[Linux-PowerEdge] [Security Alert] srvadmin-jre-9.3.0-3465.14818.el7.x86_64 vulnerable

Puneet_Sapra at Dell.com Puneet_Sapra at Dell.com
Wed Dec 4 08:14:37 CST 2019

Hello Zbigniew,

Thank you for reaching out to us.
The reported issue will be addressed in the upcoming OpenManage Server Administrator 9.4 release which will be releasing by end of December 2019.

Thanks and Regards,
Puneet Sapra - Dell EMC

Date: Wed, 27 Nov 2019 21:03:45 +0100
From: "mr.zbiggy" <mr.zbiggy at upcpoczta.pl>
To: linux-poweredge at dell.com
Subject: [Linux-PowerEdge] [Security Alert]
	srvadmin-jre-9.3.0-3465.14818.el7.x86_64 vulnerable
Message-ID: <39c23c96-e43b-9f36-c48e-1e9dd977ef90 at upcpoczta.pl>
Content-Type: text/plain; charset="utf-8"



Nessus Security Scanner:
CRITICAL 1000 Oracle Java JRE Unsupported Version Detection (Unix) MEDIUM 500 Oracle Java SE Multiple Vulnerabilities (July 2018 CPU) (Unix) The following Java JRE installation is unsupported :

Path              : /opt/dell/srvadmin/lib64/openmanage/
Installed version : 1.10.0_1
Latest versions   : 1.8.0_211 / 1.11.0_03 / 1.12.0_1
Support dates     : 2018-10-01 (end of life)

This outdated, unsupported java is installed by package:

According to its self-reported version number, at least one installation of Oracle (formerly Sun) Java JRE on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. Note that Oracle does provide support contracts under the 'Oracle Lifetime Support' program. If the detected JRE is supported under this program, this may be a false positive.

The remote host contains one or more unsupported versions of the Oracle Java JRE.

Upgrade to a version of Oracle Java JRE that is currently supported.



Subject: Digest Footer

Linux-PowerEdge mailing list
Linux-PowerEdge at dell.com


End of Linux-PowerEdge Digest, Vol 180, Issue 13

More information about the Linux-PowerEdge mailing list