DSA-2023-053: Dell Data Protection Central Security Update for Multiple Third-Party Component Vulnerabilities
Summary: Dell Data Protection Central remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Critical
Details
SP2-based systems
SuSE is no longer distributing updates for SLES 12 SP2.
SP5-based systems
| Third-party Component |
CVEs |
More Information |
| Binutils 2.39-9.50.1 |
CVE-2019-1010204 CVE-2021-3648 CVE-2021-3826 CVE-2021-45078 CVE-2021-46195 CVE-2022-27943 CVE-2022-38126 CVE-2022-38127 CVE-2022-38533 |
See NVD (http://nvd.nist.gov/ |
| Containerd 1.6.12-16.68.1 |
CVE-2022-23471 CVE-2022-27191 |
|
| dbus-1 1.8.22-41.1 |
CVE-2022-42010 CVE-2022-42011 CVE-2022-42012 |
|
| git-core 2.26.2-27.63.2 |
CVE-2022-23521 CVE-2022-39253 CVE-2022-39260 CVE-2022-41903 |
|
| grub2 2.02-153.1 |
CVE-2022-2601 |
|
| grub2 2.02-153.1 grub2-i386-pc 2.02-153.1 grub2-snapper-plugin 2.02-153.1 grub2-systemd-sleep-plugin 2.02-153.1 |
CVE-2022-3775 |
|
| java-1_8_0-openjdk 1.8.0.352-27.81.1 java-1_8_0-openjdk-headless 1.8.0.352-27.81.1 |
CVE-2022-21619 CVE-2022-21624 CVE-2022-21626 CVE-2022-21628 |
|
| kernel-default 4.12.14-122.147.1 |
CVE-2021-4037 CVE-2022-2153 CVE-2022-28693 CVE-2022-3107 CVE-2022-3108 CVE-2022-3169 CVE-2022-33981 CVE-2022-3424 CVE-2022-3521 CVE-2022-3524 CVE-2022-3542 CVE-2022-3545 CVE-2022-3564 CVE-2022-3565 CVE-2022-3567 CVE-2022-3586 CVE-2022-3594 CVE-2022-3621 CVE-2022-3628 CVE-2022-3629 CVE-2022-3635 CVE-2022-3643 CVE-2022-3646 CVE-2022-3649 CVE-2022-3903 CVE-2022-40307 CVE-2022-40768 CVE-2022-4095 CVE-2022-41850 CVE-2022-41858 CVE-2022-42328 CVE-2022-42703 CVE-2022-42895 CVE-2022-42896 CVE-2022-43750 CVE-2022-4378 CVE-2022-43945 CVE-2022-45934 CVE-2022-4662 CVE-2023-23454 |
|
| krb5 1.12.5-40.43.1 |
CVE-2022-42898 |
|
| libcurl4 7.60.0-11.52.1 Curl 7.60.0-11.52.1 |
CVE-2022-43552 |
|
| libdb-4_8 4.8.30-33.1 |
CVE-2019-2708 |
|
| libfreebl3 3.79.3-58.91.1 libsoftokn3 3.79.3-58.91.1 Mozilla-nss 3.79.3-58.91.1 Mozilla-nss-certs 3.79.3-58.91.1 |
CVE-2022-23491 CVE-2022-3479 |
|
| libpython2_7-1_0 2.7.18-33.17.1 libpython3_4m1_0 3.4.10-25.105.1 python-base 2.7.18-33.17.1 python-xml 2.7.18-33.17.1 python3 3.4.10-25.105.1 python3-base 3.4.10-25.105.1 |
CVE-2022-45061 |
|
| libpython3_4m1_0 3.4.10-25.105.1 python3-base 3.4.10-25.105.1 |
CVE-2022-40899 |
|
| libpython3_4m1_0 3.4.10-25.105.1 libpython3_6m1_0 3.6.15-32.2 python3 3.4.10-25.105.1 python3-base 3.4.10-25.105.1 python36 3.6.15-32.2 python36-base 3.6.15-32.2 |
CVE-2020-10735 CVE-2022-37454 |
|
