-on - Resolved hostname auto-change issues after applying component updates - Fixed Wake-on-LAN functionality after enabling LAN Dash - Resolved conflicts with ASPM features to improve hardware compatibility - Addressed synchronization issues with the rtw89_8852be firmware - Fixed intermittent failures during ThinState FTP image restoration on devices with limited RAM - Resolved ThinState USB restore failures - Improved imaging processes, fixing issues that blocked ThinState image capture during sequential service package updates - AMD Microcode :: CVE-2023-31315 - CUPS :: CVE-2024-47175 - cups-filters :: CVE-2024-47176, CVE-2024-47076 - curl :: CVE-2024-11053, CVE-2024-9681 - Expat :: CVE-2024-50602 - GD Graphics Library :: CVE-2021-40812 - Ghostscript :: CVE-2024-46955, CVE-2024-46952, CVE-2024-46951, CVE-2024-46954, CVE-2024-46953, CVE-2024-46956 - GLib :: CVE-2024-52533 - GStreamer :: CVE-2024-47606 - GStreamer Base Plugins :: CVE-2024-47615, CVE-2024-47835, CVE-2024-47607, CVE-2024-47542, CVE-2024-47600, CVE-2024-47541, CVE-2024-47538 - GStreamer Good Plugins :: CVE-2024-47545, CVE-2024-47537, CVE-2024-47543, CVE-2024-47834, CVE-2024-47599, CVE-2024-47602, CVE-2024-47596, CVE-2024-47597, CVE-2024-47598, CVE-2024-47778, CVE-2024-47603, CVE-2024-47601, CVE-2024-47544, CVE-2024-47774, CVE-2024-47776, CVE-2024-47775, CVE-2024-47613, CVE-2024-47606, CVE-2024-47539, CVE-2024-47540, CVE-2024-47546, CVE-2024-47777 - libarchive :: CVE-2024-20696, CVE-2024-48958, CVE-2024-48957, CVE-2022-36227 - libsoup :: CVE-2024-52532, CVE-2024-52530, CVE-2024-52531 - Linux kernel :: CVE-2024-47737, CVE-2024-38538, CVE-2024-49946, CVE-2024-50191, CVE-2024-49882, CVE-2024-41016, CVE-2024-49896, CVE-2024-49958, CVE-2024-47674, CVE-2024-49875, CVE-2024-47710, CVE-2024-27072, CVE-2024-49997, CVE-2024-47695, CVE-2024-47747, CVE-2024-47739, CVE-2024-50062, CVE-2024-50179, CVE-2024-49895, CVE-2024-49892, CVE-2024-42079, CVE-2024-50095, CVE-2024-39463, CVE-2024-47735, CVE-2024-47671, CVE-2024-50019, CVE-2024-38544, CVE-2024-50189, CVE-2024-47748, CVE-2024-49902, CVE-2024-50045, CVE-2024-49983, CVE-2024-46852, CVE-2024-49955, CVE-2024-47718, CVE-2024-50001, CVE-2024-49927, CVE-2024-50013, CVE-2024-49900, CVE-2024-35904, CVE-2024-49883, CVE-2024-49924, CVE-2024-49851, CVE-2024-47699, CVE-2024-50093, CVE-2024-49959, CVE-2024-44940, CVE-2024-47693, CVE-2024-42158, CVE-2024-47757, CVE-2024-47684, CVE-2024-47705, CVE-2024-50059, CVE-2024-47720, CVE-2024-49884, CVE-2024-50038, CVE-2024-36893, CVE-2024-49936, CVE-2024-49948, CVE-2024-49866, CVE-2024-49975, CVE-2024-49995, CVE-2024-47701, CVE-2024-50181, CVE-2024-50006, CVE-2024-49933, CVE-2024-50031, CVE-2024-49907, CVE-2024-47713, CVE-2024-44931, CVE-2024-50000, CVE-2024-49985, CVE-2024-49944, CVE-2024-49952, CVE-2023-52917, CVE-2024-50024, CVE-2024-50033, CVE-2024-47692, CVE-2024-46695, CVE-2024-46865, CVE-2024