Release Notes for McAfee(R) 
WebShield(R) appliance version 3.0.2.
Service Pack 1.
Copyright (C) 2005 McAfee, Inc.
All Rights Reserved.


==========================================================

Release date:	May 10, 2005.

This release was developed and tested with:

- WebShield(R) version:	version 3.0.2
- DAT Version:	4463
- Engine Version:	4.4.00
- Prerequisites	V3.0.1 + HF208608 + HF211037 + HF213242
	(or)
	v3.0.2

Make sure you have installed this version before using this release.

==========================================================


Thank you for using WebShield(R) appliance software. This file contains important information regarding this release. We strongly recommend that you read the entire document.


The attached files are provided as is, and with no warranty either expressed or implied as to their suitability for any particular use or purpose. McAfee, Inc. assumes no liability for damages incurred either directly or indirectly as a result of the use of these files, including but not limited to the loss or damage of data or systems, loss of business or revenue, or incidental damages arising from their use. Patch files should be applied only on the advice of McAfee Technical Support, and only when you are actually experiencing the issue being addressed by the Patch. Patch files should not be proactively applied in order to prevent potential product issues. You are responsible for reading and following all instructions for preparation, configuration, and installation of Patch files. Patch files are not a substitute or replacement for product Service Packs which may be released by McAfee, Inc. It is a violation of your software license agreement to distribute or share these files with any other person or entity without written permission from McAfee, Inc. Further, posting of McAfee Patch files to publicly available Internet sites is prohibited. McAfee, Inc. reserves the right to refuse distribution of Patch files to any company or person guilty of unlawful distribution of McAfee software products. Questions or issues with McAfee Patch files should be directed to McAfee Technical Support.


__________________________________________________________
WHAT'S IN THIS FILE
- About This Release
- Purpose
- Resolved Issue
- Files Included with This Release
- Installation
- Installation Requirements
- Installation Steps
- Removing this Release
- Participating in the McAfee Beta Program
- Contact Information
- Copyright & Trademark Attributions
- License Information

__________________________________________________________
ABOUT THIS RELEASE

PURPOSE

This Service Pack addresses the issues shown in the RESOLVED ISSUES section below.

RESOLVED ISSUES:

1. ISSUE:
Importing a version 2.7 configuration into a version 3.0 appliance can result in a transparent mode appliance with no transparent scanning functionality due to the flag controlling transparency being set to off in each of the proxy configuration files. 

RESOLUTION:
The import functionality has been changed to ensure that transparency options are kept intact from version 2.7 to version 3.0.

2. ISSUE:
Attempting to retrieve mail from a POP3 server over a slow link can result in the client receiving a "Data download" error due to time outs caused by no keep alives being sent during download.

RESOLUTION:
The keep alive command can now be configured. This command is now sent during download and scanning.

3. ISSUE:
When configuring a templated forwarded E-Mail address under SMTP policy E-Mail Address Configuration, it is not possible to include a . in the domain text entry field, for example, %username%@spam.%domain% would fail.

RESOLUTION:
The validation code on the domain text entry field has been modified to allow a . to be used.

4. ISSUE:
When visiting certain websites using HTTP, an unexpected RST packet prevents the download of the web page.

RESOLUTION:
It is now possible to configure the appliance to forward the RST packet onto the HTTP client. See technote HowToForwardRSTForHTTP.rtf

5. ISSUE:
When proxying via FTP to an appliance, it is not possible to connect to, for example, user@server2@server1.

RESOLUTION:
The proxy has been updated to understand these requests. See technote HowToDaisyChainFTP.rtf

6. ISSUE:
When configuring the MTU size in transparent bridge mode under the advanced LAN1 options in Network Settings, changing the MTU value does not set the value for the bridge.
 
RESOLUTION:
The MTU value is now set for bridge mode.

7. ISSUE:
When using the appliance in transparent bridge mode to FTP over HTTP, the appliance returns a 403 error.
 
RESOLUTION:
The appliance now correctly handles FTP over HTTP.

