DSA-2023-402: Security Update for Dell EMC Enterprise SONiC Distribution Multiple Third-Party Component Vulnerabilities.
Samenvatting: Dell EMC Enterprise SONiC remediation is available for multiple Third-party vulnerabilities.
Dit artikel is van toepassing op
Dit artikel is niet van toepassing op
Dit artikel is niet gebonden aan een specifiek product.
Niet alle productversies worden in dit artikel vermeld.
Impact
High
Gegevens
| Third-party Component | CVEs | More Information |
|---|---|---|
| c-ares | CVE-2023-31130, CVE-2023-32067 |
See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/  |
| cpio | CVE-2019-14866, CVE-2021-38185 |
See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/ |
| libfastjson | CVE-2020-12762 |
See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/ |
| libssh2 | CVE-2019-13115, CVE-2019-17498, CVE-2020-22218 |
See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/ |
| libx11 | CVE-2023-3138 |
See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/ |
| libxpm | CVE-2022-4883, CVE-2022-44617, CVE-2022-46285 |
See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/ |
| openssh | CVE-2023-38408 |
See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/ |
| openssl | CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3446, CVE-2023-3817 |
See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/ |
| Python2.7 | CVE-2021-23336, CVE-2022-0391, CVE-2022-48560, CVE-2022-48565, CVE-2022-48566, CVE-2023-24329, CVE-2023-40217 |
See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/ |
| Python3.7 | CVE-2015-20107, CVE-2020-10735, CVE-2021-3426, CVE-2021-3733, CVE-2021-3737, CVE-2021-4189, CVE-2022-45061 |
See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/ |
| systemd | CVE-2022-3821 |
See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/ |
| vim | CVE-2022-4141, CVE-2023-0054, CVE-2023-1175, CVE-2023-2610 |
See NVD link below for individual scores for each CVE.
https://nvd.nist.gov/ |
Getroffen producten en herstel
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell EMC Enterprise SONiC Distribution | Versions prior to 4.1.2 | 4.1.2 | Enterprise SONiC OS 4.1.2 gns3 |
| Product | Affected Versions | Remediated Versions | Link |
|---|---|---|---|
| Dell EMC Enterprise SONiC Distribution | Versions prior to 4.1.2 | 4.1.2 | Enterprise SONiC OS 4.1.2 gns3 |
Revisiegeschiedenis
| Revision | Date | Description |
|---|---|---|
| 1.0 | 2023-11-13 | Initial Release |
| 2.0 | 2023-12-05 | Formatting change with no content changes |
Verwante informatie
Juridische verklaring van afstand
Getroffen producten
Enterprise SONiC DistributionArtikeleigenschappen
Artikelnummer: 000219487
Artikeltype: Dell Security Advisory
Laatst aangepast: 05 dec. 2023
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.