TIBCO LogLogic 5.7.0 Hotfix SEC2-HF-2407 is now available
Article ID: KB0102227
Updated On:
| Products | Versions |
|---|---|
| TIBCO LogLogic Log Management Intelligence | 5.7.0 |
Description
This is a cumulative security hotfix to deploy package update for LMI 5.7.0.
This hotfix includes all previously available cumulative security hotfixes
for TIBCO LogLogic LMI 5.7.0.
This hotfix has no dependencies on any other non-cumulative hotfixes and
cumulative maintenance hotfixes. It can be used in conjunction with other
non-cumulative hotfixes and cumulative maintenance hotfixes.
================================================================================
Closed Issues in 5.7.0 SEC2-HF-2407
LLCE-2401:
ELSA-2017-1382 Oracle Linux update for sudo
LLCE-2402:
ELSA-2017-1364 - nss security and bug fix update
LLCE-2403:
ELSA-2017-1267 - rpcbind security update
LLCE-2407:
5.7.0 package updates v2 non-cumulative HF for package updates
LLCE-2412:
SambaCry vulnerability
The following security issues are resolved with listed packages or newer ones:
Oracle Linux 6: microcode_ctl (ELSA-2018-0013) (Spectre):
CVE-2017-5715
By microcode_ctl-1.17-25.2.el6_9
Oracle Linux 6 / 7: microcode_ctl (ELSA-2018-0093) (Spectre):
CVE-2017-5715
By microcode_ctl-1.17-25.4.0.1.el6_9
Oracle Linux 6 / 7 : libxml2 (ELSA-2016-1292):
CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836
CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-3627
CVE-2016-3705 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449
By libxml2-2.7.6-21.0.1.el6_8.1 libxml2-python-2.7.6-21.0.1.el6_8.1
Oracle Linux 6 : mysql (ELSA-2017-0184)
CVE-2016-5616 CVE-2016-6662 CVE-2016-6663
By mysql-libs-5.1.73-8.0.1.el6_8
Oracle Linux 6 : file (ELSA-2016-0760)
CVE-2014-3538 CVE-2014-3587 CVE-2014-3710 CVE-2014-8116 CVE-2014-8117
CVE-2014-9620 CVE-2014-9653
By file-5.04-30.el6 file-libs-5.04-30.el6
Oracle Linux 6 : libtiff (ELSA-2016-1547)
CVE-2014-8127 CVE-2014-8129 CVE-2014-8130 CVE-2014-9330 CVE-2014-9655
CVE-2015-1547 CVE-2015-7554 CVE-2015-8665 CVE-2015-8668 CVE-2015-8683
CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-8784 CVE-2016-3632
CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5320
By libtiff-3.9.4-21.el6_8
Oracle Linux 6 / 7 : openssl (ELSA-2016-1940)
CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181
CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306
By openssl-1.0.1e-48.el6_8.4
Oracle Linux 5 / 6 / 7 : bind (ELSA-2016-1944)
CVE-2016-2776
By bind-libs-9.8.2-0.47.rc1.el6_8.1 bind-utils-9.8.2-0.47.rc1.el6_8.1
Oracle Linux 6 / 7 : policycoreutils (ELSA-2016-2702)
CVE-2016-7545
By policycoreutils-2.0.83-30.1.0.1.el6_8
Oracle Linux 5 / 6 / 7 : nss / nss-util (ELSA-2016-2779)
CVE-2016-2834 CVE-2016-5285 CVE-2016-8635
