Company: Link Technologies
Case No: L12816. Project: 14.30: LinkSOFT Version 14.30 - December 2022
Logged By: Sanjay (Link Technologies) on 08 Nov 2022 11:18AM
Priority: High
Product: Framework
Group: Enhancement
Time Taken: 30.00 (Weight: 30.00)
Assigned To: Sanjay (Link Technologies)
Circulation: Sanjay
Resolve By: Tuesday, 15 November 2022 12:00 AM [531 days since logged date]
Status: Closed
Subject: Framework and Security Updates as at November 2022

Framework and security updates as of 8th November 2022.

  1. Forecourt Enabler
  2. Devexpress
  3. WEB API
  4. Javascript Plugin frameworks
Audit Notes:Edited by sanjay on 10/11/22 13:06. 
08 Nov 202211:20AM Comment 1 by Sanjay (Link Technologies) Assigned To: Sanjay (Link Technologies) Followup Date: 10-11-2022 03:18 PM Time Taken: 8.00 Notes: Edited by sanjay on 08/11/22 11:35. 

***Forecourt Enabler update to 4.10.1
Enabler Release Notes

Known Issues

  • After a system has resumed from a Sleep/Hibernation state, the Enabler Card driver is unable to resume correctly and requires a pump server restart (#9067).
    These Power Options are now automatically disabled during installation of Enabler v4.5.5 and above, but could be activated again by the user or other software.

Enabler v4.10.1


  • Added Log Collection and Software Installation Pages to the Enabler Web Application.
  • Fixes and Improvements to the ActiveX API and Sample Applications.
  • Includes Pump Update 2022-07-15 and 2022-09-30:
    • Added support for Censtar 6200, Censtar 6400, Eaglestar SPD, HongYang MPD and Gilbarco UK Extended pump types.
    • Resolved site issues for EMR3, Gilbarco, HongYang SPD, HongYang MPD, IFSF, NZ Protocol, Sanki MPD, Somo and Tokheim pumps.
    • Updated Enabler Card firmware to support Enabler Express V3 without IFSF/LON support.

Details of Changes

  • Pump Server (Psrvr4.exe) v4.7.1

    • Added event logging for ExpressV3 cards without IFSF/LON support (EP-5777).
    • Added support for new Enabler hardware revision (EP-5353, EP-5513).
    • Internal changes (EP-5801, EP-5816, EP-5758).
  • Enabler Web Applications

    • Enabler Web (EnbWeb.exe, DataAccess.dll, DataEntity.dll, PageResources.dll, WebPages.dll) v2.2.66

      • Added Logs page to support log collection via Enabler Web Application (EP-5837).
      • Added Software page to support installation of Pump Driver Updates via Enabler Web Application (EP-5935).
      • Redirect back to the requested web page once logged in after a session timeout (EP-5965).
      • Updated EnbWeb to retry binding the service to the web port if unsuccessful during startup (EP-6012).
      • Internal changes (EP-5965).
    • Utilities (Utilities.dll, Installer.dll) v1.5.19

      • Internal changes (EP-5727, EP-5767, EP-5830, EP-5837, EP-5935).
  • Database

    • Fix: Prevent errors when clearing an attendant delivery if there is no attendant logged onto the pump (ES-5327, EP-5799).
    • Fix: Prevent database connection failure after installing Enabler to non-English Windows (ES-5316, ES-5392, EP-5945).
  • API

    • EnbSessionX2 ActiveX Control (EnbSessionX2.ocx) v4.10.7

      • Fix: Ensure Pump states are fired correctly on startup (ES-5157).
      • Fix: Update Pump profile properties when updating Site profile (EP-5931).
      • Fix: Prevent blank pump popup caption when pump description text is not provided by API (EP-1960, EP-5968).
      • Fix: Ensure Pump.MaxStackSize property is populated (EP-5968).
      • Added Chinese (Traditional) translation strings (EP-5898).
    • EnbPumpX2 ActiveX Control (EnbPumpX2.ocx) v3.42.2

      • Fix: Display the caption text properly (ES-5200, EP-5798).
      • Added touch-friendly layout option for pump popup and error dialogs (EP-5968).
      • Added support for Unicode text for Grade name and Display text (ES-5200, EP-5798).
  • SDK

    • ITL MPP Simulator (mppsim.exe) v2.37.0.4

      • Internal changes (EP-5814, EP-5873).
    • Java Pump Demo (PumpDemo.jar) v2.1.5

      • Fix: Clear the sale window after logon/re-connection to prevent errors when clearing old items and items getting stuck in the sale window (EP-5941).
    • Developer Documentation

      • Enabler ActiveX Developers Reference v1.24.0
    • User Documentation

      • Enabler Ethernet Getting Started Guide v1.2
      • Enabler Embedded Site Installation Checklist v1.4
      • Enabler Ethernet Site Installation Checklist v1.2
      • Enabler Site Installation Checklist v2.3
  • Installer (Enabler4Setup.exe) v4.10.1.2291

