DSA-2021-115: DELL Secure Remote Services Virtual Edition Security Update for Multiple Third-party component Vulnerabilities
Riepilogo: DELL Secure Remote Services (SRS) Virtual Edition contains remediation for multiple third-party components that may be exploited by malicious users to compromise the affected system.
Questo articolo si applica a
Questo articolo non si applica a
Questo articolo non è legato a un prodotto specifico.
Non tutte le versioni del prodotto sono identificate in questo articolo.
Impatto
Critical
Dettagli
| Third-party Component | CVEs | More information | |
| Grub2 | CVE-2020-10713 CVE-2020-14309 CVE-2020-14372 CVE-2020-15705 CVE-2021-20225 CVE-2021-20233 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 |
See NVD (http://nvd.nist.gov/) for individual scores for each CVE. | |
| Openssl | CVE-2020-1971 CVE-2021-3449 CVE-2021-23840 CVE-2021-23841 CVE-2021-23899 CVE-2021-23900 |
||
| libX11 | CVE-2020-14363 | ||
| Python and bind | CVE-2020-8625 CVE-2019-20916 |
||
| python | CVE-2019-20916 CVE-2021-23336 |
||
| ldap | CVE-2020-25692 CVE-2020-25709 CVE-2020-25710 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 CVE-2021-27212 |
||
| postgresql | CVE-2020-14349 CVE-2020-14350 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2021-3393 CVE-2021-20229 |
||
| Krb | CVE-2020-28196 | ||
| Openssh | CVE-2020-14145 | ||
| cyrus-sasl | CVE-2019-19906 | ||
| Curl and libcurl | CVE-2014-9488 CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 CVE-2021-22876 |
||
| Libproxy | CVE-2020-25219 CVE-2020-26154 |
||
| Sudo | CVE-2021-3156 | ||
| Kernel | CVE-2020-0433 CVE-2020-13844 CVE-2020-25670 CVE-2020-25671 CVE-2020-25672 CVE-2020-25673 CVE-2020-27170 CVE-2020-27171 CVE-2020-27815 CVE-2020-29368 CVE-2020-29374 CVE-2020-35519 CVE-2020-36310 CVE-2020-36311 CVE-2020-36312 CVE-2020-36322 CVE-2021-3428 CVE-2021-3444 CVE-2021-3483 CVE-2021-20219 CVE-2021-26930 CVE-2021-26931 CVE-2021-26932 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 CVE-2021-28038 CVE-2021-28660 CVE-2021-28688 CVE-2021-28950 CVE-2021-28964 CVE-2021-28971 CVE-2021-28972 CVE-2021-29154 CVE-2021-29155 CVE-2021-29264 CVE-2021-29265 CVE-2021-29647 CVE-2021-29650 CVE-2021-30002 |
||
| libfreetype6 | CVE-2020-15999 | ||
| libmspack0 | CVE-2018-18584 CVE-2018-18585 CVE-2019-1010305 |
||
| Tar | CVE-2021-20193 | ||
| libnghttp2 | CVE-2016-1544 CVE-2018-1000168 CVE-2019-9511 CVE-2019-9513 CVE-2020-11080 |
||
| unzip | CVE-2018-18384 | ||
| libgthread-32 bit | CVE-2019-13012 | ||
| Libxml2 | CVE-2021-3518 CVE-2021-3516 CVE-2021-3517 |
||
| Less | CVE-2014-9488 | ||
| Bind | CVE-2021-25214 CVE-2021-25215 |
||
| Java | CVE-2021-2161 CVE-2021-2163 |
https://www.oracle.com/security-alerts/cpuapr2021.html | |
| expat | CVE-2017-9233 CVE-2016-9063 CVE-2019-15903 |
||
| Util-linux and supported packages | CVE-2016-5011 CVE-2017-2616 |
||
| Glib and supported packages | CVE-2020-27618 CVE-2020-29562 CVE-2020-29573 CVE-2021-3326 CVE-2021-27218 CVE-2021-27219 |
||
| jquery | CVE-2020-11022 CVE-2020-11023 |
||
| avahi | CVE-2021-3468 CVE-2021-26720 |
||
| Third-party Component | CVEs | More information | |
| Grub2 | CVE-2020-10713 CVE-2020-14309 CVE-2020-14372 CVE-2020-15705 CVE-2021-20225 CVE-2021-20233 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 |
See NVD (http://nvd.nist.gov/) for individual scores for each CVE. | |
| Openssl | CVE-2020-1971 CVE-2021-3449 CVE-2021-23840 CVE-2021-23841 CVE-2021-23899 CVE-2021-23900 |
||
| libX11 | CVE-2020-14363 | ||
| Python and bind | CVE-2020-8625 CVE-2019-20916 |
||
| python | CVE-2019-20916 CVE-2021-23336 |
||
| ldap | CVE-2020-25692 CVE-2020-25709 CVE-2020-25710 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 CVE-2021-27212 |