By nss-3.21.3-2.0.1.el6_8 nss-sysinit-3.21.3-2.0.1.el6_8
nss-tools-3.21.3-2.0.1.el6_8 nss-util-3.21.3-1.el6_8
Oracle Linux 6 / 7 : expat (ELSA-2016-2824)
CVE-2016-0718
By expat-2.0.1-13.el6_8
Oracle Linux 6 / 7 : libtiff (ELSA-2017-0225)
CVE-2015-8870 CVE-2016-5652 CVE-2016-9533 CVE-2016-9534 CVE-2016-9535
CVE-2016-9536 CVE-2016-9537 CVE-2016-9540
By libtiff-3.9.4-21.el6_8
Oracle Linux 6 / 7 : ntp (ELSA-2017-0252)
CVE-2016-7426 CVE-2016-7429 CVE-2016-7433 CVE-2016-9310 CVE-2016-9311
By ntp-4.2.6p5-10.0.1.el6_8.2 ntpdate-4.2.6p5-10.0.1.el6_8.2
Oracle Linux 6 / 7 : openssl (ELSA-2017-0286)
CVE-2016-8610 CVE-2017-3731
By openssl-1.0.1e-48.el6_8.4
Oracle Linux 6 : openssh (ELSA-2016-0741)
CVE-2015-5352 CVE-2015-6563 CVE-2015-6564 CVE-2016-1908
By openssh-5.3p1-117.el6 openssh-clients-5.3p1-117.el6
openssh-server-5.3p1-117.el6
Oracle Linux 6 : ntp (ELSA-2016-0780)
CVE-2015-5194 CVE-2015-5195 CVE-2015-5219 CVE-2015-7691 CVE-2015-7692
CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7852 CVE-2015-7977
CVE-2015-7978
By ntp-4.2.6p5-10.el6 ntpdate-4.2.6p5-10.el6
Oracle Linux 6 / 7 : ntp (ELSA-2016-1141)
CVE-2015-7979 CVE-2016-1547 CVE-2016-1548 CVE-2016-1550 CVE-2016-2518
By ntp-4.2.6p5-10.el6.1 ntpdate-4.2.6p5-10.el6.1
Oracle Linux 6 : samba4 (ELSA-2016-1487)
CVE-2016-2119
By samba4-libs-4.2.10-7.el6_8
Oracle Linux 6 / 7 : python (ELSA-2016-1626) (httpoxy)
CVE-2016-1000110
By python-2.6.6-66.0.1.el6_8 python-libs-2.6.6-66.0.1.el6_8
Oracle Linux 6 : ntp (ELSA-2016-3613)
CVE-2013-5211
By ntp-4.2.6p5-10.0.1.el6.1 ntpdate-4.2.6p5-10.0.1.el6.1
Oracle Linux 5 / 6 : bind (ELSA-2016-2093)
CVE-2016-2848
By bind-libs-9.8.2-0.47.rc1.el6_8.2 bind-utils-9.8.2-0.47.rc1.el6_8.2
Oracle Linux 5 / 6 : bind (ELSA-2016-2141)
CVE-2016-8864
By bind-libs-9.8.2-0.47.rc1.el6_8.3 bind-utils-9.8.2-0.47.rc1.el6_8.3
Oracle Linux 6 / 7 : libgcrypt (ELSA-2016-2674)
CVE-2016-6313
By libgcrypt-1.4.5-12.el6_8
Oracle Linux 6 / 7 : sudo (ELSA-2016-2872)
CVE-2016-7032 CVE-2016-7076
By sudo-1.8.6p3-25.el6_8
Oracle Linux 6 / 7 : vim (ELSA-2016-2972)
CVE-2016-1248
By vim-common-7.4.629-5.el6_8.1 vim-enhanced-7.4.629-5.el6_8.1
vim-minimal-7.4.629-5.el6_8.1
Oracle Linux 5 / 6 : bind (ELSA-2017-0063)
CVE-2016-9147
By bind-libs-9.8.2-0.47.rc1.el6_8.4 bind-utils-9.8.2-0.47.rc1.el6_8.4
================================================================================
This hotfix can be downloaded from the TIBCO Support Customer Portal at https://support.tibco.com.
You will need to provide your TIBCO Support Portal credentials. Once logged in you can download
the hotfix by selecting “Downloads” -> “Hotfixes” under AvailableDownloads/LogLogic/LMI/5.7.0_Hotfixes
This hotfix includes all previously available cumulative security hotfixes
for TIBCO LogLogic LMI 5.7.0.