8. ISSUE:
When configuring the number of retryers under the advanced retryer SMTP configure options, it is currently only possible to have a maximum of 20.
 
RESOLUTION:
The maximum value has been increased to 100.

9. ISSUE:
When configuring the LDAP username under LDAP Servers in Policy Groups, it is currently only possible to have a maximum of 50 characters. Any subsequent characters are not saved.
 
RESOLUTION:
The maximum value has been increased to allow 500 characters for the LDAP username.

10. ISSUE:
When viewing the deferred e-mail lists, an empty list may be returned if there are many items in the deferred queue.
 
RESOLUTION:
The correct list will now be returned.

11. ISSUE:
When content rules are edited after they have already been added to an SMTP policy, the changes will not be noticed by SMTP.
 
RESOLUTION:
The protocols are now automatically restarted to re-read the new content rules. 

12. ISSUE:
When configuring the FTP handoff host under FTP policy Advanced Protocol Configuration, it is not possible to remove the handoff host once it has been added.
 
RESOLUTION:
The FTP handoff host can now be removed. 

13. ISSUE:
When viewing the quarantine e-mail lists, an empty list may be returned if there are many items in the quarantine queue.

RESOLUTION:
It is now possible to view the lists. See technote HowToViewQuarantineEmail.rtf

14. ISSUE:
In an appliance configured for proxy mode SMTP with reverse DNS lookups disabled, the appliance hostname will not be sent as the parameter for the HELO command to the onward MTA.

RESOLUTION:
The appliance now includes the fully qualified domain name as the parameter for the HELO command.

15. ISSUE:
In an appliance configured for proxy mode SMTP with reverse DNS lookups disabled, the appliance hostname will not be sent to the client as part of the default welcome message banner.

RESOLUTION:
The appliance now includes the fully qualified domain name as part of the default welcome message banner.

16. ISSUE:
In an appliance configured for proxy mode SMTP there exists the possibility (via various DNS delivery mechanisms) of the SMTP proxy attempting to connect to an address in the 127.0.0.0/8 range, which causes a Denial of Service for that connection.

RESOLUTION:
The SMTP proxy is now denied the ability to connect to an address in the above range. It will be treated as a non existent domain.

17. ISSUE:
There exists the possibility that the HTTP proxy may hang due to an error in the HTTP/1.1 handling when a single TCP packet is received containing two HTTP response headers.

RESOLUTION:
The single packet is now correctly handled.

18. ISSUE:
When the customer modifies the transparent bridge priority via the UI, the change is not reflected until the appliance is rebooted.

RESOLUTION:
The transparent bridge priority modification takes effect without needing a reboot.

19. ISSUE:
The E-Mail alerts generated by the event system cannot be overridden using the UI E-Mail Channel Filters dialog.

RESOLUTION:
These alerts can now be overridden as required by the customer.

20. ISSUE:
When viewing the HTTP performance chart, there existed the possibility of invalid data being displayed.

RESOLUTION:
The data for the charts is now being displayed correctly.

21. ISSUE:
The appliance incorrectly closes an FTP session when retrieving a directory listing which contains continuation codes in the range 1xx to 2xx.

RESOLUTION:
These continuation codes are now handled correctly.

22. ISSUE:
When the SMTP proxy detects a partial E-Mail, and the configuration for the primary action has been set to allow through, it is not possible to execute any secondary actions relating to the modified E-Mail.

RESOLUTION:
All secondary actions are now possible.

23. ISSUE:
It is possible to receive an empty E-Mail from either the POP3 or SMTP proxy for E-Mails which have contained certain viruses which when cleaned, resulted in an empty message.

RESOLUTION:
These types of message are now treated as uncleanable and replaced with an HTML alert.

24. ISSUE:
    The ESMTP option "ORCPT" is rejected by
    WebShield as a 501 syntax error - badly
    formatted address.

    RESOLUTION:
    WebShield allows the ORCPT option in mails
    passing through it.

