[BESAdmin-Announcements] Tools Updated: BigFix Patch Download Plugins are updated
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Fri Sep 29 08:36:45 PDT 2023
The following BigFix Patch download Plugins have been updated to store
proxy/vendor password securely.
*Updated Tools Version:*
*Plug-in Name*
*Version*
AIX Plug-in
5.0.0.3
AIX Plug-in R2
1.0.1.2
CentOS Plug-in R2
1.0.0.7
RHSM Plug-in (Red Hat)
1.0.8.0
RockyLinux Plug-in
1.0.0.2
SCC Plug-in (SUSE)
1.1.5.0
OEL Plug-in
1.0.0.1
Solaris Plug-in
3.0.0.2
HP-UX Plug-in
7.0.0.1
*Reasons for update:*
A vulnerability was found in BigFix Patch and Manage Download Plug-ins.
Plugin target and proxy credentials are stored insecurely and could be
exposed to a local privileged user.
*Actions to take:*
- Gathering of the Patching Support site version 1055 or later will have
the new content available.
- From the “Manage Download Plug-ins” dashboard select each Plug-in with
the following state of “New Version Available” and click on the "Upgrade"
button. Then you must use the “Configure” button to reapply any required
proxy and/or 3rd party vendor credentials. If you do not require a proxy
configuration, simply leave the requested entries blank with no values and
proceed with the configuration process.
*Published site version:*
Patching Support, version 1055
Application Engineering Team
BigFix
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20230929/deda428c/attachment.html>
More information about the Besadmin-announcements
mailing list