Follow

Security package updates for high severity vulnerabilities in NetBackup appliances 2.7.3 and 3.0

A NetBackup Appliance EEB for security package updates for 2.7.3 and 3.0 were released this week. This EEB updates various packages like nss, glibc, bind… with CVSS ranging from 10 – 7. Security scanners will report these issues as high severity vulnerabilities for the related packages used in the NetBackup Appliance because we use those affected packages. 

 

Note:  This EEB requires Appliance reboot for packages to be updated successfully. All these package updates will be addressed in 3.1.

 

For more information, downloads, and instructions: https://www.veritas.com/support/en_US/article.000127386

 

These issues may be reported as high severity vulnerabilities for NetBackup Appliances:

Critical (10.0)  RHEL 6 : mysql (RHSA-2017:0184)

  • including CVE-2016-6662, CVE-2016-6663, CVE-2016-5616

High (9.3)  RHEL 5 / 6 / 7 : nss and nss-util (RHSA-2016:2779)

  • including CVE-2016-2834, CVE-2016-5285, CVE-2016-8635

High (7.5) RHEL 6 / 7 : nss and nss-util (RHSA-2017:1100)

  • including CVE-2017-5461

Medium (5.0) RHEL 6 : nss (RHSA-2017:1364)

  • including CVE-2017-7502

High (7.8) RHEL 6 : rpcbind (RHSA-2017:1267)

  • including CVE-2017-8779

High (7.8) RHEL 6 : libtirpc (RHSA-2017:1268)

  • including CVE-2017-8779

High (7.8)  RHEL 6 / 7 : jasper (RHSA-2017:1208)

  • including CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577,  CVE-2016-8690, CVE-2016-8693, CVE-2016-8884, CVE-2016-8885, CVE-2016-9262, CVE-2016-9591, CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8691, CVE-2016-8692, CVE-2016-8883, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9583, CVE-2016-9600, CVE-2016-10248, CVE-2016-10251

High (7.8)  RHEL 6 / 7 : vim (RHSA-2016:2972)

  • including CVE-2016-1248

High (7.5)  RHEL 6 : bind (RHSA-2017:1105)

  • including CVE-2017-3136, CVE-2017-3137

High (7.8) RHEL 6 : bind (RHSA-2017:1202)

  • including CVE-2017-3139

High (7.5) RHEL 6 : bind (RHSA-2017:1679)

  • including CVE-2017-3142, CVE-2017-3143

High (7.5) RHEL 5 / 6 : bind (RHSA-2017:0063)

  • including CVE-2016-9147

High (7.5) RHEL 5 / 6 / 7 : bind (RHSA-2016:1944)

  • including CVE-2016-2776

High (7.5) RHEL 5 / 6 : bind (RHSA-2016:2093)

  • including CVE-2016-2848

High (7.5) RHEL 5 / 6 : bind (RHSA-2016:2141)

  • including CVE-2016-8864

High (7.5) RHEL 6 / 7 : expat (RHSA-2016:2824)

  • including CVE-2016-0718

High (7.5) RHEL 6 / 7 : libtiff (RHSA-2017:0225)

  • including CVE-2016-9533, CVE-2016-9534, CVE-2016-9535, CVE-2015-8870, CVE-2016-5652, CVE-2016-9540, CVE-2016-9537, CVE-2016-9536

High (7.5) RHEL 6 : gnutls (RHSA-2017:0574)

  • including CVE-2016-8610, CVE-2017-5335, CVE-2017-5336, CVE-2017-5337

High (7.5) RHEL 6 : glibc (RHSA-2017:0680)

  • including CVE-2014-9761, CVE-2015-8776, CVE-2015-8778, CVE-2015-8779

High (7.4) RHEL 6 : glibc CVE-2017-1000366
High (7.2)  RHEL 6 / 7 : sudo (RHSA-2017:1574)

  • including CVE-2017-1000368

Medium (6.9) RHEL 6 / 7 : sudo (RHSA-2016:2872)

  • including CVE-2016-7032, CVE-2016-7076

Medium (6.9) RHEL 6 / 7 : sudo (RHSA-2017:1382)

  • including CVE-2017-1000367

High (7.2) RHEL 6 / 7 : policycoreutils (RHSA-2016:2702)

  • including CVE-2016-7545

High (7.2) RHEL 6 : openssh (RHSA-2017:0641)

  • including CVE-2015-8325

High (7.1) RHEL 6 / 7 : ntp (RHSA-2017:0252)

  • including CVE-2016-7426, CVE-2016-7429, CVE-2016-7433, CVE-2016-9310, CVE-2016-9311
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk