DSA-2019-126: Dell EMC ESRS Virtual Edition Security Update for Multiple Third Party Component Vulnerabilities
Questo articolo si applica a
Questo articolo non si applica a
Questo articolo non è legato a un prodotto specifico.
Non tutte le versioni del prodotto sono identificate in questo articolo.
Impatto
Critical
Dettagli
Summary:
Multiple components within Dell EMC ESRS Virtual Edition require a security update to address various vulnerabilities.
The components are updated to address the following vulnerabilities:
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm. To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
- JRE: CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3150, CVE-2018-3157, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3209, CVE-2018-3211, CVE-2018-3214, CVE-2018-13785, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698, CVE-2019-2699
- Python: CVE-2019-9636, CVE-2019-9948
- Kernel: CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm. To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
The components are updated to address the following vulnerabilities:
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm. To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
- JRE: CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3150, CVE-2018-3157, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3209, CVE-2018-3211, CVE-2018-3214, CVE-2018-13785, CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698, CVE-2019-2699
- Python: CVE-2019-9636, CVE-2019-9948
- Kernel: CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479
For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm. To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.
Prodotti interessati e correzione
Affected products:
Dell EMC ESRS Virtual Edition versions prior to 3.38.00.12.
Remediation:
The following Dell EMC ESRS Virtual Edition release contains a resolution to this vulnerability:
Dell EMC recommends all customers upgrade at the earliest opportunity. Contact Dell EMC ESRS Virtual Edition customer support to download the required rpm file and install it.
The ESRS VE patch is published in ESRS vLM (Virtual Life cycle Management) repository and the existing process triggers an Email notification to customer s ESRS VE primary & secondary contacts. Email notification contains a link to Release notes (along with details of security updates) and a link to update the customer s VE to the latest patch. Contact Dell EMC ESRS Virtual Edition Customer Support for any questions regarding upgrading your Dell EMC ESRS Virtual Edition system.
Dell EMC ESRS Virtual Edition versions prior to 3.38.00.12.
Remediation:
The following Dell EMC ESRS Virtual Edition release contains a resolution to this vulnerability:
- Dell EMC ESRS VE version 3.38.00.12
Dell EMC recommends all customers upgrade at the earliest opportunity. Contact Dell EMC ESRS Virtual Edition customer support to download the required rpm file and install it.
The ESRS VE patch is published in ESRS vLM (Virtual Life cycle Management) repository and the existing process triggers an Email notification to customer s ESRS VE primary & secondary contacts. Email notification contains a link to Release notes (along with details of security updates) and a link to update the customer s VE to the latest patch. Contact Dell EMC ESRS Virtual Edition Customer Support for any questions regarding upgrading your Dell EMC ESRS Virtual Edition system.
Affected products:
Dell EMC ESRS Virtual Edition versions prior to 3.38.00.12.
Remediation:
The following Dell EMC ESRS Virtual Edition release contains a resolution to this vulnerability:
Dell EMC recommends all customers upgrade at the earliest opportunity. Contact Dell EMC ESRS Virtual Edition customer support to download the required rpm file and install it.
The ESRS VE patch is published in ESRS vLM (Virtual Life cycle Management) repository and the existing process triggers an Email notification to customer s ESRS VE primary & secondary contacts. Email notification contains a link to Release notes (along with details of security updates) and a link to update the customer s VE to the latest patch. Contact Dell EMC ESRS Virtual Edition Customer Support for any questions regarding upgrading your Dell EMC ESRS Virtual Edition system.
Dell EMC ESRS Virtual Edition versions prior to 3.38.00.12.
Remediation:
The following Dell EMC ESRS Virtual Edition release contains a resolution to this vulnerability:
- Dell EMC ESRS VE version 3.38.00.12
Dell EMC recommends all customers upgrade at the earliest opportunity. Contact Dell EMC ESRS Virtual Edition customer support to download the required rpm file and install it.
The ESRS VE patch is published in ESRS vLM (Virtual Life cycle Management) repository and the existing process triggers an Email notification to customer s ESRS VE primary & secondary contacts. Email notification contains a link to Release notes (along with details of security updates) and a link to update the customer s VE to the latest patch. Contact Dell EMC ESRS Virtual Edition Customer Support for any questions regarding upgrading your Dell EMC ESRS Virtual Edition system.
Informazioni correlate
Dichiarazione di non responsabilità
Prodotti interessati
Secure Remote Services Virtual EditionProdotti
Secure Remote Services Virtual Edition, Product Security InformationProprietà dell'articolo
Numero articolo: 000153801
Tipo di articolo: Dell Security Advisory
Ultima modifica: 22 mag 2021
Trova risposta alle tue domande dagli altri utenti Dell
Support Services
Verifica che il dispositivo sia coperto dai Servizi di supporto.