The following BigFix Patch Download Plugin’s and Cacher’s have been updated to address security vulnerabilities found during internal security testing.
Updated Tools Version:
| AIX Download Plugin | 5.0.1.0 |
|---|---|
| AIX Download Cacher | 8.0.0.3 |
| AIX R2 Download Plugin | 1.0.1.3 |
| RHSM Download Plugin | 1.0.10.0 |
| RHSM Download Cacher | 1.0.10.0 |
| OEL Download Plugin | 1.0.1.0 |
| OEL Download Cacher | 1.0.1.0 |
| Rocky Download Plugin | 1.0.1.0 |
| Rocky Download Cacher | 1.0.1.0 |
| Solaris Download Plugin | 3.0.1.0 |
| Solaris Download Cacher | 7.0.0.2 |
| SCC Download Plugin | 1.1.6.0 |
| SCC Download Cacher | 1.1.6.0 |
| CentOS R2 Download Plugin | 1.0.1.0 |
| CentOS R2 Download Cacher | 1.0.1.0 |
| OpenSuSE Download Plugin | 1.0.1.0 |
| OpenSuSE Download Cacher | 1.0.1.0 |
Reasons for update:
The new version of the plugins resolves security vulnerabilities.
Actions to take:
- Gathering of the Patching Support site version 1177 or later will have the new content available.
- From the “Manage Download Plug-ins” dashboard select each Plug-in with the following state of “New Version Available” and click on the “Upgrade” button. Then you must use the “Configure” button to reapply any required proxy and/or 3rd party vendor credentials. If you do not require a proxy configuration, simply leave the requested entries blank with no values and proceed with the configuration process.
Note: Security Bulletins with the details of the resolved vulnerabilities are published here: Security Bulletin: HCL BigFix Patch Management Download Plug-ins is affected by multiple security vulnerabilities - Customer Support
Published site version:
Patching Support, version 1177
Application Engineering Team
BigFix