    • Fix: Schedule database backup script to run daily using time specified in the database (ES-5402).
    • Added additional components to support Log Collection and Software Installation Pages (EP-5837, EP-5935).
    • Removed Enabler Data REST API Reference. Already included in Enabler Developers Reference (EP-5765).
  • Utilities

    • AutoSupport Utility (AutoSupport.exe) v2.18.0

      • Internal changes (EP-5830, EP-5839).
    • Enabler Ethernet Utility (EnbEthernet.exe) v1.1.10

      • Improved Static IP address validation (EP-5966).
      • Internal changes (EP-5790, EP-5983).
  • User Documentation

    • Enabler Web Applications Reference Manual v1.56

Enabler v4.10.0


  • Improved and enhanced security of the Enabler:
    • Resolved detected vulnerabilities in the Enabler Web Applications.
    • Added SSL configuration options for the Enabler Web Applications and Pump Server.
  • Added support for additional data endpoints in the REST Data API:
    • Added Cards, Table_Stats and WetStock Tank Movements tables.
  • Added REST Data API documentation to the Enabler SDK Reference Manual.
  • Includes Pump Update 2022-03-11 and 2021-12-17:
    • Resolved site issues for Gilbarco, NZ Protocol, IFSF, Sanki and Wayne DART protocol pumps.
    • Resolved site issues for Veeder Root protocol tank gauges.
    • Simplified logging for Pump Server compatibility checks on startup for selected pump protocols.

Details of Changes

  • Enabler Web Applications

    • Enabler Web (EnbWeb.exe, DataAccess.dll, DataEntity.dll, PageResources.dll, WebPages.dll) v2.2.43

      • Fix: Site Settings changes fail to save when legacy terminals are disabled (ES-4839, EP-5514).
      • Fix: Prevent out of memory errors due to REST API memory leaks (ES-4350, ES-5016, EP-5657).
      • Fix: Prevent out of memory errors due to web page memory leaks (EP-5382).
      • Fix: Prevent webpage error when a Grade's Price Profile is configured incorrectly (ES-5006, EP-5651).
      • Fix: Prevent SQL Injection vulnerabilities (EP-5639).
      • Fix: Prevent Cross-Site Scripting (XSS) vulnerabilities (EP-5669).
      • Fix: Ensure Administrator Role access rights cannot be changed (EP-5717).
      • Added support for Tank Deliveries and Movements (EP-5402, EP-5602, EP-5603, EP-5604, EP-5605, EP-5740).
      • Added Network page to support SSL configuration (EP-2242).
      • Updated jQuery library and improved JavaScript code (EP-5670).
      • Internal changes (EP-5616, EP-5639).
    • Utilities (Utilities.dll, Installer.dll) v1.5.9

      • Fix: Prevent SQL Injection vulnerabilities (EP-5639).
      • Improved error handling for SSL configuration changes (EP-2242).
      • Internal changes (EP-5402, EP-5602, EP-5603, EP-5604, EP-5605, EP-5606, EP-5608).
    • Padarn Web Server (OpenNETCF.web.dll) v1.6.16171.18

      • Fix: Prevent ROBOT vulnerability by removing support for RSA key exchange (EP-5641)
      • Added HTTP Strict Transport Security header for secure connections (EP-5643).
      • Internal changes (EP-5669)
  • Pump Server (Psrvr4.exe) v4.6.49

    • Fix: Pump can get stuck if a client logs on at the same time as Prepay delivery ends (ES-4905, EP-5582).
    • Fix: Last prepay details incorrectly sent to the client when next prepay is a zero delivery (ES-4944, EP-5618).
    • Fix: Reject authorisation limits that are negative or larger than the database can handle (EP-5659).
    • Fix: Prevent unexpected warnings when preset deliveries are going slightly over the limit (ES-5072, EP-5723).
    • Improved support for secure API connections to allow TLS1.2 and TLS1.3 (EP-5553, EP-5554).
  • OpenSSL (OpenSSL.exe) v1.1.1L

    • Update to version 1.1.1L (EP-5554).
  • Database

    • Added Table_Stats table to track statistics (i.e. LastConfigUpdate) for the Enabler tables (ES-4655, EP-4782, EP-5640).
  • API

    • EnbSessionX2 ActiveX Control (EnbSessionX2.ocx) v4.10.2

      • Added support for SSL connection to Pump Server (EP-5526).
      • Added support for Chinese (Traditional) translation (CR432-107, EP-5695).
    • EnbPumpX2 ActiveX Control (EnbPumpX2.ocx) v3.41.2

      • Added Chinese (Traditional) translation strings for Pump pop-up dialog (CR432-107, EP-5695).
    • Enabler Java API (enabler-api-1.0.jar) v1.4.5

