Novell Home

My Favorites

Close

Please to see your favorites.

Fixes in Novell ZENworks Patch Management 6.2 SR1 P1 Security Update (6.2.2.190)

(Last modified: 17Jul2006)

This document (10100709) is provided subject to the disclaimer at the end of this document.

goal

Fixes in Novell ZENworks Patch Management 6.2 SR1 P1 Security Update (6.2.2.190)

fact

Novell ZENworks Patch Management

fix

ZENworks Patch Management 6.2 SR1 P1 Security Update

Summary
ZENworks Patch Management 6.2 SR1 P1 (6.2.2.190) is a security update for ZENworks Patch Management 6.2. SR1 (6.2.2.189)
Applies To: ZENworks Patch Management 6.2 SR1 (6.2.2.189)

REQUIREMENTS
The requirements for installing ZENworks Patch Management 6.2 SR1 P1 are as follows:
*     The target ZENworks Patch Management Server must be version 6.2 SR1 (6.2.2.189)
*     The update must be installed by an administrative user (for both ZENworks Patch Management and the target server)
*     The update must be performed locally on the ZENworks Patch Management Server
*     As an update to the ZENworks Patch Management Server, ZENworks Patch Management 6.2 SR1 P1 has the same hardware and software requirements (Refer to PatchLink Knowledge Base Article 252 for additional details regarding the hardware and software requirements of ZENworks Patch Management)

ISSUES RESOLVED
*     Vulnerability which could allow an attacker to write to the server's file system
*     Vulnerability which could allow an attacker to add or delete proxy servers (only impacts users of the PatchLink Distribution Point and FastPatch utility)
*     Vulnerability which could allow an attacker to write data to the PatchLink database

MANUAL UPDATE
1. Download the HotfixInstaller.MSI <http://www.patchlink.com/downloads/support/helpdesk/3808/NOVELL/HotfixInstaller.msi>  to %windir%\temp\ directory
2. Double‑click the HotfixInstaller.MSI file to perform the update

AUTOMATIC UPDATE
ZENworks Patch Management 6.2 SR1 P1 is available as a deployment from your ZENworks Patch Management Server.  If you wish to perform an automated update, deploy the vulnerability from your ZENworks Patch Management Server.

PatchLink Update Server 6.1 P3 and 6.2 SR1 P1 Security Update

PatchLink Update Server 6.1 P3 and 6.2 SR1 P1 correct several security issues discovered in PatchLink Update Server 6.1 and 6.2 SR1 (6.2.0.189).
Applies To: PatchLink Update Server 6.1, 6.2 SR1 (build 6.2.0.189)

ISSUES RESOLVED
Accessibility to the server's file system
Management of PatchLink Distribution Point and the FastPatch utility
Accessibility to the PatchLink database
REQUIREMENTS
The target PatchLink Update Server (PLUS) for 6.2 SR1 P1 must be version 6.2.0.189.
The update must be installed by an administrative user (for both PatchLink Update and the target server).
The update must be performed locally on the PatchLink Update Server.
INSTALLATION
PatchLink Update Server 6.1 P3 and PatchLink Update Server 6.2 SR1 P1 are both available as deployments from your PatchLink Update Server.
After applying the upgrade, the Update Server versions increment as follows:
6.1.0.109 becomes 6.1.0.113
6.1.0.110 becomes 6.1.0.114
6.2.0.189 becomes 6.2.0.190
ACKNOWLEDGEMENTS
PatchLink would like to thank Chris Steipp from Novacoast for reporting this security vulnerability.

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

  • Document ID:
  • 10100709
  • Solution ID: NOVL105419
  • Creation Date: 13Mar2006
  • Modified Date: 17Jul2006
    • NovellManagement Products

Did this document solve your problem? Provide Feedback