DSA-2021-141: Dell Avamar and NetWorker Security Update for Multiple Components
Summary:
The 2021 R1plus operating system Security Update addresses multiple third-party components within the listed Dell Avamar and NetWorker products that require a security update to
address various vulnerabilities. This is a cumulative update that includes vulnerabilities that are addressed in previous updates and new vulnerabilities.
The "plus" operating system Security Updates are only supported on the most recent Avamar Server Software versions (currently 19.3 or 19.4) and SLES operating system releases (currently SLES12SP5). It is recommended that all other customers continue to use the standard quarterly security updates which support multiple Avamar releases running on multiple SLES versions.
...
Please select a product to check article relevancy
This article applies to This article does not apply toThis article is not tied to any specific product.Not all product versions are identified in this article.
This security patch is a set of security updates for various third-party software components that are installed on the Avamar and NetWorker nodes. The patch addresses multiple security vulnerabilities in those components. The patch applies to all Avamar and NetWorker products running on the SLES platforms listed. The products include Avamar single-node servers, multinode servers, accelerator nodes, Avamar Virtual Edition systems, Avamar VMware Image Proxy, and NetWorker Virtual Edition systems.
This security patch also updates Java JRE to version 8u291 for Avamar Server 19.3 or 19.4, Avamar Proxy 19.4, Dell Avamar NDMP Accelerator 19.3 or 19.4, and NetWorker Virtual Edition 19.4.
This security patch also updates Apache Tomcat to version 8.5.66 for Avamar Server 19.3 or 19.4.
This security patch is a set of security updates for various third-party software components that are installed on the Avamar and NetWorker nodes. The patch addresses multiple security vulnerabilities in those components. The patch applies to all Avamar and NetWorker products running on the SLES platforms listed. The products include Avamar single-node servers, multinode servers, accelerator nodes, Avamar Virtual Edition systems, Avamar VMware Image Proxy, and NetWorker Virtual Edition systems.
This security patch also updates Java JRE to version 8u291 for Avamar Server 19.3 or 19.4, Avamar Proxy 19.4, Dell Avamar NDMP Accelerator 19.3 or 19.4, and NetWorker Virtual Edition 19.4.
This security patch also updates Apache Tomcat to version 8.5.66 for Avamar Server 19.3 or 19.4.
Dell Technologies recommends all customers consider both the CVSS base score and any relevant temporal and environmental scores that may impact the potential severity associated with a particular security vulnerability.
Apply the platform security patch to Avamar software version and NetWorker Virtual Edition. The following platform security patch packages are now available to be installed:
The Security Update for Avamar Virtual Edition and NetWorker Virtual Edition is customer installable. See “link to remedies” for download and installation instructions.
The installation process requires shutting down the server software, rebooting all the nodes, and restarting the server software. Appropriate time must be scheduled and allocated to perform this process.
Dell strongly recommends all customers upgrade at the earliest opportunity.
Apply the platform security patch to Avamar software version and NetWorker Virtual Edition. The following platform security patch packages are now available to be installed:
The Security Update for Avamar Virtual Edition and NetWorker Virtual Edition is customer installable. See “link to remedies” for download and installation instructions.
The installation process requires shutting down the server software, rebooting all the nodes, and restarting the server software. Appropriate time must be scheduled and allocated to perform this process.
Dell strongly recommends all customers upgrade at the earliest opportunity.
Avamar, Avamar Data Store Gen4S, Avamar Data Store Gen4T, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, PowerProtect Data Protection Hardware, Integrated Data Protection Appliance Software, NetWorker
, Product Security Information
...
Article Properties
Article Number: 000189404
Article Type: Dell Security Advisory
Last Modified: 06 Dec 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.
Article Properties
Article Number: 000189404
Article Type: Dell Security Advisory
Last Modified: 06 Dec 2024
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.