25. ISSUE:
    The appliance would regularly not allow traffic
    through. On investigation this turned out to be
    associated with an HSRP virtual router.

    RESOLUTION:
    An initial work around is to allow the user to
    specific routes to the component routers of the
    virtual router. This required the addition of
    metric information to the routes such that
    multiple routers may be specified for the same
    route.

26. ISSUE:
    Session times out and asks user to login
    regularly while viewing the deferred mails.

    RESOLUTION:
    With this fix, session does not timeout while
    viewing the deferred mails.

27. ISSUE:
    In the SMTP protocol, when content scanning
    rules are enabled, it is possible for temporary
    files not to be removed from the scanning
    directory, even after restarting the proxy.

    RESOLUTION:
    The temporary files are now removed.

28. ISSUE:
    The postmaster address for the e-mail channel
    alerting cannot be modified.

    RESOLUTION:
    You can now modify the postmaster address to any
    valid e-mail address

29. ISSUE:
    When you print charts, the formatting may
    corrupt, leading to partial duplication.

    RESOLUTION:
    The printing of charts has been significantly
    improved.

30. ISSUE:
It is possible for the GUI to stop working and become unresponsive.

    RESOLUTION:
System resources have been reallocated to allow the GUI to remain operational.

31. ISSUE:
    By default, "ICMP Destination Unreachable"
    messages are not received through the appliance
    in transparent mode.

    RESOLUTION:
    "ICMP Destination Unreachable" messages are now
    allowed through the appliance in transparent
    mode.

32. ISSUE:
It is possible for the administrator to be unable to view all of the quarantine items.

    RESOLUTION:
    The quarantine service now displays all the items.

33. ISSUE:
If an e-mail address has been set for "Forwarded
E-mail" or "Annotated E-mail", it is not possible
to remove it.

    RESOLUTION:
    The user can now remove the e-mail address
    entered in the "Forwarded E-mail" or "Annotated
    E-mail" fields.

34. ISSUE:
    Warning message: "Ext2fs warning: maximal mount
    count reached, running e2fsck recommended" is
    displayed on the console.

    RESOLUTION:
    The count is no longer reached.

35. ISSUE:
    Appliance does not respond and stops accepting e-mail.

    RESOLUTION:
    System resources have been optimized.

36. ISSUE:
    If you customize virus alerts, and include the
    WebShield logo using the Alert Editor, the alert
    generated does not display the logo correctly.

    RESOLUTION:
    The logo displays correctly for customized
    alerts.

37. ISSUE:
If the appliance is configured in transparent mode in a non-English European language, then the appliance required a restart to operate correctly.

    RESOLUTION:
    You can now configure the appliance using a
    non-English European language without
    restarting.

38. ISSUE:
    On an appliance configured for SMTP proxy mode,
    the appliance defers the e-mail when, the
    welcome banner from the onward server connection
    does not contain a 220 response.

    RESOLUTION:
The appliance now interprets a non 220 response as a failed connection and therefore attempts to use any other delivery mechanisms available  See technote Technote_MXConnect.doc.

39. ISSUE:
    You cannot add policy groups with a ',' (comma)
    in the identity ID. This usually occurs when the
    identity is imported from LDAP.

    RESOLUTION:
    The appliance ensures that the identity ID does
    not have a ',' (comma) by escaping the character
    when it is imported from LDAP.

40. ISSUE:
    Appliance may stop logging and logging does not
    restart until the appliance is rebooted.

    RESOLUTION:
    The logs are written continuously until the user
    configures the appliance to stop logging.

41. ISSUE:
    You cannot disable POP3 server keepalives.

    RESOLUTION:
    You can now disable keepalives.

    NOTE: Currently, you cannot change keepalives
    intervals.

42. ISSUE:
    A message detected by the content rule is placed
    in the content quarantine area even if it
    contained a virus.

    RESOLUTION:
    The virus quarantine is used for this type of
    message.

43. ISSUE:
    It is possible for the spam scanner to fail to
    scan an e-mail, by default the error is logged,
    and after the e-mail is processed by the other
    scanners, the e-mail is delivered.

