CVE
CVE
Breadcrumbs

BASE-1913: Cumulative Security Patch for eptos Release 6.3.x - 2023-11

Overview


Summary

2023-11 Regular Security Update

Advisory Release Date


Products

eptos (All Components)

Affected Releases

eptos 6.3.*

Fixed Releases

Regular Cummulative Update 11-2023

CVE ID

CVE-2018-10237, CVE-2018-11798, CVE-2018-1320,

CVE-2019-0205, CVE-2019-0210, CVE-2019-16869, CVE-2019-17571, CVE-2019-20444, CVE-2019-20445


CVE-2020-13949, CVE-2020-8908, CVE-2020-9493


CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-37136, CVE-2021-37137

CVE-2022-1586, CVE-2022-1587, CVE-2022-23302. CVE-2022-23305, CVE-2022-23307. CVE-2022-24823, CVE-2022-37434 , CVE-2022-48174,

CVE-2023-38545, CVE-2023-25330


GHSA-2qrg-x229-3v8q
GHSA-5mg8-w23w-74h3
GHSA-65fg-84f6-3jq3

GHSA-f7vh-qwp3-x37m
GHSA-fp5r-v3w9-4333
GHSA-g2fg-mr77-6vrm
GHSA-mvr2-9pj6-7w5j
GHSA-rj7p-rfgp-852x
GHSA-vx85-mj8c-4qm6
GHSA-w9p3-5cr8-m3jj
GHSA-wjxj-f8rg-99wx

Issue ID

.jira-issue { padding: 0 0 0 2px; line-height: 20px; } .jira-issue img { padding-right: 5px; } .jira-issue .aui-lozenge { line-height: 18px; vertical-align: top; } .jira-issue .icon { background-position: left center; background-repeat: no-repeat; display: inline-block; font-size: 0; max-height: 16px; text-align: left; text-indent: -9999em; vertical-align: text-bottom; } BASE-1913 - Getting issue details... STATUS

Further information

CVE-2016-3088 is reported false positive, see BASE-1045: Critical CVE-2016-3088 activemq-protobuf 1.1 - False Positive

Summary

This cumulative patch release contains:

  • eptos products utilizes a third-party base technology Alpine linux which is continuously updated. The patch release contains the newest Release of the alpine linux based on the most recent (Oct 2023)

  • Pinpoint client is updated to Release 2.x of pinpoint (see .jira-issue { padding: 0 0 0 2px; line-height: 20px; } .jira-issue img { padding-right: 5px; } .jira-issue .aui-lozenge { line-height: 18px; vertical-align: top; } .jira-issue .icon { background-position: left center; background-repeat: no-repeat; display: inline-block; font-size: 0; max-height: 16px; text-align: left; text-indent: -9999em; vertical-align: text-bottom; } BASE-1551 - Getting issue details... STATUS, .jira-issue { padding: 0 0 0 2px; line-height: 20px; } .jira-issue img { padding-right: 5px; } .jira-issue .aui-lozenge { line-height: 18px; vertical-align: top; } .jira-issue .icon { background-position: left center; background-repeat: no-repeat; display: inline-block; font-size: 0; max-height: 16px; text-align: left; text-indent: -9999em; vertical-align: text-bottom; } BASE-1468 - Getting issue details... STATUS, .jira-issue { padding: 0 0 0 2px; line-height: 20px; } .jira-issue img { padding-right: 5px; } .jira-issue .aui-lozenge { line-height: 18px; vertical-align: top; } .jira-issue .icon { background-position: left center; background-repeat: no-repeat; display: inline-block; font-size: 0; max-height: 16px; text-align: left; text-indent: -9999em; vertical-align: text-bottom; } BASE-1469 - Getting issue details... STATUS)

  • Vulnerability Bug CVE-2022-1586 see .jira-issue { padding: 0 0 0 2px; line-height: 20px; } .jira-issue img { padding-right: 5px; } .jira-issue .aui-lozenge { line-height: 18px; vertical-align: top; } .jira-issue .icon { background-position: left center; background-repeat: no-repeat; display: inline-block; font-size: 0; max-height: 16px; text-align: left; text-indent: -9999em; vertical-align: text-bottom; } BASE-1501 - Getting issue details... STATUS

Software Fixes

The rebuilt images may be found in your customer image repository.

What you need to do

Update the images in your kubernetes.

Mitigation

N/A

Support

If you have questions or concerns regarding this advisory, check back with support (at) paradine,at and add BASE-1913 to your issue description.