Veritas NetBackup™ Appliance Release Notes
- About NetBackup Appliance 3.0
- NetBackup Appliance 3.0 features, enhancements, and changes
- NetBackup Appliance Hardware features
- NetBackup Appliance compatibility
- Operational notes
- About NetBackup support utilities
- Appendix A. Release content
- Appendix B. Related documents
NetBackup Appliance security release content
The following list contains the known security issues that were fixed and that are now included in this release of NetBackup appliance software:
After you remove a user from the AD user group, the appliance requires up to 30 minutes to synchronize group members with the AD server. During this period, the deleted user still can access the appliance. This behaviour is caused by a dependency limitation of the 3rd Party software Samba 3.5.
The appliance software is updated to the RHEL 6.8 Kernel to address the following security vulnerabilities:
CVE-2015-5157
CVE-2015-8767
CVE-2010-5313
CVE-2013-4312
CVE-2014-7842
CVE-2014-8134
CVE-2015-5156
CVE-2015-7509
CVE-2015-8215
CVE-2015-8324
CVE-2015-8543
CVE-2016-4565
The libtiff-3.9.4-18.el6_8 package has been updated to address the following security vulnerabilities:
CVE-2014-9655
CVE-2015-1547
CVE-2015-8784
CVE-2015-8683
CVE-2015-8665
CVE-2015-8781
CVE-2015-8782
CVE-2015-8783
CVE-2016-3990
CVE-2016-5320
CVE-2014-8127
CVE-2014-8129
CVE-2014-8130
CVE-2014-9330
CVE-2015-7554
CVE-2015-8668
CVE-2016-3632
CVE-2016-3945
CVE-2016-3991
The libxml2-2.7.6-21.el6_8.1 and libxml2-python-2.7.6-21.el6_8.1 packages have been updated to address the security vulnerability RHSA-2016:1292.
The JRE version has been updated to 1.8.0_92 to address the security vulnerabilities:
CVE-2016-3458
CVE-2016-3485
CVE-2016-3498
CVE-2016-3500
CVE-2016-3503
CVE-2016-3508
CVE-2016-3511
CVE-2016-3550
CVE-2016-3552
CVE-2016-3587
CVE-2016-3598
CVE-2016-3606
CVE-2016-3610
CVE-2016-0686
CVE-2016-0695
The Kernel packages have been updated to kernel-2.6.32-573.el6 to address the following security vulnerabilities:
CVE-2015-5157
CVE-2015-8767
The openssl-1.0.1e-48.el6_8.1 and openssl-devel-1.0.1e-48.el6_8.1 packages have been updated to address the following security vulnerabilities:
CVE-2016-2108
CVE-2016-2105
CVE-2016-2106
CVE-2016-2107
CVE-2016-0799
CVE-2016-2842
CVE-2016-2109