| libksba8 1.3.0-24.6.1 |
CVE-2022-47629 |
|
| libsnmp30 5.7.3-11.6.1 Net-snmp 5.7.3-11.6.1 Perl-SNMP 5.7.3-11.6.1 Snmp-mibs 5.7.3-11.6.1 |
CVE-2022-44793 |
|
| libmspack0 0.4-15.13.1 |
CVE-2018-18586 |
|
| libsystemd0 228-157.49.1 libudev1 228-157.49.1 Systemd 228-157.49.1 systemd-bash-completion 228-157.49.1 systemd-sysvinit 228-157.49.1 Udev 228-157.49.1 |
CVE-2022-3821 CVE-2022-4415 |
|
| python3-setuptools 40.6.2-4.21.1 python36-setuptools 44.1.1-8.6.1 |
CVE-2022-40897 |
|
| sqlite3-tcl 3.39.3-9.26.1 libsqlite3-0 3.39.3-9.26.1 |
CVE-2022-46908 |
|
| Sudo 1.8.27-4.33.1 |
CVE-2022-43995 CVE-2023-22809 |
|
| Vim 9.0.1234-17.12.1 vim-data 9.0.1234-17.12.1 vim-data-common 9.0.1234-17.12.1 |
CVE-2016-1248 CVE-2017-17087 CVE-2017-5953 CVE-2017-6349 CVE-2017-6350 CVE-2021-3778 CVE-2021-3796 CVE-2021-3872 CVE-2021-3875 CVE-2021-3903 CVE-2021-3927 CVE-2021-3928 CVE-2021-3968 CVE-2021-3973 CVE-2021-3974 CVE-2021-3984 CVE-2021-4019 CVE-2021-4069 CVE-2021-4136 CVE-2021-4166 CVE-2021-4192 CVE-2021-4193 CVE-2021-46059 CVE-2022-0128 CVE-2022-0213 CVE-2022-0261 CVE-2022-0318 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0392 CVE-2022-0407 CVE-2022-0413 CVE-2022-0696 CVE-2022-1381 CVE-2022-1420 CVE-2022-1616 CVE-2022-1619 CVE-2022-1620 CVE-2022-1720 CVE-2022-1733 CVE-2022-1735 CVE-2022-1771 CVE-2022-1785 CVE-2022-1796 CVE-2022-1851 CVE-2022-1897 CVE-2022-1898 CVE-2022-1927 CVE-2022-1968 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-2129 CVE-2022-2175 CVE-2022-2182 CVE-2022-2183 CVE-2022-2206 CVE-2022-2207 CVE-2022-2208 CVE-2022-2210 CVE-2022-2231 CVE-2022-2257 CVE-2022-2264 CVE-2022-2284 CVE-2022-2285 CVE-2022-2286 CVE-2022-2287 CVE-2022-2304 CVE-2022-2343 CVE-2022-2344 CVE-2022-2345 CVE-2022-2522 CVE-2022-2571 CVE-2022-2580 CVE-2022-2581 CVE-2022-2598 CVE-2022-2816 CVE-2022-2817 CVE-2022-2819 CVE-2022-2845 CVE-2022-2849 CVE-2022-2862 CVE-2022-2874 CVE-2022-2889 CVE-2022-2923 CVE-2022-2946 CVE-2022-2980 CVE-2022-2982 CVE-2022-3016 CVE-2022-3037 CVE-2022-3099 CVE-2022-3134 CVE-2022-3153 CVE-2022-3234 CVE-2022-3235 CVE-2022-3278 CVE-2022-3296 CVE-2022-3297 CVE-2022-3324 CVE-2022-3352 CVE-2022-3491 CVE-2022-3520 CVE-2022-3591 CVE-2022-3705 CVE-2022-4141 CVE-2022-4292 CVE-2022-4293 CVE-2023-0049 CVE-2023-0051 CVE-2023-0054 CVE-2023-0288 CVE-2023-0433 |
|
| vim-data-common 9.0.1234-17.12.1|1.1.12-1| |
CVE-2009-0316 |
|
| w3m 0.5.3.git20161120-161.6.1 |
CVE-2022-38223 |
|
) for individual scores for each CVE.SP2-based systems
SuSE is no longer distributing updates for SLES 12 SP2.
