A NetBackup Appliance EEB for security package updates for 2.7.3 and 3.0 were released this week. This EEB updates various packages like nss, glibc, bind… with CVSS ranging from 10 – 7. Security scanners will report these issues as high severity vulnerabilities for the related packages used in the NetBackup Appliance because we use those affected packages.
Note: This EEB requires Appliance reboot for packages to be updated successfully. All these package updates will be addressed in 3.1.
For more information, downloads, and instructions: https://www.veritas.com/support/en_US/article.000127386
These issues may be reported as high severity vulnerabilities for NetBackup Appliances:
Critical (10.0) RHEL 6 : mysql (RHSA-2017:0184)
- including CVE-2016-6662, CVE-2016-6663, CVE-2016-5616
High (9.3) RHEL 5 / 6 / 7 : nss and nss-util (RHSA-2016:2779)
- including CVE-2016-2834, CVE-2016-5285, CVE-2016-8635
High (7.5) RHEL 6 / 7 : nss and nss-util (RHSA-2017:1100)
- including CVE-2017-5461
Medium (5.0) RHEL 6 : nss (RHSA-2017:1364)
- including CVE-2017-7502
High (7.8) RHEL 6 : rpcbind (RHSA-2017:1267)
- including CVE-2017-8779
High (7.8) RHEL 6 : libtirpc (RHSA-2017:1268)
- including CVE-2017-8779
High (7.8) RHEL 6 / 7 : jasper (RHSA-2017:1208)
- including CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577, CVE-2016-8690, CVE-2016-8693, CVE-2016-8884, CVE-2016-8885, CVE-2016-9262, CVE-2016-9591, CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8691, CVE-2016-8692, CVE-2016-8883, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9583, CVE-2016-9600, CVE-2016-10248, CVE-2016-10251
High (7.8) RHEL 6 / 7 : vim (RHSA-2016:2972)
- including CVE-2016-1248
High (7.5) RHEL 6 : bind (RHSA-2017:1105)
- including CVE-2017-3136, CVE-2017-3137
High (7.8) RHEL 6 : bind (RHSA-2017:1202)
- including CVE-2017-3139
High (7.5) RHEL 6 : bind (RHSA-2017:1679)
- including CVE-2017-3142, CVE-2017-3143
High (7.5) RHEL 5 / 6 : bind (RHSA-2017:0063)
- including CVE-2016-9147
High (7.5) RHEL 5 / 6 / 7 : bind (RHSA-2016:1944)
- including CVE-2016-2776
High (7.5) RHEL 5 / 6 : bind (RHSA-2016:2093)
- including CVE-2016-2848
High (7.5) RHEL 5 / 6 : bind (RHSA-2016:2141)
- including CVE-2016-8864
High (7.5) RHEL 6 / 7 : expat (RHSA-2016:2824)
- including CVE-2016-0718
High (7.5) RHEL 6 / 7 : libtiff (RHSA-2017:0225)
- including CVE-2016-9533, CVE-2016-9534, CVE-2016-9535, CVE-2015-8870, CVE-2016-5652, CVE-2016-9540, CVE-2016-9537, CVE-2016-9536
High (7.5) RHEL 6 : gnutls (RHSA-2017:0574)
- including CVE-2016-8610, CVE-2017-5335, CVE-2017-5336, CVE-2017-5337
High (7.5) RHEL 6 : glibc (RHSA-2017:0680)
- including CVE-2014-9761, CVE-2015-8776, CVE-2015-8778, CVE-2015-8779
High (7.4) RHEL 6 : glibc CVE-2017-1000366
High (7.2) RHEL 6 / 7 : sudo (RHSA-2017:1574)
- including CVE-2017-1000368
Medium (6.9) RHEL 6 / 7 : sudo (RHSA-2016:2872)
- including CVE-2016-7032, CVE-2016-7076
Medium (6.9) RHEL 6 / 7 : sudo (RHSA-2017:1382)
- including CVE-2017-1000367
High (7.2) RHEL 6 / 7 : policycoreutils (RHSA-2016:2702)
- including CVE-2016-7545
High (7.2) RHEL 6 : openssh (RHSA-2017:0641)
- including CVE-2015-8325
High (7.1) RHEL 6 / 7 : ntp (RHSA-2017:0252)
- including CVE-2016-7426, CVE-2016-7429, CVE-2016-7433, CVE-2016-9310, CVE-2016-9311
Comments
0 comments
Please sign in to leave a comment.