RSS-Feed: Xerox Security Bulletins

Feed-URL:   


Was ist ein RSS-Feed?

"RSS-Feed" (RSS = Really Simple Syndication) ist eine allgemeine Bezeichnung für so genannte "Syndication-Feeds" in unterschiedlichen Formaten (z. B. die auch von Xerox verwendeten Formate Atom 1.0 und RSS 2.0). Syndication-Feeds ermöglichen die Veröffentlichung von Text- und Medieninhalten. Benutzer können sie abonnieren, so dass sie immer die neuesten Inhalte erhalten.

Wie abonniere ich einen RSS-Feed?

Feeds werden in der Regel mit so genannten "Feedreadern" gelesen. Es gibt zahlreiche Feedreader-Anwendungen in unterschiedlichen Formen. So sind einige Webbrowser und E-Mail-Programme in der Lage, Feeds zu lesen. Außerdem gibt es verschiedene Feedreader-Anwendungen im Web und spezifische Desktop-Programme zum Lesen von Feeds.

Diese Seite erleichtert es Ihnen, einen Feed auf die gewünschte Weise zu abonnieren:

  • Um den Feed mit einer der links aufgeführten Online-Anwendungen zu abonnieren, klicken Sie auf das entsprechende Symbol.
  • Um den Feed mit einem Desktop-Programm zu abonnieren, klicken Sie oben auf "Feed-XML anzeigen"
  • Sie können den Feed-URL auch im obenstehenden Feld kopieren und in Ihre Feedreader-Anwendung einfügen.

Feed-Inhalt

Xerox Security Bulletin XRX14-003 v1.0
Tue Apr 22 11:55:09 2014

Software Release to Eliminate SQL Injection Vulnerability

An SQL injection vulnerability exists that, if exploited, could allow remote attackers to insert arbitrary code into the applicable software application. If successful, an attacker could make unauthorized changes to, damage or delete database tables and values.

A set of software “hotfixes” for the software application listed below have been provided that removes this vulnerability. These “hotfixes” are designed to be installed by the customer. The software “hotfixes” are contained in .tar files for Linux and Solaris or .exe/. jar files for Windows and can be accessed via the link to the DocuShare Support & Software Page (http://www.support.xerox.com/support/xerox-docushare/software/enus.htm) or via the links in this bulletin.

Affected Products:
Windows Server 2003 & Windows Server 2008:
DocuShare 6.5.3 Patch 6 -- DocuShare 6.5.3 Patch 6 Hotfix 2 for Windows Server

Windows Server 2008 x64 & Windows Server 2008 x64:
DocuShare 6.5.3 Patch 6 -- DocuShare 6.5.3 Patch 6 Hotfix 2 for Windows Server
DocuShare 6.6.1 Update 1-- DocuShare 6.6.1 Update 1 Hotfix 24 for Windows Server
DocuShare 6.6.1 Update 2 -- DocuShare 6.6.1 Update 2 Hotfix 3 for Windows Server

Windows Server 2012 R2 & Windows Server 2012 x64:
DocuShare 6.6.1 Update 1-- DocuShare 6.6.1 Update 1 Hotfix 24 for Windows Server
DocuShare 6.6.1 Update 2 -- DocuShare 6.6.1 Update 2 Hotfix 3 for Windows Server

Linux:
DocuShare 6.5.3 Patch 6 -- DocuShare 6.5.3 Patch 6 Hotfix 2 for Linux
DocuShare 6.6.1 Update 2 -- DocuShare 6.6.1 Update 2 Hotfix 3 for Linux

Unix & Solaris:

DocuShare 6.5.3 Patch 6 -- DocuShare 6.5.3 Patch 6 Hotfix 2 for Solaris UNIX
DocuShare 6.6.1 Update 2 -- DocuShare 6.6.1 Update 2 Hotfix 3 for Solaris UNIX





Xerox Security Bulletin XRX14-002 v1.0
Wed Apr 16 15:38:18 2014

FreeFlow Print Server v7, v8 and v9
January 2014 Security Patch Cluster (includes Java 6 Update 71 Software)


Oracle delivers quarterly Critical Patch Updates (CPU) to address US-CERT-announced Security vulnerabilities and deliver reliability improvements to the Solaris Operating System. Oracle no longer provides these patches to the general public, but Xerox is authorized to deliver them to Customers with active FreeFlow Print Server (FFPS) Support Contracts (FSMA). Customers who may have an Oracle Support Contract for their non-FFPS Solaris Servers should not install patches that have not been customized by Xerox. Otherwise the FFPS software could be damaged and result in downtime and a lengthy re-installation service call.

This bulletin announces the availability of the following:

1. Jan 2014 Security Patch Cluster
This supersedes the October 2013 Security Patch Cluster
2. Java 6 Update 71 Software
This supersedes Java 6 Update 65 Software




Xerox Security Bulletin XRX13-002 v1.1
Mon Apr 7 08:29:52 2014

Cumulative update for Common Criteria Certification
System Software Version 061.080.221.36200 for the ColorQube 9201/9202/9203 Single Board Controller models is a cumulative update that incorporates security vulnerability fixes up through 06 Jan 2012 as well as other non-security related defect fixes. This release is Common Criteria certified (see http://www.xerox.com/information-security/common-criteria-certified/enus.html).

This system software release for the products listed below is designed to be installed by the customer. Please follow the procedures in the bulletin to install the solution. This system software version is a full system release so the patch criticality rating is not applicable.

The software release is compressed into a 441.3 MB zip file and can be accessed via the link in this bulletin document.