DSA-2019-159: Dell EMC Data Computing Appliance (DCA) Security Update for Multiple Third Party Components

Dit artikel is van toepassing op Dit artikel is niet van toepassing op Dit artikel is niet gebonden aan een specifiek product. Niet alle productversies worden in dit artikel vermeld.

Impact

Critical

Gegevens

Summary:   
Multiple components within Dell EMC DCA require a security update to address various vulnerabilities. 

The components are updated for the following vulnerabilities:   

  • Kernel

CVE-2017-17805    CVE-2018-17972    CVE-2019-1125    CVE-2019-5489

  • bind

CVE-2018-5743

  • vim

CVE-2019-12735

  • libssh2

CVE-2019-3855    CVE-2019-3856    CVE-2019-3857    CVE-2019-3863

  • OpenJDK

CVE-2019-2745    CVE-2019-2762    CVE-2019-2769    CVE-2019-2786
CVE-2019-2816    CVE-2019-2842                                                

  • OpenSSH

CVE-2018-15473

  • Python

CVE-2019-9636

  • OpenSSL

CVE-2019-1559

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.

The components are updated for the following vulnerabilities:   

  • Kernel

CVE-2017-17805    CVE-2018-17972    CVE-2019-1125    CVE-2019-5489

  • bind

CVE-2018-5743

  • vim

CVE-2019-12735

  • libssh2

CVE-2019-3855    CVE-2019-3856    CVE-2019-3857    CVE-2019-3863

  • OpenJDK

CVE-2019-2745    CVE-2019-2762    CVE-2019-2769    CVE-2019-2786
CVE-2019-2816    CVE-2019-2842                                                

  • OpenSSH

CVE-2018-15473

  • Python

CVE-2019-9636

  • OpenSSL

CVE-2019-1559

For more information about any of the Common Vulnerabilities and Exposures (CVEs) mentioned here, consult the National Vulnerability Database (NVD) at http://nvd.nist.gov/home.cfm.

To search for a particular CVE, use the database s search utility at http://web.nvd.nist.gov/view/vuln/search.

Dell Technologies raadt aan dat alle klanten rekening houden met zowel de basisscore van CVSS als alle relevante tijdelijke en omgevingsscores die gevolgen kunnen hebben voor de mogelijke ernst van de specifieke beveiligingsproblemen.

Getroffen producten en herstel

Affected products:     
Dell EMC Data Computing Appliance (DCA) software versions prior to 3.5.4.0


Remediation:     
The following Dell EMC DCA release addresses these vulnerabilities:     

  • Dell EMC DCA 3.5.4.0

For Dell EMC DCA software version 3.3.0.0, 3.4.0.0, 3.4.1.0, 3.4.2.0, 3.5.0.0, 3.5.1.0, 3.5.2.0, and 3.5.3.0, the security update is contained in release 3.5.4.0.

To upgrade an earlier DCA version, you must upgrade to version 3.3.0.0 and then to version 3.5.4.0.

Dell EMC recommends all customers upgrade at the earliest opportunity. Contact Dell EMC DCA customer support to download the required rpm file and install it.



Affected products:     
Dell EMC Data Computing Appliance (DCA) software versions prior to 3.5.4.0


Remediation:     
The following Dell EMC DCA release addresses these vulnerabilities:     

  • Dell EMC DCA 3.5.4.0

For Dell EMC DCA software version 3.3.0.0, 3.4.0.0, 3.4.1.0, 3.4.2.0, 3.5.0.0, 3.5.1.0, 3.5.2.0, and 3.5.3.0, the security update is contained in release 3.5.4.0.

To upgrade an earlier DCA version, you must upgrade to version 3.3.0.0 and then to version 3.5.4.0.

Dell EMC recommends all customers upgrade at the earliest opportunity. Contact Dell EMC DCA customer support to download the required rpm file and install it.



Verwante informatie

Getroffen producten

Data Computing Appliance V3

Producten

Data Computing Appliance V3, Product Security Information
Artikeleigenschappen
Artikelnummer: 000001849
Artikeltype: Dell Security Advisory
Laatst aangepast: 20 sep. 2024
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.