Skip to main content

BASE-1913: Cumulative Security Patch for eptos Release 6.3.x - 2023-11

Overview

Summary

2023-11 Regular Security Update

Advisory Release Date

Products

eptos (All Components)

Affected Releases

eptos 6.3.*

Fixed Releases

Regular Cummulative Update 11-2023

CVE ID

CVE-2018-10237, CVE-2018-11798, CVE-2018-1320,

CVE-2019-0205, CVE-2019-0210, CVE-2019-16869, CVE-2019-17571, CVE-2019-20444, CVE-2019-20445


CVE-2020-13949, CVE-2020-8908, CVE-2020-9493


CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-37136, CVE-2021-37137

CVE-2022-1586, CVE-2022-1587, CVE-2022-23302. CVE-2022-23305, CVE-2022-23307. CVE-2022-24823, CVE-2022-37434 , CVE-2022-48174,

CVE-2023-38545, CVE-2023-25330


GHSA-2qrg-x229-3v8q
GHSA-5mg8-w23w-74h3
GHSA-65fg-84f6-3jq3

GHSA-f7vh-qwp3-x37m
GHSA-fp5r-v3w9-4333
GHSA-g2fg-mr77-6vrm
GHSA-mvr2-9pj6-7w5j
GHSA-rj7p-rfgp-852x
GHSA-vx85-mj8c-4qm6
GHSA-w9p3-5cr8-m3jj
GHSA-wjxj-f8rg-99wx

Issue ID

BASE-1913

Further information

CVE-2016-3088 is reported false positive, see BASE-1045: Critical CVE-2016-3088 activemq-protobuf 1.1 - False Positive

Summary

This cumulative patch release contains:

  • eptos products utilizes a third-party base technology Alpine linux which is continuously updated. The patch release contains the newest Release of the alpine linux based on the most recent (Oct 2023)

  • Pinpoint client is updated to Release 2.x of pinpoint (see BASE-1551, BASE-1468, BASE-1469)

  • Vulnerability Bug CVE-2022-1586 see BASE-1501

Software Fixes

The rebuilt images may be found in your customer image repository.

What you need to do

Update the images in your kubernetes.

Mitigation

N/A

Support

If you have questions or concerns regarding this advisory, check back with support (at) paradine,at and add BASE-1913 to your issue description.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close