    RESOLUTION:
    The administrator can configure the appliance to
    send a 421 error response if the spam scanner
    fails.

    NOTE: Please refer technical note 
    spam-technote.doc

44. ISSUE:
    Manually created group policies are corrupted on
    an LDAP import.

    RESOLUTION:
    Import process has been changed such that the
    manually created groups no longer corrupt on an
    LDAP import.

45. ISSUE:
    The Firefox browser displays empty directory
    listings when proxied or intercepted by the
    WebShield appliance due to the intermediate
    commands between the PASV and the list
    commands.

    RESOLUTION:
    WebShield can now handle intermediate commands
    between the PASV and the list commands.

46. ISSUE:
    POP3 authentication using the AUTH command fails
    during the client/server exchange.

    RESOLUTION:
    POP3 AUTH handling is now implemented and does
    not fail during the client/server exchange.

47. ISSUE:
    SMTP, when configured for a large number of
    concurrent connections can result in a large
    number of threads being run, causing an
    appliance overload.

    EXAMPLE:
    Configuring SMTP for 125 listeners with 25
    connections per listener.

    RESOLUTION:
    The Helper threads are eliminated using a
    configurable option thereby reducing the load on
    the appliance.

    NOTE:
    Refer Technical Note: DisableHelperThreads.RTF
    to configure this option.

48. ISSUE:
    The WebShield appliance does not let arbitrary
    FTP commands to be passed through the gateway.

    RESOLUTION:
    WebShield can now be configured to pass
    additional FTP commands to the ongoing server
    for processing.

    NOTE:
    Refer Technical Note: AdditionalFTPCommands.RTF
    to configure this option.

49. ISSUE:
    In the WebShield user interface, it is not
    possible to enter a stream media type with "."
    (period) characters in it.

    RESOLUTION:
    The validation has been changed to allow the "."
    (period) characters.

    EXAMPLE:
    Media types like application/x.name.events are
    now allowed.

50. ISSUE:
    An appliance configured for proxy mode SMTP
    returns a "250 OK" message to the SMTP command
    "MAIL FROM: <<>>" and considers it as a null
    sender.

    RESOLUTION:
    The SMTP proxy now correctly returns a "501
    Syntax error - Badly formatted address".

51. ISSUE:
    The original message detected by a file
    filtering rule was placed in the content
    quarantine area even if it was infected.

    RESOLUTION:
    The virus quarantine area will now be used to
    place such messages.

52. ISSUE:
    During the appliance boot, the time interval
    between the appliance network interfaces coming
    up and the transparency driver loading could be
    sufficient to let the network traffic to go
    unscanned.

    RESOLUTION:
    The transparency driver is now loaded as soon as
    the appliance network stack is loaded.

53. ISSUE:
    On an appliance configured for SMTP with content
    scanning enabled, it is possible for the proxy
    to have a segmentation fault (SEGV) error
    content scanning certain Lotus Notes 1-2-3
    98/Millenium edition files.

    RESOLUTION:
    This issue has been fixed and Lotus 1-2-3 files
    can now be scanned.

54. ISSUE:
    Data trickling on FTP keeps the server alive for
    long uploads and scans. However, once the data
    has been uploaded to the appliance, keep alives
    were not being sent to the client.

    RESOLUTION:
    Data trickling on FTP will also send client keep
    alives once the data has been uploaded to the
    appliance.

55. ISSUE:
    In the "Logging and Alerting Channel", it is
    possible to change the body text of the alert
    e-mail in the "Channel Settings". However the
    tokens %SOURCEIP%, %SOURCEHOST% and %LOCALTIME%
    were not being substituted for their
    corresponding values.

    RESOLUTION:
    The tokens are now substituted with their
    corresponding values.

56. ISSUE:
    It was not possible to add or modify static
    routes from the browser. However it was possible
    from the WebShield client.

    RESOLUTION:
    Static routes can now be added and/or modified
    from a browser.