SP5-based systems
| Third-party Component |
CVEs |
More Information |
| Binutils 2.39-9.50.1 |
CVE-2019-1010204 CVE-2021-3648 CVE-2021-3826 CVE-2021-45078 CVE-2021-46195 CVE-2022-27943 CVE-2022-38126 CVE-2022-38127 CVE-2022-38533 |
See NVD (http://nvd.nist.gov/ |
| Containerd 1.6.12-16.68.1 |
CVE-2022-23471 CVE-2022-27191 |
|
| dbus-1 1.8.22-41.1 |
CVE-2022-42010 CVE-2022-42011 CVE-2022-42012 |
|
| git-core 2.26.2-27.63.2 |
CVE-2022-23521 CVE-2022-39253 CVE-2022-39260 CVE-2022-41903 |
|
| grub2 2.02-153.1 |
CVE-2022-2601 |
|
| grub2 2.02-153.1 grub2-i386-pc 2.02-153.1 grub2-snapper-plugin 2.02-153.1 grub2-systemd-sleep-plugin 2.02-153.1 |
CVE-2022-3775 |
|
| java-1_8_0-openjdk 1.8.0.352-27.81.1 java-1_8_0-openjdk-headless 1.8.0.352-27.81.1 |
CVE-2022-21619 CVE-2022-21624 CVE-2022-21626 CVE-2022-21628 |
|
| kernel-default 4.12.14-122.147.1 |
CVE-2021-4037 CVE-2022-2153 CVE-2022-28693 CVE-2022-3107 CVE-2022-3108 CVE-2022-3169 CVE-2022-33981 CVE-2022-3424 CVE-2022-3521 CVE-2022-3524 CVE-2022-3542 CVE-2022-3545 CVE-2022-3564 CVE-2022-3565 CVE-2022-3567 CVE-2022-3586 CVE-2022-3594 CVE-2022-3621 CVE-2022-3628 CVE-2022-3629 CVE-2022-3635 CVE-2022-3643 CVE-2022-3646 CVE-2022-3649 CVE-2022-3903 CVE-2022-40307 CVE-2022-40768 CVE-2022-4095 CVE-2022-41850 CVE-2022-41858 CVE-2022-42328 CVE-2022-42703 CVE-2022-42895 CVE-2022-42896 CVE-2022-43750 CVE-2022-4378 CVE-2022-43945 CVE-2022-45934 CVE-2022-4662 CVE-2023-23454 |
|
| krb5 1.12.5-40.43.1 |
CVE-2022-42898 |
|
| libcurl4 7.60.0-11.52.1 Curl 7.60.0-11.52.1 |
CVE-2022-43552 |
|
| libdb-4_8 4.8.30-33.1 |
CVE-2019-2708 |
|
| libfreebl3 3.79.3-58.91.1 libsoftokn3 3.79.3-58.91.1 Mozilla-nss 3.79.3-58.91.1 Mozilla-nss-certs 3.79.3-58.91.1 |
CVE-2022-23491 CVE-2022-3479 |
|
| libpython2_7-1_0 2.7.18-33.17.1 libpython3_4m1_0 3.4.10-25.105.1 python-base 2.7.18-33.17.1 python-xml 2.7.18-33.17.1 python3 3.4.10-25.105.1 python3-base 3.4.10-25.105.1 |
CVE-2022-45061 |
|
| libpython3_4m1_0 3.4.10-25.105.1 python3-base 3.4.10-25.105.1 |
CVE-2022-40899 |
|
| libpython3_4m1_0 3.4.10-25.105.1 libpython3_6m1_0 3.6.15-32.2 python3 3.4.10-25.105.1 python3-base 3.4.10-25.105.1 python36 3.6.15-32.2 python36-base 3.6.15-32.2 |
CVE-2020-10735 CVE-2022-37454 |
|
| libksba8 1.3.0-24.6.1 |
CVE-2022-47629 |
|
| libsnmp30 5.7.3-11.6.1 Net-snmp 5.7.3-11.6.1 Perl-SNMP 5.7.3-11.6.1 Snmp-mibs 5.7.3-11.6.1 |
CVE-2022-44793 |
|
| libmspack0 0.4-15.13.1 |
CVE-2018-18586 |
|
| libsystemd0 228-157.49.1 libudev1 228-157.49.1 Systemd 228-157.49.1 systemd-bash-completion 228-157.49.1 systemd-sysvinit 228-157.49.1 Udev 228-157.49.1 |
CVE-2022-3821 CVE-2022-4415 |
|
| python3-setuptools 40.6.2-4.21.1 python36-setuptools 44.1.1-8.6.1 |
CVE-2022-40897 |
|
| sqlite3-tcl 3.39.3-9.26.1 libsqlite3-0 3.39.3-9.26.1 |
CVE-2022-46908 |
|
| Sudo 1.8.27-4.33.1 |
CVE-2022-43995 CVE-2023-22809 |
|
| Vim 9.0.1234-17.12.1 vim-data 9.0.1234-17.12.1 vim-data-common 9.0.1234-17.12.1 |
