Latest News

Cochlear pilots voice-to-text Salesforce integration for lead management

HESTA draws APRA's ire over massive tech replatforming project

Cyber Engineering launches at ctrl:cyber with former Shelde founders

Bezos' Blue Origin working on orbital data centre technology

WA Health to build data platform, pilot AI at Royal Perth Hospital

Dell patches virtual storage software against OpenSSL, Apache bugs

By Richard Chirgwin

Nov 25 2022 11:54AM

Text4Shell among the bug-fixes.

Dell has been moved to patch vulnerabilities inherited from Apache and OpenSSL.

Dell patches virtual storage software against OpenSSL, Apache bugs

The fixes are for the Dell Virtual Storage Integrator for VMware vSphere client and are outlined in this advisory.

The Apache fix is for the Text4Shell vulnerability, CVE-2022-42889, revealed in mid-October.

In some cases, the CVE advisory explained, Apache Commons versions 1.5 to 1.9 use a Java text manipulation library that can be attacked to gain access to the underlying host.

The OpenSSL bugs, CVE-2022-3602 and CVE-2022-3786, are buffer overruns in how the encryption library handles X.509 certificates and were disclosed and patched earlier this month.

Dell has also updated two older advisories covering its EMC VxRail software.

In one, fixes have been added for a number of VxM SUSE Linux bugs; and in the other, a number of CVEs have been added to the advisory.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © iTnews.com.au . All rights reserved.

Tags:

apache dell openssl security text4shell vcenter vulnerability

Partner Content

Machine identity a key priority for organisations’ security strategies: CyberArk

Partner Content Machine identity a key priority for organisations’ security strategies: CyberArk

Empowering Sustainability: Schneider Electric's Commitment to Driving Customer Success

Partner Content Empowering Sustainability: Schneider Electric's Commitment to Driving Customer Success

Private 5G powers data-driven mining

Partner Content Private 5G powers data-driven mining

Cyber Engineering launches at ctrl:cyber with former Shelde founders

Partner Content Cyber Engineering launches at ctrl:cyber with former Shelde founders

Sponsored Whitepapers

The cloud tipping point

The cloud tipping point

How AI will deliver real business value

How AI will deliver real business value

The multicloud imperative

The multicloud imperative

Your multicloud advantage

Your multicloud advantage

The business value of Oracle Autonomous Database

The business value of Oracle Autonomous Database

Events

iTnews Executive Retreat - Security Leaders Edition

Most Read Articles

ASX outage caused by security software upgrade

ASX outage caused by security software upgrade

WA man jailed for at least five years for evil twin attack

WA man jailed for at least five years for evil twin attack

Services Australia may get powers to rein in data breach exposure

Services Australia may get powers to rein in data breach exposure

Home Affairs to unleash AI on sensitive government data

Home Affairs to unleash AI on sensitive government data

Sydney-based AI-cloud waste startup raises $3m

Sydney-based AI-cloud waste startup raises $3m

Brennan uses NiCE to modernise its contact centre

Brennan uses NiCE to modernise its contact centre

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Interactive introduces private cloud platform

Interactive introduces private cloud platform

Digital61 expands cybersecurity portfolio

Digital61 expands cybersecurity portfolio

Most popular tech stories