We would like a solution that enables a build server which invokes our licenced compiler multiple times over an extended period of time to reserve a licence before it starts and return the licence upon completion. We are using lmborrow – however this does not actually reserve the licence until the compiler is invoked. We would really like an atomic operation that will request a licence and simply wait on the server for that server? Is the atomic Operation possible? ... View more

We would like a solution that enables a build server which invokes our licenced compiler multiple times over an extended period of time to reserve a licence before it starts and return the licence upon completion. Option one is to simply invoke the compiler and verify whether we obtained a licence; and wrap this in a retry loop. However this has the downside that the server might lose the licence during the build process if the time between invocations exceeds the ‘linger’ time. Option two is to use lmborrow – however this does not actually reserve the licence until the compiler is invoked. We would really like an atomic operation that will request a licence and simply wait on the server for that server? Second issue with lmborrow is that the duration is a bit non-deterministic, so we would like to “borrow” for a significant time period and then “return” the licence on completion. However the documentation states that supporting ‘return’ depends on whether this permitted by the provider. From our testing, ‘return’ does not seem to be enabled but we cannot see in the documentation how to enable it. ... View more

BlackBerry QNX is planning on upgrading Flexnet publisher to 11.16 from 11.13. To ensure backward compatibility, we want to go with lmgr instead of lmgr_trl per this direction: https://community.flexera.com/t5/FlexNet-Publisher-Knowledge-Base/Error-quot-invalid-license-key-inconsistent-authentication-code/ta-p/3029   The question is whether any of the following CVEs still exist if we use lmgr (lmgr without TRL support)   https://nvd.nist.gov/vuln/detail/CVE-2015-8277 https://nvd.nist.gov/vuln/detail/CVE-2016-10395 https://nvd.nist.gov/vuln/detail/CVE-2018-20031 https://nvd.nist.gov/vuln/detail/CVE-2018-20032 https://nvd.nist.gov/vuln/detail/CVE-2018-20033 https://nvd.nist.gov/vuln/detail/CVE-2018-20034 ... View more

Blackberry QNX upgraded flexnet publisher from 11.13 to 11.16.5 to mitigate the CVEs against 11.13 The flexclient can checkout a license from 11.13 server, but the same client cannot checkout a license from 11.16.5. How do we resolve this problem? One of our SMEs is asking whether the legacy signing is still supported or discontinued?   ... View more

We are redistributing Flexnet Publisher as part of our software and in support of this, we need the ECCN number associated with this version. Also, it would be helpful if you can send a technical documentation that describes all the crypto algorithms used by the flexnet publisher.  ... View more

Blackberry/QNX integrates Flexnet publisher into our software and redistributes it to customers. Our protocol requires confirming that 3rd party software like Flexnet is approved for export. Can you provide the ECCN # for the FlexNet Publisher (11.13.1.0) ? ECCN: Export Control Classification Number ... View more

FlexNet Publisher (11.13.1.0) has a number of high severity CVEs (see list below) and we are moving to FlexNet Publisher (11.16.5) to mitigate the effect of these CVEs. The open question is whether any client side flex libraries are impacted by the listed CVEs https://nvd.nist.gov/vuln/detail/CVE-2015-8277 https://nvd.nist.gov/vuln/detail/CVE-2016-10395 https://nvd.nist.gov/vuln/detail/CVE-2018-20031 https://nvd.nist.gov/vuln/detail/CVE-2018-20032 https://nvd.nist.gov/vuln/detail/CVE-2018-20033 https://nvd.nist.gov/vuln/detail/CVE-2018-20034 ... View more