DSA-2019-020: Dell EMC SourceOne Security Update for OpenSSL Vulnerabilities
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Critical
Details
Summary:
Dell EMC SourceOne requires a security update to address various vulnerabilities.
OpenSSL has been updated address the following vulnerabilities:
-
The shortcut extension
CVE-2009-1387 CVE-2010-4252 CVE-2010-5298 CVE-2011-1945
CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619
CVE-2012-0027 CVE-2013-6449 CVE-2014-0076 CVE-2014-3505
CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3510
CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570
CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204
CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288
CVE-2015-0289 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789
CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-4000
CVE-2016-0703 CVE-2016-0704 CVE-2016-2105 CVE-2016-2106
CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176
CVE-2016-7055 CVE-2016-7056
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.
To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
OpenSSL has been updated address the following vulnerabilities:
-
The shortcut extension
CVE-2009-1387 CVE-2010-4252 CVE-2010-5298 CVE-2011-1945
CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619
CVE-2012-0027 CVE-2013-6449 CVE-2014-0076 CVE-2014-3505
CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3510
CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570
CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204
CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288
CVE-2015-0289 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789
CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-4000
CVE-2016-0703 CVE-2016-0704 CVE-2016-2105 CVE-2016-2106
CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176
CVE-2016-7055 CVE-2016-7056
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.
To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
Affected Products & Remediation
Affected products:
Dell EMC SourceOne Email Management Extension for IBM Lotus Domino prior to version 7.2.7.7022
Remediation:
The following Dell EMC SourceOne release addresses these vulnerabilities:
-
Dell EMC SourceOne Email Management Extension 7.2 SP7 for IBM Lotus Domino
Note: Only the Shortcut extension is impacted by the vulnerabilities described in this alert.
Dell EMC recommends all customers utilizing the Shortcut extension upgrade at their earliest opportunity.
Customers can download software from https://support.emc.com/downloads/433_SourceOne-Email-Management
Affected products:
Dell EMC SourceOne Email Management Extension for IBM Lotus Domino prior to version 7.2.7.7022
Remediation:
The following Dell EMC SourceOne release addresses these vulnerabilities:
-
Dell EMC SourceOne Email Management Extension 7.2 SP7 for IBM Lotus Domino
Note: Only the Shortcut extension is impacted by the vulnerabilities described in this alert.
Dell EMC recommends all customers utilizing the Shortcut extension upgrade at their earliest opportunity.
Customers can download software from https://support.emc.com/downloads/433_SourceOne-Email-Management
Related Information
Legal Disclaimer
Affected Products
SourceOne Email ManagementProducts
Product Security Information, SourceOne Email ManagementArticle Properties
Article Number: 000153587
Article Type: Dell Security Advisory
Last Modified: 10 Apr 2021
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.