-49860, CVE-2024-46853, CVE-2024-50046, CVE-2024-46855, CVE-2024-49962, CVE-2024-36968, CVE-2024-49949, CVE-2024-50015, CVE-2024-50040, CVE-2024-49858, CVE-2024-46859, CVE-2024-50180, CVE-2024-47698, CVE-2024-35951, CVE-2024-50039, CVE-2024-50007, CVE-2024-49967, CVE-2024-47740, CVE-2024-49878, CVE-2024-49877, CVE-2024-49969, CVE-2024-49852, CVE-2024-49966, CVE-2024-46854, CVE-2023-52639, CVE-2024-49913, CVE-2024-47670, CVE-2024-47706, CVE-2024-49938, CVE-2024-46849, CVE-2024-49889, CVE-2023-52904, CVE-2024-49886, CVE-2024-47712, CVE-2024-49879, CVE-2024-49935, CVE-2024-38667, CVE-2024-47690, CVE-2024-47742, CVE-2024-50044, CVE-2024-49903, CVE-2024-49856, CVE-2023-52621, CVE-2024-49871, CVE-2024-42156, CVE-2024-47673, CVE-2024-49981, CVE-2024-50035, CVE-2024-49867, CVE-2024-47734, CVE-2024-26947, CVE-2024-47723, CVE-2024-44942, CVE-2024-49963, CVE-2024-50049, CVE-2024-49957, CVE-2024-46858, CVE-2024-47672, CVE-2024-50186, CVE-2024-38545, CVE-2024-50008, CVE-2024-49977, CVE-2024-49894, CVE-2024-50184, CVE-2024-49863, CVE-2024-47685, CVE-2024-49868, CVE-2024-50041, CVE-2024-49973, CVE-2024-49954, CVE-2024-47709, CVE-2024-50003, CVE-2024-50002, CVE-2023-52532, CVE-2024-49890, CVE-2024-50096, CVE-2024-49982, CVE-2024-47696, CVE-2024-47679, CVE-2024-47697, CVE-2024-47756, CVE-2024-38632, CVE-2024-49930, CVE-2024-49881, CVE-2024-50188, CVE-2024-49965, CVE-2024-47749 - mpg123 :: CVE-2024-10573 - OpenJPEG :: CVE-2022-1122, CVE-2021-3575, CVE-2021-29338 - Python :: CVE-2024-9287 - Vim :: CVE-2024-47814, CVE-2024-43802 - WebKitGTK :: CVE-2024-44244, CVE-2024-40866, CVE-2024-44296, CVE-2024-44187 - X.Org X Server :: CVE-2024-9632 - ZBar :: CVE-2023-40890, CVE-2023-40889 4. Documentation Set ============================================================================ There is no additional documentation associated with this softpaq. 5. Installation ============================================================================ 5.1 Installing update for ThinPro To install this addon: 1. Use the installer to deploy files to the server. 2. Copy the add-on from the appropriate directory to the "/tmp" directory. 3. On the device, run the command as follows: "xarinstall /tmp/ThinPro8.1_SP-6.2-signed.xar" 4. Reboot the affected devices. Tip: This section describes the manual process of installing packages. To perform the recommended update method, use "Easy Update" in the ThinPro Control Panel. For detailed information see the "HP ThinPro Administrator's Guide". 6. Known Issues ============================================================================ There are no known issues. 7. Additional Notes ============================================================================ There are no additional notes. 