CVE-2016-1248 CVE-2017-17087 CVE-2017-5953 CVE-2017-6349 CVE-2017-6350 CVE-2021-3778 CVE-2021-3796 CVE-2021-3872 CVE-2021-3875 CVE-2021-3903 CVE-2021-3927 CVE-2021-3928 CVE-2021-3968 CVE-2021-3973 CVE-2021-3974 CVE-2021-3984 CVE-2021-4019 CVE-2021-4069 CVE-2021-4136 CVE-2021-4166 CVE-2021-4192 CVE-2021-4193 CVE-2021-46059 CVE-2022-0128 CVE-2022-0213 CVE-2022-0261 CVE-2022-0318 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0392 CVE-2022-0407 CVE-2022-0413 CVE-2022-0696 CVE-2022-1381 CVE-2022-1420 CVE-2022-1616 CVE-2022-1619 CVE-2022-1620 CVE-2022-1720 CVE-2022-1733 CVE-2022-1735 CVE-2022-1771 CVE-2022-1785 CVE-2022-1796 CVE-2022-1851 CVE-2022-1897 CVE-2022-1898 CVE-2022-1927 CVE-2022-1968 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-2129 CVE-2022-2175 CVE-2022-2182 CVE-2022-2183 CVE-2022-2206 CVE-2022-2207 CVE-2022-2208 CVE-2022-2210 CVE-2022-2231 CVE-2022-2257 CVE-2022-2264 CVE-2022-2284 CVE-2022-2285 CVE-2022-2286 CVE-2022-2287 CVE-2022-2304 CVE-2022-2343 CVE-2022-2344 CVE-2022-2345 CVE-2022-2522 CVE-2022-2571 CVE-2022-2580 CVE-2022-2581 CVE-2022-2598 CVE-2022-2816 CVE-2022-2817 CVE-2022-2819 CVE-2022-2845 CVE-2022-2849 CVE-2022-2862 CVE-2022-2874 CVE-2022-2889 CVE-2022-2923 CVE-2022-2946 CVE-2022-2980 CVE-2022-2982 CVE-2022-3016 CVE-2022-3037 CVE-2022-3099 CVE-2022-3134 CVE-2022-3153 CVE-2022-3234 CVE-2022-3235 CVE-2022-3278 CVE-2022-3296 CVE-2022-3297 CVE-2022-3324 CVE-2022-3352 CVE-2022-3491 CVE-2022-3520 CVE-2022-3591 CVE-2022-3705 CVE-2022-4141 CVE-2022-4292 CVE-2022-4293 CVE-2023-0049 CVE-2023-0051 CVE-2023-0054 CVE-2023-0288 CVE-2023-0433 |
|
| vim-data-common 9.0.1234-17.12.1|1.1.12-1| |
CVE-2009-0316 |
|
| w3m 0.5.3.git20161120-161.6.1 |
CVE-2022-38223 |
|
Affected Products & Remediation
| Product | Affected Versions | Updated Versions | Link to Update |
| Dell Data Protection Central | 19.1 | 19.1 | To upgrade your Dell Data Protection Central system, see Dell KB article 34881: Data Protection Central: How to Install the Data Protection Central operating system Update for installation instructions. See the latest 'Data Protection Central OS Update' file at Dell Support: https://www.dell.com/support/home/en-us/product-support/product/data-protection-central/drivers See the latest 'Data Protection Central OS Updates Release Notes' at Dell Support: https://www.dell.com/support/home/en-us/product-support/product/data-protection-central/docs NOTE: The DPC version number is not updated by the DPC OS Update distribution that provides these fixes. Examine the /etc/dpc-osupdate file to confirm execution of DPC OS Update; this file contains the line: version=1.1.12-1 |
| 19.2 | 19.2 | ||
| 19.3 | 19.3 | ||
| 19.4 | 19.4 | ||
| 19.5 | 19.5 | ||
| 19.6 | 19.6 | ||
| 19.7 | 19.7 | ||
| 19.8 | 19.8 | ||
| PowerProtect DP Series Appliance | 2.5 | 2.5 | To upgrade your PowerProtect DP Series Appliance Dell Data Protection Central component, see Dell KB article 34881: Data Protection Central: How to Install the Data Protection Central operating system Update for installation instructions. See the latest 'Data Protection Central OS Update' file at Dell Support: https://www.dell.com/support/home/en-us/product-support/product/data-protection-central/drivers See the latest 'Data Protection Central OS Updates Release Notes' at Dell Support: https://www.dell.com/support/home/en-us/product-support/product/data-protection-central/docs NOTE: The DPC version number is not updated by the DPC OS Update distribution that provides these fixes. Examine the /etc/dpc-osupdate file to confirm execution of DPC OS Update; this file contains the line: version=1.1.12-1 |