      • Added support for SSL connection to Pump Server, including new Forecourt methods get/setConnectionMode() (EP-4501).
        Refer to setConnectionMode() documetation for more details.
      • Use configuration file with .properties extension. Refer to API Javadoc (EP-4501, EP-5586).
      • Internal changes (EP-4501).
    • Java Pump Controls (enabler-pmp-ctrl-2.0.jar) v2.0.7

      • Various improvements to Pump Controls (EP-5329).
      • Internal changes (EP-4501).
    • Enabler .Net API (ITL.Enabler.Api.dll, ITL.Enabler.Api_pcl.dll, ITL.Enabler.API.TLB) v1.3.10

      • Added support for secure API connections using TLS1.2 (EP-5554).
    • Enabler REST API (RestData.dll) v2.2.43

      • Fix: Pump deletion now checks for linked Pump Profile and Loop (EP-5631).
      • Remove unnecessary logging for REST API requests (EP-5367).
      • Added TableStatsData endpoint to track statistics for the Enabler tables (ES-4655, EP-4782).
      • Added support for Tank_Delivery, Tank_Loss, Tank_Movement_Type and Tank_Transfer data tables (EP-5402, EP-5602, EP-5603, EP-5604, EP-5605, EP-5740).
      • Added validation of Price Profile when updating the Grades data table (ES-5006, EP-5651).
      • Improved REST API performance (EP-5674).
      • Added Close Period support to Desktop (ES-4802, EP-5472).
      • Added support for Cards Data table (EP-4246).
  • SDK

    • ITL MPP Simulator (mppsim.exe) v2.36.0.27

      • Fix: Ensure final running total is equal to delivery value when limit is reached and nozzle is returned (EP-5508).
      • Internal changes (EP-5355, EP-5215, EP-5621, EP-5630).
    • Java Pump Demo (PumpDemo.jar) v2.1.4

      • Fix: Manual Transaction for Mechanical pumps only worked on first entry (EP-5329).
      • Support .properties file for storing application preferences (EP-4501, EP-5586).
      • Added support for SSL connection to Pump Server (EP-4501).
      • General UI improvements (EP-4501, EP-5329):
        • Restore window size and position when app opened
        • Disable logon dialog while connecting
        • Improved Auto Reconnect behaviour on server disconnection
        • Improved Prepay dialog layout
      • Include library dependencies with source code (EP-4501).
    • REST API Sample Application (RESTApiSample.exe) v1.0.5.0

      • Sample .NET WPF application for the REST Data API (EP-4757, EP-5617).
    • Developer Documentation

      • Enabler SDK Reference Manual v4.0.66
      • Enabler Java API Javadoc v4.0.6
      • Enabler ActiveX Developers Reference v1.23.0
    • User Documentation

      • Enabler Ethernet Getting Started Guide v1.1
      • Enabler Embedded Getting Started Guide v1.17
  • Installer (Enabler4Setup.exe) v4.10.0.2104

    • Added HTTPS support for Enabler Web start menu shortcuts (EP-5622).
  • Utilities

    • AutoSupport Utility (AutoSupport.exe) v2.13.0

      • Added more site database configuration in EnablerInfo.txt and EnablerInfo.csv (EP-4563).
      • Internal changes (CR426-189).
    • Enabler Ethernet Utility (EnbEthernet.exe) v1.1.7

      • Improved console output of Ethernet version number (EP-5417).
    • EnbKick Utility (EnbKick.exe) v2.2.1

      • Fix: Improved reliability of logging into Enabler API (ES-4930).
    • Enabler SSL Utility (EnbSSL.exe) v1.1.1

      • New utility for configuring SSL settings for Enabler Pump Server and Web Applications (EP-5446).
    • Enabler Client Utility (EnbClient.exe) v1.4.2

      • Added SSL option for Enabler Web start menu shortcuts (EP-5622).
  • User Documentation

    • Enabler Web Applications Reference Manual v1.53
    • Enabler Demonstration POS Application Reference Manual v3.5

08 Nov 202211:25AM Comment 2 by Sanjay (Link Technologies) Assigned To: Sanjay (Link Technologies) Followup Date: 10-11-2022 03:20 PM Time Taken: 8.00

DEVExpress upgrade from 22.1.3 to 22.1.6. Changes at this link:

08 Nov 202211:35AM Comment 3 by Sanjay (Link Technologies) Assigned To: Sanjay (Link Technologies) Followup Date: 10-11-2022 03:25 PM Time Taken: 2.00
Web Config Changed - Added "AllowCustomFTP" Flag to prevent users from taking data out unless Web Administrator grants permission.

09 Nov 202203:48PM Comment 4 by Sanjay (Link Technologies) Assigned To: Sanjay (Link Technologies) Followup Date: 11-11-2022 07:47 PM Time Taken: 12.00
Performed standard tests for Forecourt Controller, EFT and API operations.

If you have any queries regarding this support incident, please email and include the Case No: L12816 in the subject line of all emails regarding this issue.

Document size: 18.6 KB
For call complaints, please contact the Managing Director of the company using this form