8. Release History ============================================================================ 2025-01-08 Package version 6.2 - First official installer release SP5 (v5.3) - Enabled hardware support for t660 in ThinPro - Added support for Imprivata ProveID Embedded agent (OneSign 23.2) - Fixed multiple display and monitor issues, including black screens and delayed responses when connecting or disconnecting monitors and docks - Fixed system update and boot errors across various models - Fixed network connectivity issues with LAN recognition, fiber network connections, and docks - Fixed audio control and synchronization issues with Bluetooth and USB headsets - Fixed sleep and wake problems, including inability to resume from sleep with Bluetooth keyboards - Fixed issues preventing systems from booting when Secure Boot is enabled - Fixed inability to unlock SIM card from the login screen - Fixed extended reboot times when connecting multiple monitors - Fixed deployment issues of large images to devices with limited storage - Enabled shortcuts in the Imprivata interface even when disabled in the registry - Resolved various other bugs for enhanced system stability and performance - AppArmor :: CVE-2016-1585 - APR :: CVE-2023-49582 - Expat :: CVE-2024-45492, CVE-2024-45491, CVE-2024-45490 - FFmpeg :: CVE-2024-32230 - Flatpak and Bubblewrap :: CVE-2024-42472 - LibTIFF :: CVE-2024-7006 - Linux kernel :: CVE-2024-26598, CVE-2024-26592, CVE-2024-26582, CVE-2023-52469, CVE-2023-52468, CVE-2023-52464, CVE-2023-52457, CVE-2023-52455, CVE-2023-52452, CVE-2023-52451, CVE-2023-52446, CVE-2023-52445, CVE-2023-52444, CVE-2024-21823, CVE-2023-6536, CVE-2023-6535, CVE-2023-6356, CVE-2024-26594, CVE-2024-26586, CVE-2023-52447, CVE-2024-26595, CVE-2024-26584, CVE-2024-23849, CVE-2023-52473, CVE-2023-52472, CVE-2023-52470, CVE-2023-52467, CVE-2023-52465, CVE-2023-52463, CVE-2023-52462, CVE-2023-52458, CVE-2023-52456, CVE-2023-52454, CVE-2023-52450, CVE-2023-52449, CVE-2023-52448, CVE-2023-52443, CVE-2024-24860, CVE-2024-26585, CVE-2024-26583, CVE-2023-52623, CVE-2024-26634, CVE-2023-52614, CVE-2024-26646, CVE-2023-52608, CVE-2023-52696, CVE-2024-26610, CVE-2024-26616, CVE-2024-35839, CVE-2023-52698, CVE-2024-35840, CVE-2023-52593, CVE-2023-52591, CVE-2024-26632, CVE-2023-52597, CVE-2023-52686, CVE-2023-52690, CVE-2024-26627, CVE-2023-52682, CVE-2023-52486, CVE-2023-52627, CVE-2023-52617, CVE-2023-52610, CVE-2023-52618, CVE-2023-52675, CVE-2023-52599, CVE-2023-52669, CVE-2023-52667, CVE-2024-26631, CVE-2024-26673, CVE-2023-52676, CVE-2023-52687, CVE-2024-26607, CVE-2024-26645, CVE-2023-52587, CVE-2024-26620, CVE-2024-35838, CVE-2024-35835, CVE-2024-26625, CVE-2023-52681, CVE-2023-52606, CVE-2024-26608, CVE-2023-52680, CVE-2023-52694, CVE-2023-52678, CVE-2023-52495, CVE-2023-52626, CVE-2023-52611, CVE-2023-52692, CVE-2024-26615, CVE-2024-26636, CVE-2024-26641, CVE-2024-26647, CVE-2023-52584, CVE-2024-26668, CVE-2024-35841, CVE-2024-26644, CVE-2024-26633, CVE-2023-52487, CVE-2023-52494, CVE-2024