||
| postgresql | CVE-2020-14349 CVE-2020-14350 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2021-3393 CVE-2021-20229 |
||
| Krb | CVE-2020-28196 | ||
| Openssh | CVE-2020-14145 | ||
| cyrus-sasl | CVE-2019-19906 | ||
| Curl and libcurl | CVE-2014-9488 CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 CVE-2021-22876 |
||
| Libproxy | CVE-2020-25219 CVE-2020-26154 |
||
| Sudo | CVE-2021-3156 | ||
| Kernel | CVE-2020-0433 CVE-2020-13844 CVE-2020-25670 CVE-2020-25671 CVE-2020-25672 CVE-2020-25673 CVE-2020-27170 CVE-2020-27171 CVE-2020-27815 CVE-2020-29368 CVE-2020-29374 CVE-2020-35519 CVE-2020-36310 CVE-2020-36311 CVE-2020-36312 CVE-2020-36322 CVE-2021-3428 CVE-2021-3444 CVE-2021-3483 CVE-2021-20219 CVE-2021-26930 CVE-2021-26931 CVE-2021-26932 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 CVE-2021-28038 CVE-2021-28660 CVE-2021-28688 CVE-2021-28950 CVE-2021-28964 CVE-2021-28971 CVE-2021-28972 CVE-2021-29154 CVE-2021-29155 CVE-2021-29264 CVE-2021-29265 CVE-2021-29647 CVE-2021-29650 CVE-2021-30002 |
||
| libfreetype6 | CVE-2020-15999 | ||
| libmspack0 | CVE-2018-18584 CVE-2018-18585 CVE-2019-1010305 |
||
| Tar | CVE-2021-20193 | ||
| libnghttp2 | CVE-2016-1544 CVE-2018-1000168 CVE-2019-9511 CVE-2019-9513 CVE-2020-11080 |
||
| unzip | CVE-2018-18384 | ||
| libgthread-32 bit | CVE-2019-13012 | ||
| Libxml2 | CVE-2021-3518 CVE-2021-3516 CVE-2021-3517 |
||
| Less | CVE-2014-9488 | ||
| Bind | CVE-2021-25214 CVE-2021-25215 |
||
| Java | CVE-2021-2161 CVE-2021-2163 |
https://www.oracle.com/security-alerts/cpuapr2021.html | |
| expat | CVE-2017-9233 CVE-2016-9063 CVE-2019-15903 |
||
| Util-linux and supported packages | CVE-2016-5011 CVE-2017-2616 |
||
| Glib and supported packages | CVE-2020-27618 CVE-2020-29562 CVE-2020-29573 CVE-2021-3326 CVE-2021-27218 CVE-2021-27219 |
||
| jquery | CVE-2020-11022 CVE-2020-11023 |
||
| avahi | CVE-2021-3468 CVE-2021-26720 |
||
Prodotti interessati e correzione
| Product | Affected Versions | Updated Version | Link to Update |
| Dell SRS Virtual Edition | 3.40.00.14 3.42.10.06 3.44.00.08 3.46.00.04 3.48.00.04 3.50.00.06 3.50.10.06 3.50.20.06 |
3.52.00.08 | The SRS-VE patch is published in SRS SUSE Manager (SUMA) repository and the existing process triggers an Email notification to customer’s SRS-VE primary and secondary contacts. Email notification contains a link to Release notes (along with details of security updates) and a link to update the customer’s VE to the latest patch. Contact Dell SRS Virtual Edition Customer Support for any questions regarding upgrading your Dell SRS Virtual Edition system. |
| Product | Affected Versions | Updated Version | Link to Update |
| Dell SRS Virtual Edition | 3.40.00.14 3.42.10.06 3.44.00.08 3.46.00.04 3.48.00.04 3.50.00.06 3.50.10.06 3.50.20.06 |
3.52.00.08 | The SRS-VE patch is published in SRS SUSE Manager (SUMA) repository and the existing process triggers an Email notification to customer’s SRS-VE primary and secondary contacts. Email notification contains a link to Release notes (along with details of security updates) and a link to update the customer’s VE to the latest patch. Contact Dell SRS Virtual Edition Customer Support for any questions regarding upgrading your Dell SRS Virtual Edition system. |
Cronologia delle revisioni
| Revision | Date | Description |
| 1.0 | 2021-06-07 | Initial Release |
Informazioni correlate
Dichiarazione di non responsabilità
Proprietà dell'articolo
Numero articolo: 000188032
Tipo di articolo: Dell Security Advisory
Ultima modifica: 19 set 2025
Trova risposta alle tue domande dagli altri utenti Dell
Support Services
Verifica che il dispositivo sia coperto dai Servizi di supporto.