Critical
Summary:
Multiple components within the Dell EMC Unity Product Family require security updates to address various vulnerabilities.
The components are updated for the following vulnerabilities:
Apache2
CVE-2018-17199 CVE-2019-0217 CVE-2019-0220
Apache Tomcat
CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-11784
Bash
CVE-2019-9924
Curl
CVE-2018-16890 CVE-2019-3822 CVE-2019-3823
Graphite2
CVE-2017-5436
Krb5
CVE-2018-20217
libssh2_org
CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858
CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862
CVE-2019-3863
Mozilla Firefox
CVE-2018-0495 CVE-2018-12384 CVE-2018-12404 CVE-2018-12405
CVE-2018-17466 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494
CVE-2018-18498 CVE-2018-18500 CVE-2018-18501 CVE-2018-18505
NTP
CVE-2019-8936
OpenSSH
CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109
CVE-2019-6110 CVE-2019-6111
OpenSSL
CVE-2016-8610 CVE-2018-0734 CVE-2018-5407
Polkit
CVE-2018-19788
Procps
CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125
CVE-2018-1126
Python
CVE-2018-14647 CVE-2019-5010
RPM
CVE-2017-7500 CVE-2017-7501
Rrdtool
CVE-2013-2131
Sqlite3
CVE-2018-20346 CVE-2018-20506
Systemd
CVE-2018-15686 CVE-2018-16864 CVE-2018-16865 CVE-2019-6454
For more information about the Common Vulnerability and Exposure (CVE) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.
To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search
The components are updated for the following vulnerabilities:
Apache2
CVE-2018-17199 CVE-2019-0217 CVE-2019-0220
Apache Tomcat
CVE-2018-1336 CVE-2018-8014 CVE-2018-8034 CVE-2018-11784
Bash
CVE-2019-9924
Curl
CVE-2018-16890 CVE-2019-3822 CVE-2019-3823
Graphite2
CVE-2017-5436
Krb5
CVE-2018-20217
libssh2_org
CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858
CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862
CVE-2019-3863
Mozilla Firefox
CVE-2018-0495 CVE-2018-12384 CVE-2018-12404 CVE-2018-12405
CVE-2018-17466 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494
CVE-2018-18498 CVE-2018-18500 CVE-2018-18501 CVE-2018-18505
NTP
CVE-2019-8936
OpenSSH
CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109
CVE-2019-6110 CVE-2019-6111
OpenSSL
CVE-2016-8610 CVE-2018-0734 CVE-2018-5407
Polkit
CVE-2018-19788
Procps
CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125
CVE-2018-1126
Python
CVE-2018-14647 CVE-2019-5010
RPM
CVE-2017-7500 CVE-2017-7501
Rrdtool
CVE-2013-2131
Sqlite3
CVE-2018-20346 CVE-2018-20506
Systemd
CVE-2018-15686 CVE-2018-16864 CVE-2018-16865 CVE-2019-6454
For more information about the Common Vulnerability and Exposure (CVE) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.
To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search
Affected products:
Dell EMC Unity Operating Environment (OE) versions prior to 5.0.0.0.5.116
Remediation:
The following Dell EMC Unity releases address these vulnerabilities:
Dell EMC Unity Operating Environment (OE) version 5.0.0.0.5.116
Dell EMC UnityVSA Operating Environment (OE) version 5.0.0.0.5.116
To take advantage of the latest security fixes and enhancements, Dell EMC recommends upgrading to the latest Unity OE code.
Customers can refer to Dell EMC target code information at https://support.emc.com/docu39695_Target_Revisions_and_Adoption_Rates.pdf?language=en_US&language=en_US.
Link to Remedies:
Registered Dell EMC Support customers can download Dell EMC Unity software from the Dell EMC Online Support web site.
Affected products:
Dell EMC Unity Operating Environment (OE) versions prior to 5.0.0.0.5.116
Remediation:
The following Dell EMC Unity releases address these vulnerabilities:
Dell EMC Unity Operating Environment (OE) version 5.0.0.0.5.116
Dell EMC UnityVSA Operating Environment (OE) version 5.0.0.0.5.116
To take advantage of the latest security fixes and enhancements, Dell EMC recommends upgrading to the latest Unity OE code.
Customers can refer to Dell EMC target code information at https://support.emc.com/docu39695_Target_Revisions_and_Adoption_Rates.pdf?language=en_US&language=en_US.
Link to Remedies:
Registered Dell EMC Support customers can download Dell EMC Unity software from the Dell EMC Online Support web site.