-26623, CVE-2023-52489, CVE-2023-52594, CVE-2023-52693, CVE-2023-52691, CVE-2023-52677, CVE-2023-52491, CVE-2024-26612, CVE-2023-52679, CVE-2023-52672, CVE-2023-52588, CVE-2023-52621, CVE-2024-26618, CVE-2023-52598, CVE-2023-52619, CVE-2023-52633, CVE-2023-52683, CVE-2023-52622, CVE-2023-52607, CVE-2024-26671, CVE-2023-52616, CVE-2023-52493, CVE-2023-52498, CVE-2023-52488, CVE-2023-52635, CVE-2023-52497, CVE-2024-26670, CVE-2023-52453, CVE-2024-26638, CVE-2024-35842, CVE-2023-52697, CVE-2024-26649, CVE-2023-52664, CVE-2023-52589, CVE-2024-26640, CVE-2023-52583, CVE-2023-52674, CVE-2023-52632, CVE-2023-52595, CVE-2023-52612, CVE-2024-26669, CVE-2023-52609, CVE-2024-26808, CVE-2024-26629, CVE-2024-35837, CVE-2023-52490, CVE-2023-52492, CVE-2023-52670 - OpenJPEG :: CVE-2023-39327 - OpenSSL :: CVE-2024-6119 - Python :: CVE-2024-7592, CVE-2024-6232, CVE-2023-27043 ,CVE-2024-8088, CVE-2024-6923 - Setuptools :: CVE-2024-6345 - WebKitGTK :: CVE-2024-40789, CVE-2024-40780, CVE-2024-40779, CVE-2024-40776, CVE-2024-40782 ,CVE-2024-4558 SP4 (v4.3) - Fixed multiple WWAN connection and security issues - Fixed issues where multiple monitors did not display correctly - Fixed issue with touch screen rotation - Fixed multiple errors logged when plugging in USB4 dock - Fixed HP Virtual Keyboard unable to open in login UI if it was open while the thin client went to sleep - Fixed mobile thin client issue where mute LED was always lit - Fixed mobile thin client wakes up from sleep occasionally when connected to USB-C dock - Fixed saving and loading configurations with ThinState on USB storage with two partitions - Fixed WiFi icon displayed in system tray on thin clients that are not configured with WiFi - Fixed hostname will not change when assigned DHCP server - Bind :: CVE-2024-1975, CVE-2024-0760, CVE-2024-4076, CVE-2024-1737 - BlueZ :: CVE-2023-27349, CVE-2022-3563 - BusyBox :: CVE-2022-48174, CVE-2023-42364, CVE-2023-42363, CVE-2023-42365 - curl :: CVE-2024-7264 - FFmpeg :: CVE-2024-31582, CVE-2024-31578, CVE-2023-51796, CVE-2023-50010, CVE-2023-49528, CVE-2024-31585, CVE-2023-51793, CVE-2023-50009, CVE-2023-51798, CVE -2023-50008, CVE-2023-49501, CVE-2023-51795, CVE-2023-51794, CVE-2023-49502, CVE-2023-50007 - GDK-PixBuf :: CVE-2022-48622 - Ghostscript :: CVE-2024-29509, CVE-2024-29506, CVE-2024-29508, CVE-2023-52722, CVE-2024-33869, CVE-2024-29510, CVE-2024-29511, CVE-2024-33870, CVE-2024-29507 , CVE-2024-33871 - GIFLIB :: CVE-2021-40633, CVE-2022-28506, CVE-2023-39742 - GNU C Library :: CVE-2024-33601, CVE-2024-33600, CVE-2024-33599, CVE-2024-33602 - GStreamer Base Plugins :: CVE-2024-4453 - GTK :: CVE-2024-6655 - Kerberos :: CVE-2024-37371, CVE-2024-37370 - libarchive :: CVE-2024-26256 - libndp :: CVE-2024-5564 - LibTIFF :: CVE-2023-3164 - libvpx :: CVE-2024-5197 - Linux kernel :: CVE-2024-26593, CVE-2024-0841, CVE-2024-26934, CVE-2024-27018, CVE-2024-26898, CVE-2024-26929, CVE-2024-23307, CVE-2023-6270, CVE-2024-27020, CVE-2024-27015, CVE-2022-38096, CVE-2024-27013, CVE-2024-35982, CVE-2024-25739, CVE-2024-26603, CVE-2024-36008, CVE-2024-35997, CVE-2024-35978, CVE-2024-26600, CVE-2024-26602, CVE-2024-27016, CVE-2024-26606, CVE-2024-35990, CVE-2024-26601, CVE-2024-1151, CVE-2024-35984, CVE-2024-26910, CVE-2023-52645, CVE-2024-24861, CVE-2024-27019, CVE-2024-24859, CVE-2024-24858, CVE-2024-24857, CVE-2024-26817, CVE-2024-26813, CVE-2024-26999, CVE-2023-52880, CVE-2024-35807, CVE-2024-35907, CVE-2024-35940, CVE-2024-35854, CVE-2024-35969, CVE-2024-26629, CVE-2024-27395, CVE-2024-35817, CVE-2024-35935, CVE-2024-36029, CVE-2024-26748, CVE-2024-35872, CVE-2024-35944, CVE-2024-27001, CVE-2024-27396, CVE-2024-26890, CVE-2024-35855, CVE-2024-35922, CVE-2024-26825, CVE-2024-35821, CVE-2024-26973, CVE-2024-26687, CVE-2024-35871, CVE-2024-26719, CVE-2024-35825, CVE-2024-26685, CVE-2024-26676, CVE-2024-26790, CVE-2024-26923, CVE-2024-26917, CVE-2024-35905, CVE-2024-26920, CVE-2024-35805, CVE-2024-26663, CVE-2024-26976, CVE-2024-26708, CVE-2024-35847, CVE-2024-26681, CVE-2024-26661, CVE-2024-26828, CVE-2024-26993, CVE-2024-35915, CVE-2024-26994, CVE-2024-26694, CVE-2024-35912, CVE-2024-26674, CVE-2024-27393, CVE-2024-26812, CVE-2024-26664, CVE-2024-35877, CVE-2024-35910, CVE-2024-26803, CVE-2024-35886, CVE-2024-26722, CVE-2024-26698, CVE-2024-26723, CVE-2024-36020, CVE-2024-26984, CVE-2024-26981, CVE-2023-52638, CVE-2024-26659, CVE-2024-26798, CVE-2024-26814, CVE-2024-26829, CVE-2024-35890, CVE-2024-26831, CVE-2024-35973, CVE-2024-26935, CVE-2024-35925, CVE-2024-35813, CVE-2024-26965, CVE-2024-26684, CVE-2024-26958, CVE-2024-26665, CVE-2024-26733, CVE-2024-26955, CVE-2024-27004, CVE-2024-35791, CVE-2024-26716, CVE-2024-35934, CVE-2024-35888, CVE-2024-26916, CVE-2024-35930, CVE-2024-35822, CVE-2024-26680, CVE-2024-35976, CVE-2024-26691, CVE-2024-26667, CVE-2024-26818, CVE-2024-26820, CVE-2024-35823, CVE-2024-27437, CVE-2024-26688, CVE-2024-35884, CVE-2024-35970, CVE-2024-26792, CVE-2024-26826, CVE-2024-26782, CVE-2024-26707, CVE-2024-35833, CVE-2024-35896, CVE-2024-26977, CVE-2024-35851, CVE-2024-26919, CVE-2024-26926, CVE-2024-26838, CVE-2024-35796, CVE-2024-35960, CVE-2024-26970, CVE-2024-26989, CVE-2024-26988, CVE-2024-26642, CVE-2024-26810, CVE-2024-26830, CVE-2024-35989, CVE-2024-26822, CVE-2024-35785, CVE-2024-26960, CVE-2024-35809, CVE-2024-26677, CVE-2024-35938, CVE-2024-27059, CVE-2024-26957, CVE-2024-26697, CVE-2024-36005, CVE-2024-35789, CVE-2024-27416, CVE-2024-26956, CVE-2024-35902, CVE-2024-36004, CVE-2024-36025, CVE-2024-35849, CVE-2024-26715, CVE-2024-26654, CVE-2024-26718, CVE-2024-35897, CVE-2024-27008, CVE-2023-52488, CVE-2024-35900, CVE-2024-35958, CVE-2024-26689, CVE-2023-52642, CVE-2024-26660, CVE-2024-26802, CVE-2024-35988, CVE-2024-36006, CVE-2024-26969