List of Security Fixes and Improvements in Veeam Backup & Replication

Purpose This article describes all security-related fixes and improvements introduced in each release or update of Veeam Backup & Replication. The goal of this article is to provide our customers' security and compliance teams with detailed information on security improvements between releases, i...

Release Notes for Veeam Backup & Replication 10 Day 0 Update

Challenge This "Day 0" update is intended only for environments where Veeam Backup & Replication 10 RTM 10.0.0.4442 is installed. If you are running Veeam Backup & Replication 10 GA build 10.0.0.4461 or later, this update is not applicable to you, and should be ignored. This update is provided to...

Release Information for Veeam Backup & Replication 10

This version has been superseded by Veeam Backup & Replication 10a. Challenge Release information for Veeam Backup & Replication 10. NOTE : A cumulative hotfix rollup that addresses issues reported by customers on the original build of v10 GA is now available, click here for more information...

How to Merge Veeam Data Platform Licenses

Purpose This article documents the process for merging and unmerging licenses for Veeam Data Platform. Notes: Veeam Backup & Replication - Merging licenses for Veeam Backup & Replication can either be done in the application by combining a socket and an instance license or through the Veeam My...

Vulnerability of the Server:Replication component of the Oracle MySQL database management system, allowing attackers to gain unauthorized access to confidential data

The vulnerability of the Server:Replication component of the Oracle MySQL database management system is related to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to confidential data...

Release notes for Veeam Backup for Microsoft 365 4b

Challenge Release Notes for Veeam Backup for Microsoft 365 4b. Please note that Veeam Backup for Microsoft 365 4с is now available and contains all the resolved issues from Veeam Backup for Microsoft 365 4b. Cause Please confirm you are running Veeam Backup for Microsoft 365 version 2.0 builds...

openSUSE Security Update : samba (openSUSE-2020-122)

This update for samba fixes the following issues : Security issues fixed : - CVE-2019-14907: Fixed a Server-side crash after charset conversion failure during NTLMSSP processing bsc1160888. - CVE-2019-14902: Fixed an issue where automatic replication of ACLs down subtree on AD Directory is not...

Security update for samba (moderate)

openSUSE Security Update: Security update for samba Announcement ID: openSUSE-SU-2020:0122-1 Rating: moderate References: 1141320 1160850 1160852 1160888 Cross-References: CVE-2019-14902 CVE-2019-14907 CVE-2019-19344 Affected Products: openSUSE Leap 15.1 An update that solves three vulnerabilitie...

OPENSUSE-SU-2020:0122-1 Security update for samba

This update for samba fixes the following issues: Security issues fixed: - CVE-2019-14907: Fixed a Server-side crash after charset conversion failure during NTLMSSP processing bsc1160888. - CVE-2019-14902: Fixed an issue where automatic replication of ACLs down subtree on AD Directory is not...

Updated samba packages fix security vulnerabilities

The implementation of ACL inheritance in the Samba AD DC was not complete, and so absent a 'full-sync' replication, ACLs could get out of sync between domain controllers CVE-2019-14902. When processing untrusted string input Samba can read past the end of the allocated buffer when printing a...

SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2020:0223-1)

This update for samba fixes the following issues : Security issues fixed : CVE-2019-14907: Fixed a Server-side crash after charset conversion failure during NTLMSSP processing bsc1160888. CVE-2019-14902: Fixed an issue where automatic replication of ACLs down subtree on AD Directory is not workin...

SUSE-SU-2020:0224-1 Security update for samba

This update for samba fixes the following issues: - CVE-2019-14902: Fixed an issue where automatic replication of ACLs down subtree on AD Directory is not working bsc1160850. - CVE-2019-14907: Fixed a Server-side crash after charset conversion failure during NTLMSSP processing bsc1160888...

SUSE-SU-2020:0223-1 Security update for samba

This update for samba fixes the following issues: Security issues fixed: - CVE-2019-14907: Fixed a Server-side crash after charset conversion failure during NTLMSSP processing bsc1160888. - CVE-2019-14902: Fixed an issue where automatic replication of ACLs down subtree on AD Directory is not...

Veeam Availability Console v3 Patch 4 (build 2795)

Challenge Veeam Availability Console v3 Patch 4 build 2795. This update supersedes Veeam Availability Console v3 Patch 3 build 2762. Cause Please confirm you are running version 3.0.0.2647 or later prior to installing this Patch 4. You can check this under Windows Programs and features. After...

CVE-2019-14902

A flaw was found in samba. A newly delegated right, but more importantly the removal of a delegated right, would not be inherited on any DC other than the one where the change was made; the removal would not automatically be taken away on all domain controllers. The highest threat from this...

Replication of ACLs set to inherit down a

Description A newly delegated right, but more importantly the removal of a delegated right, would not be inherited on any DC other than the one where the change was made. For example: - if a user or group was previously delegated the right to create or modify a subtree say to allow desktop suppor...

Veeam Intelligent Diagnostics signature UID field

If you are not using Veeam ONE or your Veeam ONE server is not connected and monitoring Veeam Backup & Replication, you will not have a VID to enter during case creation. Simply leave the field blank. Purpose This article provides answers to frequently asked questions about the "Veeam Intelligent...

CVE-2019-2614

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple...

CVE-2019-2636

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Group Replication Plugin. Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via MySQL Procotol to compromise MySQL...

StoreFront 3.13 - Propagation fails An error occurred running the command: Add-DSFeatureInstances

Both StoreFront servers are Server 2012R2 fresh install and fully updated. Clean install of SF 3.13 completed successfully on both servers. Log Name: Citrix Delivery Services Source: Citrix Configuration Replication Service Level : Error Description : An error occurred running the command:...