This hotfix has no dependencies on any other non-cumulative hotfixes and
cumulative maintenance hotfixes. It can be used in conjunction with other
non-cumulative hotfixes and cumulative maintenance hotfixes.
================================================================================
Closed Issues in 5.7.0 SEC2-HF-2407
LLCE-2401:
ELSA-2017-1382 Oracle Linux update for sudo
LLCE-2402:
ELSA-2017-1364 - nss security and bug fix update
LLCE-2403:
ELSA-2017-1267 - rpcbind security update
LLCE-2407:
5.7.0 package updates v2 non-cumulative HF for package updates
LLCE-2412:
SambaCry vulnerability
The following security issues are resolved with listed packages or newer ones:
Oracle Linux 6: microcode_ctl (ELSA-2018-0013) (Spectre):
CVE-2017-5715
By microcode_ctl-1.17-25.2.el6_9
Oracle Linux 6 / 7: microcode_ctl (ELSA-2018-0093) (Spectre):
CVE-2017-5715
By microcode_ctl-1.17-25.4.0.1.el6_9
Oracle Linux 6 / 7 : libxml2 (ELSA-2016-1292):
CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836
CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-3627
CVE-2016-3705 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449
By libxml2-2.7.6-21.0.1.el6_8.1 libxml2-python-2.7.6-21.0.1.el6_8.1
Oracle Linux 6 : mysql (ELSA-2017-0184)
CVE-2016-5616 CVE-2016-6662 CVE-2016-6663
By mysql-libs-5.1.73-8.0.1.el6_8
Oracle Linux 6 : file (ELSA-2016-0760)
CVE-2014-3538 CVE-2014-3587 CVE-2014-3710 CVE-2014-8116 CVE-2014-8117
CVE-2014-9620 CVE-2014-9653
By file-5.04-30.el6 file-libs-5.04-30.el6
Oracle Linux 6 : libtiff (ELSA-2016-1547)
CVE-2014-8127 CVE-2014-8129 CVE-2014-8130 CVE-2014-9330 CVE-2014-9655
CVE-2015-1547 CVE-2015-7554 CVE-2015-8665 CVE-2015-8668 CVE-2015-8683
CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-8784 CVE-2016-3632
CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5320
By libtiff-3.9.4-21.el6_8
Oracle Linux 6 / 7 : openssl (ELSA-2016-1940)
CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181
CVE-2016-2182 CVE-2016-6302 CVE-2016-6304 CVE-2016-6306
By openssl-1.0.1e-48.el6_8.4
Oracle Linux 5 / 6 / 7 : bind (ELSA-2016-1944)
CVE-2016-2776
By bind-libs-9.8.2-0.47.rc1.el6_8.1 bind-utils-9.8.2-0.47.rc1.el6_8.1
Oracle Linux 6 / 7 : policycoreutils (ELSA-2016-2702)
CVE-2016-7545
By policycoreutils-2.0.83-30.1.0.1.el6_8
Oracle Linux 5 / 6 / 7 : nss / nss-util (ELSA-2016-2779)
CVE-2016-2834 CVE-2016-5285 CVE-2016-8635
By nss-3.21.3-2.0.1.el6_8 nss-sysinit-3.21.3-2.0.1.el6_8
nss-tools-3.21.3-2.0.1.el6_8 nss-util-3.21.3-1.el6_8
Oracle Linux 6 / 7 : expat (ELSA-2016-2824)
CVE-2016-0718
By expat-2.0.1-13.el6_8
Oracle Linux 6 / 7 : libtiff (ELSA-2017-0225)
CVE-2015-8870 CVE-2016-5652 CVE-2016-9533 CVE-2016-9534 CVE-2016-9535