, CVE-2024-26693, CVE-2024-26922, CVE-2023-52643, CVE-2024-26679, CVE-2024-26696, CVE-2024-26950, CVE-2024-35853, CVE-2024-26712, CVE-2024-35879, CVE-2024-27009, CVE-2024-26734, CVE-2024-26666, CVE-2023-52631, CVE-2024-26714, CVE-2024-26811, CVE-2024-26711, CVE-2024-26966, CVE-2024-26996, CVE-2024-27000, CVE-2024-26726, CVE-2024-35806, CVE-2024-35885, CVE-2024-26736, CVE-2024-26964, CVE-2024-26720, CVE-2024-26735, CVE-2024-26703, CVE-2024-26662, CVE-2024-36007, CVE-2024-26675, CVE-2024-35898, CVE-2024-35936, CVE-2024-35955, CVE-2024-26789, CVE-2024-26931, CVE-2023-52637, CVE-2024-35857, CVE-2024-26961, CVE-2024-35933, CVE-2024-35893, CVE-2024-26695, CVE-2024-26925, CVE-2024-35804, CVE-2024-35819, CVE-2024-26710, CVE-2024-35899, CVE-2024-26889, CVE-2024-26951, CVE-2024-26700, CVE-2024-35815, CVE-2024-35895, CVE-2024-26824, CVE-2023-52699, CVE-2024-26937, CVE-2024-26717, CVE-2024-26702, CVE-2024-26974, CVE-2024-35950, CVE-2024-35852 - OpenSSH :: CVE-2024-6387 - OpenSSL :: CVE-2022-40735, CVE-2024-4741, CVE-2024-5535, CVE-2024-2511, CVE-2024-4603 - ORC :: CVE-2024-40897 - poppler :: CVE-2024-6239 - Python :: CVE-2019-9948, CVE-2020-27619, CVE-2021-29921, CVE-2019-9636, CVE-2021-3177, CVE-2022-48565, CVE-2019-10160, CVE-2018-1060, CVE-2021-3737, CVE-2022 -45061, CVE-2022-48560, CVE-2019-20907, CVE-2018-1061, CVE-2018-14647, CVE-2019-9674, CVE-2019-5010, CVE-2018-20406, CVE-2023-24329, CVE-2023-41105, CVE-2019-17 514, CVE-2022-0391, CVE-2019-16056, CVE-2020-26116, CVE-2015-20107, CVE-2022-42919, CVE-2023-6597, CVE-2022-48564, CVE-2020-8492, CVE-2019-9947, CVE-2019-16935, CVE-2019-9740, CVE-2019-18348, CVE-2018-20852, CVE-2021-4189, CVE-2023-40217, CVE-2021-3733, CVE-2023-6507, CVE-2020-14422, CVE-2022-48566, CVE-2024-0450, CVE- 2021-3426, CVE-2024-0397, CVE-2024-4032 - python-zipp :: CVE-2024-5569 - TPM2 Software Stack :: CVE-2024-29040, CVE-2023-22745 - WebKitGTK :: CVE-2024-27834 - Wget :: CVE-2024-38428 - wpa_supplicant and hostapd :: CVE-2024-5290 SP3 (v3.5) Bug Fixes: - Fixed Domain Join issue - Fixed 802.1x-TLS Network Security Configuration issue - Fixed 802.1x-PEAP Network Security Configuration issue - Allow ThinClient to connect to unmanaged port while 802.1x mode is enabled - Fixed errorneous SNMP packets generation during system boot - Fixed port forwarding error while optional WWAN module is installed on the ThinClient Security Updates: - Bash vulnerabilities :: CVE-2022-3715 - Bind vulnerabilities :: CVE-2023-4408, CVE-2023-50387, CVE-2023-50868, CVE-2023-5517, CVE-2023-5679 - Expat vulnerabilities :: CVE-2023-52425, CVE-2024-28757 - GLib vulnerabilities :: CVE-2024-34397 - GNU C Library vulnerabilities :: CVE-2024-2961 - GNU binutils vulnerabilities :: CVE-2022-47695, CVE-2022-48063, CVE-2022-48065 - GNU cpio vulnerabilities :: CVE-2023-7207 - GnuTLS vulnerabilities :: CVE-2024-28834, CVE-2024-28835 - LibTIFF vulnerabilities :: CVE-2023-52356, CVE-2023-6228, CVE-2023-6277 - Linux kernel vulnerabilities :: CVE-2023-46838, CVE-2023-50431, CVE-2023-52429, CVE-2023-52434, CVE-2023-52435, CVE-2023-52436, CVE-2023-52438, CVE-2023-52439, CVE-2023-6610, CVE-2024-22705, CVE-2024-23850, CVE-2024-23851 - NSS vulnerabilities :: CVE-2023-4421, CVE-2023-5388, CVE-2023-6135 - OpenLDAP vulnerabilities :: CVE-2023-2953 - OpenSSL vulnerabilities :: CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727 - Pillow vulnerabilities :: CVE-2023-44271, CVE-2023-50447 - TeX Live vulnerabilities :: CVE-2019-18604, CVE-2023-32668, CVE-2024-25262 - Vim vulnerabilities :: CVE-2024-22667 - WebKitGTK vulnerabilities :: CVE-2024-23206, CVE-2024-23213, CVE-2024-23222 - X.Org X Server vulnerabilities :: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082, CVE-2024-31083 - curl vulnerabilities :: CVE-2024-2004, CVE-2024-2398 - klibc vulnerabilities :: CVE-2016-9840, CVE-2016-9841, CVE-2018-25032, CVE-2022-37434 - less vulnerabilities :: CVE-2022-48624 - libuv vulnerabilities :: CVE-2024-24806 - libxml2 vulnerabilities :: CVE-2024-25062 - nghttp2 vulnerabilities :: CVE-2019-9511, CVE-2019-9513, CVE-2023-44487, CVE-2024-28182 - python-cryptography vulnerabilities :: CVE-2023-50782, CVE-2024-26130 - shadow vulnerabilities :: CVE-2023-4641 - util-linux vulnerabilities :: CVE-2024-28085 SP2 (v2.5) Bug Fixes: - Fixed GUI corruption and missing icons under certain operations - Improved slow disk decryption speed - Allows display rotation from profile apply - Allow display configuration to be fully reverted upon user's request - Allows system language setting to be saved/restored - Fixed USB key detection issue with some models of USB keys - Fixed multiple monitor support issue - Fixed multiple bugs when connect the ThinClient to conferencing monitors - Fixed audio output volume to stay with set values after reboot - Fixed multiple WWAN GUI bugs - Fixed wifi connection issue when manual DNS setting is used - Fixed network status display while the system is domain joined - Fixed network applet to forget network password when requested as such - Fixed Realtek LAN DASH support - Fixed MAC address passthrough - Fixed wifi regulatory domain support for Indonesia - Fixed the wrong language used in IBus GUI - Added snapshot support for HPDM - Added sha256 cksum to ThinPro image/SP - Allows xar to be installed from USB key where directory names contains spaces - Fixed "mount devices read-only" settings to take effect immediately - Fixed certificate import - Fixed spontaneous wakeup of mobile ThinClient Security Updates: - Avahi vulnerabilities :: CVE-2023-38469, CVE-2023-38470, CVE-2023-38471, CVE-2023-38472, CVE-2023-38473 - BlueZ vulnerabilities :: CVE-2023-45866 - FFmpeg regression :: CVE-2022-48434 - GNU C Library vulnerabilities :: CVE-2023-4806, CVE-2023-4813, CVE-2023-5156 - GNU