57. ISSUE:
    When an ePolicy Orchestrator report filter is
    configured to generate the AntiSpam report for
    entries with spam score greater than zero,
    entries with negative spam score were also part
    of the report.

    RESOLUTION:
    In an AntiSpam report configured for entries
    with spam score greater than zero, the entries
    with negative spam score are not part of the
    report.

58. ISSUE:
    It is not possible to view the quarantine items
    or logon to the WebShield console when the login
    password contains special characters.

    RESOLUTION:
    Special characters are now allowed within
    WebShield password.

59. ISSUE:
    In an appliance configured in transparent mode,
    if the server closes the session during an SMTP
    conversation, it is possible for the appliance
    to add extra characters in its response to the
    client before closing the connection.

    RESOLUTION:
    The appliance now passes through the response
    from the server to the client without adding any
    extra characters.

60. ISSUE:
    Certain configuration changes can result in
    traffic going through the appliance without
    being scanned.

    RESOLUTION:
    The traffic going through the appliance is now
    scanned during configuration changes.

61. ISSUE:
    Duplicate static route information can be
    entered using the WebShield user interface.

    RESOLUTION:
    A static route entry will now be rejected by the
    user interface, if the IP address, Network mask
    and Gateway address match.

62. ISSUE:
    On an appliance configured for SMTP proxy mode,
    it is not possible to disable the generation of
    an NDR (Non-delivery receipt) email.

    RESOLUTION:
    Generation of an NDR e-mail is now
    configurable.

    Refer Technote: disableNDRemail.rtf

63. ISSUE:
    SPAM statistics reports are not available.

    RESOLUTION:
    It is now possible to generate SPAM statistics
    reports in the "charts" section.

64. ISSUE:
    The statistics counters are automatically reset
    periodically.

    RESOLUTION:
    The counters are reset only when "Reset
    Counters" button in the user interface is
    clicked.

65. ISSUE:
    Some combinations of scan results caused
    incorrect use of the configured scanners.

    RESOLUTION:
    Correct scans are now performed for primary
    actions.

66. ISSUE:
    It was not possible to customize header and
    footer text for non-viral alert messages for
    HTTP.

    RESOLUTION:
    It is now possible to customize the header and
    footer for HTTP non-viral alert messages.

67. ISSUE:
    At present on the WebShield v3.01 Dell variants
    there is no disk monitoring.

    RESOLUTION:
    The Dell Megamon management utility provides
    disk monitoring facilities.

68. ISSUE:
When the SMTP proxy is scanning for spam, it is possible for e-mail messages to pass through the appliance without being marked because of spam daemon not starting.

     RESOLUTION:
The appliance now monitors the spam daemon, which is now restarted when necessary.

69. ISSUE:
When viewing the quarantine e-mail lists after applying a hotfix, an empty list may be returned.

RESOLUTION:
It is now possible to view the lists.



FILES INCLUDED WITH THIS RELEASE

SP1-790.107/add_info
SP1-790.107/dell-1850/Megamon-4.0-0a.i386.rpm
SP1-790.107/dell-1850/S19raidprestart
SP1-790.107/dell-1850/S21raidconfig
SP1-790.107/installscript
SP1-790.107/message_functions.bash
SP1-790.107/prerequisites
SP1-790.107/reboot_ui
SP1-790.107/rpms/webshield-app-ui-6.0-200504141422.i386.rpm
SP1-790.107/rpms/webshield-comp-6.0-200504141422.i386.rpm
SP1-790.107/rpms/webshield-escm-6.0-200504141422.i386.rpm
SP1-790.107/rpms/webshield-files-6.0-200504141422.i386.rpm
SP1-790.107/rpms/webshield-l10n-6.0-200504141422.i386.rpm
SP1-790.107/rpms/webshield-ui-6.0-200504141422.i386.rpm
SP1-790.107/savefiles
SP1-790.107/script
SP1-790.107/services_stop
SP1-790.107/version
validate/filelist.txt
validate/md5sum.txt
validate/validate.txt
validate/version


_________________________________________________________
INSTALLATION

INSTALLATION REQUIREMENTS

To use this release, you must have WebShield(R) appliance version 3.0.2 software installed on the appliance you intend to update. 


