Service Releases for FrontPage Server Extensions 2000
Contents
Introduction
Service Release 1.4
Service Release 1.3
Service Release 1.2
Service Release 1.1
Introduction
This section describes each of the service releases for FrontPage Server
Extensions 2000. The most recent service release for FrontPage Server
Extensions 2000 is Service Release 1.4.
Important FrontPage Server Extensions 2002 supersedes
FrontPage Server Extensions 2000 and supports clients using Microsoft
FrontPage 2002 as well as previous versions. If at all possible you should
upgrade your Web servers to FrontPage Server Extensions 2002.
Service Release 1.4
Service Release 1.4 is the most recent and final service release for
FrontPage Server Extensions 2000. Web administrators hosting Web sites extended
with the FrontPage Server Extensions should download and install the appropriate
download for their operating system and Web server.
For more information on the FrontPage Server Extensions 2000 or to download
the installation files, see the following resources:
Note FrontPage Server Extensions 2000 Service Release 1.4
is the final Service Release update to FrontPage Server Extensions 2000
for both Microsoft Windows and UNIX. Web administrators should consider
installing FrontPage Server Extensions 2002 to upgrade
their Web servers to the most recent release of FrontPage Server Extensions.
For information on issues resolved with Service Release 1.4 and installation
instructions, see Description
of the FrontPage 2000 Server Extensions Security Patch.
Service Release 1.3
Service Release 1.3 is superseded by Service Release 1.4. Updates
in Service Release 1.3 are for Microsoft Windows-based platforms (version 4.0.2.5526 for
Windows 2000, Windows NT 4.0 and Windows 9x systems). The following issues
and resolutions are included in this service release.
| Issue Affecting | Resolution |
| Security | Visual Interdev can create FrontPage Server Extension application roots
without robust security. |
| Security | FrontPage Server Extensions sub-component contains unchecked buffer. |
| Operations | FrontPage Server Extensions are unable to save files after being first
installed, without first creating a web. |
| Operations | Saving to target folder with UNC path while running for the first time
prevents save. |
For additional information and installation instructions, see
List of issues fixed in
FrontPage Server Extensions Service Release 1.3.
Service Release 1.2
Service Release 1.2 is superseded by Service Release 1.3. The following
sections describe the updates included in service release 1.2 for Windows-based and
UNIX-based Web servers. For additional information and installation instructions
and issues resolved in this service release, see
Description of
Windows-based fixes for Server Extensions SR1.2.
Microsoft Windows-based Platforms
The following issues and resolutions are included in service release 1.2 for
Windows-based Web servers (version 4.0.2.4324 for Windows
2000 systems, version 4.0.2.4317 for Windows NT 4.0, and Windows 9x
systems).
| Issue Affecting | Resolution |
| Categories | Functional links created using categories appear broken in the broken
links report and Hyperlinks View. |
| Permissions | Users who have Administer permission on the root web cannot set
permissions on the root web if they do not have explicit permissions to all other subwebs. |
| Security | - ASP source code could be viewed under certain circumstances.
- An external attack could cause Server Extensions to leak memory.
- An external attack could cause the server's CPU to spike.
- Server Extension error messages show full operating system path to the Web site.
- Sending Dos devices as a parameter to shtml.dll causes the
FrontPage Server Extensions to stop responding. The Web site remains
accessible, but FrontPage authoring and browse time Web bot components
fail.
|
UNIX-based Platforms
The following issues and resolutions are included in service release 1.2 for UNIX-based Platforms (version 4.0.2.4222).
| Issue Affecting | Resolution |
| Security | - ASP source code could be viewed under certain circumstances.
- An external attack could cause the server's CPU to spike.
- Server Extension error messages show full operating system path to the Web site.
- Some directory permissions were not as secure as possible.
|
Thank you to the customers that reported security issues and assisted us with fixing them.
Service Release 1.1
Service Release 1.1 is superseded by Service Release 1.2. For additional information and a list of issues
resolved in this service release, see
Description of FrontPage
2000 Server Extensions Service Release 1.1.