Tar vulnerabilities :: CVE-2023-39804 - GNU binutils vulnerabilities :: CVE-2020-19726, CVE-2021-46174, CVE-2022-35205, CVE-2022-38533, CVE-2022-4285 - GRUB2 vulnerabilities :: CVE-2023-4692, CVE-2023-4693 - GStreamer Bad Plugins vulnerabilities :: CVE-2023-37329, CVE-2023-40474, CVE-2023-40475, CVE-2023-40476, CVE-2023-44429, CVE-2023-44446 - GStreamer Base Plugins vulnerabilities :: CVE-2023-37327, CVE-2023-37328 - Ghostscript vulnerabilities :: CVE-2023-46751 - GnuTLS vulnerabilities :: CVE-2023-5981 - Kerberos vulnerabilities :: CVE-2023-36054 - LibTIFF vulnerabilities :: CVE-2022-40090, CVE-2023-3576 - OpenSSH vulnerabilities :: CVE-2023-28531, CVE-2023-48795 - PAM vulnerabilities :: CVE-2024-22365 - Perl vulnerabilities :: CVE-2022-48522, CVE-2023-47038 - Pillow vulnerabilities :: CVE-2023-44271, CVE-2023-50447 - Python vulnerabilities :: CVE-2023-40217 - SQLite vulnerabilities :: CVE-2022-46908, CVE-2023-7104 - Samba vulnerabilities :: CVE-2023-4091, CVE-2023-4154, CVE-2023-42669, CVE-2023-42670 - TeX Live vulnerabilities :: CVE-2023-32700 - Traceroute vulnerabilities :: CVE-2023-46316 - Vim vulnerabilities :: CVE-2022-1725, CVE-2022-1771, CVE-2022-1886, CVE-2022-1897, CVE-2022-2000, CVE-2022-2042, CVE-2023-46246, CVE-2023-48231, CVE-2023-48232, CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237, CVE-2023-48706 - WebKitGTK vulnerabilities :: CVE-2023-42916, CVE-2023-42917 - X.Org X Server vulnerabilities :: CVE-2023-5367, CVE-2023-5380 - Xerces-C++ vulnerabilities :: CVE-2018-1311 - curl vulnerabilities :: CVE-2023-46218, CVE-2023-46219 - file vulnerabilities :: CVE-2022-48554 - libsndfile vulnerabilities :: CVE-2022-33065 - libssh vulnerabilities :: CVE-2023-48795 - nghttp2 vulnerabilities :: CVE-2023-44487 - poppler vulnerabilities :: CVE-2020-23804, CVE-2022-37050, CVE-2022-37051, CVE-2022-37052, CVE-2022-38349 - python-cryptography vulnerabilities :: CVE-2023-23931, CVE-2023-49083 - urllib3 vulnerabilities :: CVE-2018-25091, CVE-2023-43804, CVE-2023-45803 SP1 (v1.3) Bug Fixes: - Reduce excessive DNS query while running time sync - Translation updates - Fix ftp mode after firewall has been enabled - Sync WWAN status under airplane mode - Enable external monitors upon connect - Eliminate noise while using Bluetooth headset with 2.4G Wifi bands - Fix ELO Touch screen orientation issue - Save/Restore printer, SCEP and display settings along with registry - Fix background picture preview in control panel - Allow Bluetooth device to wake up system Security Updates: - grub2: CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2021-3981, CVE-2022-2873, CVE-2022-2873, CVE-2022-2873, CVE-2022-2873, CVE-2022-2873, CVE-2022-3775, CVE-2022-28734 9. Contact Information ============================================================================ For contact and support information, refer to: http://www.hp.com/go/thinclient