INSTALLATION STEPS

To install this Service Pack, follow these steps:

1. Create a temporary directory on your hard disk and download file ServicePack1.zip from the McAfee website (you may need a password from McAfee support). 

2. Extract the file WSe30SP1-790.107.zip from ServicePack1.zip and save it on your network that can access the WebShield appliance.

3. Open your Internet browser and browse to the WebShield appliance, or use the WebShield Client program to access the WebShield appliance.

4. Login to the WebShield appliance when prompted by typing your username and password.

5. Select Manage Components from the System menu.

6. Use the Component Install -> Install a selected HotFix or service pack file Browse button, to find the location of the Service Pack file WSe30SP1-790.107.zip and select Open. A popup window appears displaying "This operation requires an automatic log off which may cancel any changes you have made!  Do you want to continue?"  click "yes" button to install the Service Pack. When the Service Pack finishes installing you will be automatically logged out. Login again to continue with Step 7.
 
7. Once the Service Pack is installed, select About WebShield and ensure that the correct Service Pack number is displayed.

8. If a browser is being used to access the appliance configuration, close all instances of the browser you are using, and clear the Java Cache using the Java Control Panel.


NOTE:
If you plan to use the WSe30SP1-790.107.zip archive file again, keep it available on your computer. Otherwise, delete the file once the Service Pack has been installed successfully. If you reinstall your WebShield version 3.0.2 software, we recommend you to reinstall the Service Pack.


REMOVING THIS RELEASE

To remove this Service pack from your WebShield appliance, you need to reinstall WebShield appliance version 3.02. Please note that all other HotFixes installed on the appliance would also be removed in the process.


__________________________________________________________
PARTICIPATING IN THE MCAFEE BETA PROGRAM

To download new beta software or to read about the latest beta information, visit the McAfee beta web site located at:
http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm

To submit beta feedback on any McAfee product, send e-mail to:
mcafee_beta@mcafee.com

McAfee is devoted to providing solutions based on your input.


__________________________________________________________
CONTACT INFORMATION

SECURITY HEADQUARTERS:  AVERT 
(Anti-Virus & Vulnerability Emergency Response Team)
Home Page
http://www.mcafeesecurity.com/us/security/home.asp

Virus Information Library
http://vil.mcafeesecurity.com/

AVERT WebImmune & Submit a Virus Sample
https://www.webimmune.net/default.asp

AVERT DAT Notification Service
http://vil.mcafeesecurity.com/vil/join-DAT-list.asp


DOWNLOAD SITE
Home Page
http://www.mcafeesecurity.com/us/downloads/

Anti-Virus DAT File and Engine Updates
http://www.mcafeesecurity.com/us/downloads/updates/

ftp://ftp.mcafee.com/pub/antivirus/datfiles/4.x

Anti-Spam Rules File and Engine Updates
ftp://ftp.nai.com/spamdefs/1.x/

Product Upgrades
https://secure.nai.com/us/forms/downloads/upgrades/login.asp

Valid grant number required (contact Customer Service)
		

TECHNICAL SUPPORT
Home Page
http://www.mcafeesecurity.com/us/support/technical_support

KnowledgeBase Search
https://knowledgemap.mcafeesecurity.com/phpclient/homepage.aspx

PrimeSupport Service Portal (Logon credentials required)
https://mysupport.mcafeesecurity.com 

PSVANS  PrimeSupport Vulnerability Alert Notification Service
http://www.mcafeesecurity.com/us/support/primesupport/


CUSTOMER SERVICE
US, Canada, and Latin America toll-free:
Phone:	+1-888-VIRUS NO or +1-888-847-8766
Monday-Friday, 8am-8pm, Central Time 

E-mail: 	https://secure.nai.com/us/forms/support/request_form.asp

Web:	http://www.mcafeesecurity.com/us/support/default.asp


MCAFEE BETA PROGRAM
Download Site:
http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm

E-mail to Submit Beta Feedback:
mcafee_beta@mcafee.com


TRAINING: MCAFEE UNIVERSITY
http://www.mcafeesecurity.com/us/services/education/mcafee/university.htm


WORLDWIDE OFFICES
For addresses and phone numbers of worldwide offices: 

http://www.mcafeesecurity.com/us/contact/home.htm


_____________________________________________________
COPYRIGHT AND TRADEMARK ATTRIBUTIONS

Copyright (C) 2005 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form orbyany means without the written permission of McAfee, Inc., or its suppliers or affiliate companies. 


TRADEMARKS

ACTIVE FIREWALL, ACTIVE SECURITY, ACTIVESECURITY (AND IN KATAKANA), ACTIVESHIELD, CLEAN-UP, DESIGN (STYLIZED E), DESIGN (STYLIZED N), ENTERCEPT, EPOLICY ORCHESTRATOR,  FIRST AID, GROUPSHIELD, GROUPSHIELD (AND IN KATAKANA),  INTRUSHIELD, INTRUSION PREVENTION THROUGH INNOVATION,  MCAFEE, MCAFEE (AND IN KATAKANA), MCAFEE AND DESIGN, MCAFEE.COM, MCAFEE VIRUSSCAN, NA NETWORK ASSOCIATES, NET TOOLS, NET TOOLS (AND IN KATAKANA), NETSCAN, NETSHIELD, NETWORK ASSOCIATES, NUTS & BOLTS, OIL CHANGE, PRIMESUPPORT, SPAMKILLER, THREATSCAN, TOTAL VIRUS DEFENSE, VIREX, VIRUS FORUM, VIRUSCAN, VIRUSSCAN, VIRUSSCAN (AND IN KATAKANA), WEBSCAN, WEBSHIELD, WEBSHIELD (AND IN KATAKANA), YOUR NETWORK. OUR BUSINESS.  are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries.  The color red in connection with security is distinctive of McAfee brand products.  All other registered and unregistered trademarks herein are the sole property of their respective owners. 



_____________________________________________________
LICENSE INFORMATION


LICENSE AGREEMENT

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.