| 2.6.x | 2.6.x | ||
| 2.7.x | 2.7.x | ||
NOTE: For PowerProtect DP Series Appliance (IDPA), the appliance should first be upgraded to any 2.7.x version (version 2.7.2 is preferred) and then aforementioned DP Central patch should be applied.
| Product | Affected Versions | Updated Versions | Link to Update |
| Dell Data Protection Central | 19.1 | 19.1 | To upgrade your Dell Data Protection Central system, see Dell KB article 34881: Data Protection Central: How to Install the Data Protection Central operating system Update for installation instructions. See the latest 'Data Protection Central OS Update' file at Dell Support: https://www.dell.com/support/home/en-us/product-support/product/data-protection-central/drivers See the latest 'Data Protection Central OS Updates Release Notes' at Dell Support: https://www.dell.com/support/home/en-us/product-support/product/data-protection-central/docs NOTE: The DPC version number is not updated by the DPC OS Update distribution that provides these fixes. Examine the /etc/dpc-osupdate file to confirm execution of DPC OS Update; this file contains the line: version=1.1.12-1 |
| 19.2 | 19.2 | ||
| 19.3 | 19.3 | ||
| 19.4 | 19.4 | ||
| 19.5 | 19.5 | ||
| 19.6 | 19.6 | ||
| 19.7 | 19.7 | ||
| 19.8 | 19.8 | ||
| PowerProtect DP Series Appliance | 2.5 | 2.5 | To upgrade your PowerProtect DP Series Appliance Dell Data Protection Central component, see Dell KB article 34881: Data Protection Central: How to Install the Data Protection Central operating system Update for installation instructions. See the latest 'Data Protection Central OS Update' file at Dell Support: https://www.dell.com/support/home/en-us/product-support/product/data-protection-central/drivers See the latest 'Data Protection Central OS Updates Release Notes' at Dell Support: https://www.dell.com/support/home/en-us/product-support/product/data-protection-central/docs NOTE: The DPC version number is not updated by the DPC OS Update distribution that provides these fixes. Examine the /etc/dpc-osupdate file to confirm execution of DPC OS Update; this file contains the line: version=1.1.12-1 |
| 2.6.x | 2.6.x | ||
| 2.7.x | 2.7.x | ||
NOTE: For PowerProtect DP Series Appliance (IDPA), the appliance should first be upgraded to any 2.7.x version (version 2.7.2 is preferred) and then aforementioned DP Central patch should be applied.
Revision History
| Revision | Date | Description |
| 1.0 | 2023-02-13 | Initial Release |
Related Information
Legal Disclaimer
Affected Products
Data Protection Central, PowerProtect Data Protection Appliance, PowerProtect Data Protection Software, Product Security InformationArticle Properties
Article Number: 000209126
Article Type: Dell Security Advisory
Last Modified: 13 Feb 2023
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.