CVE-2016-9536 CVE-2016-9537 CVE-2016-9540
By libtiff-3.9.4-21.el6_8
Oracle Linux 6 / 7 : ntp (ELSA-2017-0252)
CVE-2016-7426 CVE-2016-7429 CVE-2016-7433 CVE-2016-9310 CVE-2016-9311
By ntp-4.2.6p5-10.0.1.el6_8.2 ntpdate-4.2.6p5-10.0.1.el6_8.2
Oracle Linux 6 / 7 : openssl (ELSA-2017-0286)
CVE-2016-8610 CVE-2017-3731
By openssl-1.0.1e-48.el6_8.4
Oracle Linux 6 : openssh (ELSA-2016-0741)
CVE-2015-5352 CVE-2015-6563 CVE-2015-6564 CVE-2016-1908
By openssh-5.3p1-117.el6 openssh-clients-5.3p1-117.el6
openssh-server-5.3p1-117.el6
Oracle Linux 6 : ntp (ELSA-2016-0780)
CVE-2015-5194 CVE-2015-5195 CVE-2015-5219 CVE-2015-7691 CVE-2015-7692
CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7852 CVE-2015-7977
CVE-2015-7978
By ntp-4.2.6p5-10.el6 ntpdate-4.2.6p5-10.el6
Oracle Linux 6 / 7 : ntp (ELSA-2016-1141)
CVE-2015-7979 CVE-2016-1547 CVE-2016-1548 CVE-2016-1550 CVE-2016-2518
By ntp-4.2.6p5-10.el6.1 ntpdate-4.2.6p5-10.el6.1
Oracle Linux 6 : samba4 (ELSA-2016-1487)
CVE-2016-2119
By samba4-libs-4.2.10-7.el6_8
Oracle Linux 6 / 7 : python (ELSA-2016-1626) (httpoxy)
CVE-2016-1000110
By python-2.6.6-66.0.1.el6_8 python-libs-2.6.6-66.0.1.el6_8
Oracle Linux 6 : ntp (ELSA-2016-3613)
CVE-2013-5211
By ntp-4.2.6p5-10.0.1.el6.1 ntpdate-4.2.6p5-10.0.1.el6.1
Oracle Linux 5 / 6 : bind (ELSA-2016-2093)
CVE-2016-2848
By bind-libs-9.8.2-0.47.rc1.el6_8.2 bind-utils-9.8.2-0.47.rc1.el6_8.2
Oracle Linux 5 / 6 : bind (ELSA-2016-2141)
CVE-2016-8864
By bind-libs-9.8.2-0.47.rc1.el6_8.3 bind-utils-9.8.2-0.47.rc1.el6_8.3
Oracle Linux 6 / 7 : libgcrypt (ELSA-2016-2674)
CVE-2016-6313
By libgcrypt-1.4.5-12.el6_8
Oracle Linux 6 / 7 : sudo (ELSA-2016-2872)
CVE-2016-7032 CVE-2016-7076
By sudo-1.8.6p3-25.el6_8
Oracle Linux 6 / 7 : vim (ELSA-2016-2972)
CVE-2016-1248
By vim-common-7.4.629-5.el6_8.1 vim-enhanced-7.4.629-5.el6_8.1
vim-minimal-7.4.629-5.el6_8.1
Oracle Linux 5 / 6 : bind (ELSA-2017-0063)
CVE-2016-9147
By bind-libs-9.8.2-0.47.rc1.el6_8.4 bind-utils-9.8.2-0.47.rc1.el6_8.4
================================================================================
This hotfix can be downloaded from the TIBCO Support Customer Portal at https://support.tibco.com.
You will need to provide your TIBCO Support Portal credentials. Once logged in you can download
the hotfix by selecting “Downloads” -> “Hotfixes” under AvailableDownloads/LogLogic/LMI/5.7.0_Hotfixes
Issue/Introduction
TIBCO LogLogic 5.7.0 Hotfix SEC2-HF-2407 is now available
Environment
All supported platforms running software version 5.7.0
Resolution
Install this security hotfix following the instructions in the attached Readme
Attachments
Feedback
Yes
No
Powered by