LICENSE ATTRIBUTIONS

This product includes or may include:
*Software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). *Cryptographic software written by Eric A. Young and software written by Tim J. Hudson. *Some software programs that are licensed (or sublicensed) to the user under the GNU General Public License (GPL) or other similar Free Software licenses which, among other rights, permit the user to copy, modify and redistribute certain programs, or portions thereof, and have access to the source code. The GPL requires that for any software covered under the GPL which is distributed to someone in an executable binary format, that the source code also be made available to those users. For any such software covered under the GPL, the source code is made available on this CD. If any Free Software licenses require that McAfee provide rights to use, copy or modify a software program that are broader than the rights granted in this agreement, then such rights shall take precedence over the rights and restrictions herein.  *Software originally written by Henry Spencer, Copyright 1992, 1993, 1994, 1997 Henry Spencer.  *Software originally written by Robert Nordier, Copyright (C)1996-7 Robert Nordier.  *Software written by Douglas W. Sauder.  *Software developed by the Apache Software Foundation (http://www.apache.org/). A copy of the license agreement for this software can be found at www.apache.org/licenses/LICENSE-2.0.txt. 
*International Components for Unicode (ICU) Copyright (C)1995-2002 International Business Machines Corporation and others.  *Software developed by CrystalClear Software, Inc., Copyright (C)2000 CrystalClear Software, Inc. *FEAD(R) Optimizer(R) technology, Copyright Netopsystems AG, Berlin, Germany. *Outside In(R) Viewer Technology (C)1992-2001 Stellent Chicago, Inc. and/or Outside In(R) HTML Export, (C)2001 Stellent Chicago, Inc.  *Software copyrighted by Thai Open Source Software Center Ltd. and Clark Cooper, (C)1998, 1999, 2000.  *Software copyrighted by Expat maintainers.  *Software copyrighted by The Regents of the University of California, (C)1989.  *Software copyrighted by Gunnar Ritter.  *Software copyrighted by Sun Microsystems(R), Inc. (C)2003.  *Software copyrighted by Gisle Aas. (C)1995-2003.  *Software copyrighted by Michael A. Chase, (C)1999-2000.  *Software copyrighted by Neil Winton, (C)1995-1996.  *Software copyrighted by RSA Data Security, Inc., (C)1990-1992.  *Software copyrighted by Sean M. Burke, (C)1999, 2000.  *Software copyrighted by Martijn Koster, (C)1995.  *Software copyrighted by Brad Appleton, (C)1996-1999.  *Software copyrighted by Michael G. Schwern, (C)2001.  *Software copyrighted by Graham Barr, (C)1998.  *Software copyrighted by Larry Wall and Clark Cooper, (C)1998-2000.  *Software copyrighted by Frodo Looijaard, (C)1997.  *Software copyrighted by the Python Software Foundation, Copyright (C)2001, 2002, 2003. A copy of the license agreement for this software can be found at www.python.org.  *Software copyrighted by Beman Dawes, (C)1994-1999, 2002.  *Software written by Andrew Lumsdaine, Lie-Quan Lee, Jeremy G. Siek (C)1997-2000 University of Notre Dame.  *Software copyrighted by Simone Bordet & Marco Cravero, (C)2002.  *Software copyrighted by Stephen Purcell, (C)2001.  *Software developed by the Indiana University Extreme! Lab http://www.extreme.indiana.edu/).  *Software copyrighted by International Business Machines Corporation and others, (C)1995-2003.  *Software developed by the University of California, Berkeley and its contributors.  *Software developed by Ralf S. Engelschall <rse@engelschall.com> for use in the mod_ssl project (http://www.modssl.org/).  *Software copyrighted by Kevlin Henney, (C)2000-2002.  *Software copyrighted by Peter Dimov and Multi Media Ltd. (C)2001, 2002.  *Software copyrighted by David Abrahams, (C)2001, 2002. See http://www.boost.org/libs/bind/ bind.html for documentation.  *Software copyrighted by Steve Cleary, Beman Dawes, Howard Hinnant & John Maddock, (C)2000.  *Software copyrighted by Boost.org, (C)1999-2002.  *Software copyrighted by Nicolai M. Josuttis, (C)1999.  *Software copyrighted by Jeremy Siek, (C)1999-2001.  *Software copyrighted by Daryle Walker, (C)2001.  *Software copyrighted by Chuck Allison and Jeremy Siek, (C)2001, 2002. *Software copyrighted by Samuel Krempp, (C)2001. See http://www.boost.org for updates, documentation, and revision history.  *Software copyrighted by Doug Gregor (gregod@cs.rpi.edu), (C)2001, 2002.  *Software copyrighted by Cadenza New Zealand Ltd., (C)2000.  *Software copyrighted by Jens Maurer, (C)2000, 2001.  *Software copyrighted by Jaakko Jrvi (jaakko.jarvi@cs.utu.fi), (C)1999, 2000.  *Software copyrighted by Ronald Garcia, (C)2002.  *Software copyrighted by David Abrahams, Jeremy Siek, and Daryle Walker, (C)1999-2001.  *Software copyrighted by Stephen Cleary (shammah@voyager.net), (C)2000.  *Software copyrighted by Housemarque Oy 
<http:// www.housemarque.com>,(C)2001.  *Software copyrighted by Paul Moore, (C)1999.  *Software copyrighted by Dr. John Maddock, (C)1998-2002.  *Software copyrighted by Greg Colvin and Beman Dawes, (C)1998, 1999.  *Software copyrighted by Peter Dimov, (C)2001, 2002.  *Software copyrighted by Jeremy Siek and John R. Bandela, (C)2001.  *Software copyrighted by Joerg Walter and Mathias Koch, (C)2000-2002.



V3.1.2





