A few days ago the IBM reported multiple vulnerabilities in the Java SDK that affects all Notes-&Domino Versions - including 9.0.1.5 .
You may find a summary of all(12!) vulnerabilities here and (Notes) here (Domino).
You may find a summary of all(12!) vulnerabilities here and (Notes) here (Domino).
The vulnerabilities reach CVSS Scores from 4 up to 10(max. value) and should be fixed asap. IBM offers several JVM patches for most Domino/Notes versions. If you can not find what you need you will have to open a PMR and request a custom fix.
Summary
There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 SR16FP15 that is used by IBM Notes Standard Client. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”.
Just two weeks ago I already needed to update all our Domino Servers because of this vulnerability .
Let us hope that it will be the last one in this quarter.
Keine Kommentare:
Kommentar veröffentlichen
Sometimes there is no next time, no second chance, no time out. Sometimes it is now or never.
- Alan Bennett