Multiple vulnerabilities resolved by Critical Patch Build 1275 in SafeSync for Enterprise 3.1

- Updated:
- 24 Nov 2016
- Product/Version:
- Safesync For Enterprise
- Platform:
- iOS 9.2

Summary

Learn about the vulnerabilities in SafeSync for Enterprise (SSFE) 3.1 that can be resolved by applying Critical Patch B1275.

Details

SafeSync for Enterprise 3.1 Critical Patch Build 1275 is now available in the Download Center. The critical patch updates the OpenSSH-Client/OpenSSH-Server package to 1:5.9p1-5ubuntu1.8 in order to address the following vulnerabilities:

CVE-2016-0777, a vulnerability in OpenSSH Server which may allow remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer
CVE-2016-0778, a vulnerability in OpenSSH Server which may allow remote servers to cause a denial of service (heap-based buffer overflow)
Cross-Site Scripting vulnerability in the Search function of the End User Portal

The vulnerabilities mentioned above affect the users of SafeSync for Enterprise 3.1 with build lower than 1275.

Additionally, this critical patch includes a number of enhancements since the release of SSFE 3.1 GM build. Refer to the Read Me file for more details.

Rating:

Category:

Upgrade

Solution Id:

1113575

Feedback

Did this article help you?

Thank you for your feedback!

What was the problem with this article?

The image(s) in the article did not display properly.

The article did not provide detailed procedure.

The article is hard to understand and follow.

The video did not play properly.

The article did not resolve my issue.

Others. Please specify.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

Thanks for voting.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.