まっちゃだいふくの日記

セキュリティのこと、ITの気になった記事をリンクしています。

Deep Security 11.0 update 24 ( DeepSecurity 11U24 )がリリースされています@ 脆弱性対応(詳細は不明)

IT トレンドマイクロ

Deep Security Manager 11.0 update 24

Deep Security Manager - 11.0 update 24
Release date: October 19, 2020

Build number: 11.0.439

Resolved issues

  • For Oracle databases, a "Severe" message occurred in the server log after a fresh installation. DSSEG-6065

Deep Security Linux Agent 11.0 update 24

Deep Security Agent - 11.0 update 24
Release date: October 19, 2020

Build number: 11.0.0-1690

Enhancements

  • Upgraded VMware NetX SDK to support VMware NSX 6.4.8. Note: Deep Security Virtual Appliance 9.5 can not be upgraded to this release because it has reached end of support. DSSEG-5937

Resolved issues

  • The dsa_query command didn't display Anti-Malware patterns correctly. DSSEG-6123
  • The Deep Security Agent SAP scanner could not detect the MIME type of TTF files. SEG-84373/SF03499770/DSSEG-6053
  • When Anti-Malware and Application Control were enabled, stopping the ds_agent service could cause high CPU. SEG-85738/SF03595067/DSSEG-6158

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-5252

  • Highest CVSS: 7.8
  • Highest severity: High

Deep Security UNIX Agent 11.0 update 24

Deep Security Agent - 11.0 update 24
Release date: October 19, 2020

Build number: 11.0.0-1690

Resolved issues

  • When using Deep Security Agent on Solaris, the port scanning feature of the Integrity Monitoring module did not work because the agent did not have access to information on the User ID under which a given port was opened. This prevented storage of any listening port information. The port scanning feature on Solaris agents has been modified to store the string "n/a" for the User ID. This allows the remaining port information to be stored and used in the port scanning function. However, exclusions and inclusions based on User ID still do not function correctly because this information is not available. DSSEG-6145

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-5252

  • Highest CVSS: 7.8
  • Highest severity: High

Deep Security Windows Agent 11.0 update 24

Deep Security Agent - 11.0 update 24
Release date: October 19, 2020

Build number: 11.0.0-1690

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-5252

  • Highest CVSS: 7.8
  • Highest severity: High