1. 修复的CVE信息
CVE-2021-32027
ZOHO ManageEngine OpManager是美国卓豪(ZOHO)公司的一套网络、服务器及虚拟化监控软件。Zoho ManageEngine OpManager中存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。以下产品及版本受到影响:Zoho ManageEngine OpManager: 12.5 125000, 12.5 125001, 12.5 125002, 12.5 125003, 12.5 125004, 12.5 125005, 12.5 125006, 12.5 125007, 12.5 125008, 12.5 125009, 12.5 125010, 12.5 125100, 12.5 125101, 12.5 125102, 12.5 125108, 12.5 125110, 12.5 125111, 12.5 125112, 12.5 125113, 12.5 125114, 12.5 125116, 12.5 125117, 12.5 125118, 12.5 125120, 12.5 125121, 12.5 125123, 12.5 125124, 12.5 125125, 12.5 125127, 12.5 125128, 12.5 125129, 12.5 125136, 12.5 125137, 12.5 125139, 12.5 125140, 12.5 125143, 12.5 125144, 12.5 125145, 12.5 125147, 12.5 125148, 12.5 125149, 12.5 125150, 12.5 125156, 12.5 125157, 12.5 125158, 12.5 125159, 12.5 125161, 12.5 125163, 12.5 125174, 12.5 125175, 12.5 125176, 12.5 125177, 12.5 125178, 12.5 125180, 12.5 125181, 12.5 125192, 12.5 125193, 12.5 125194, 12.5 125195, 12.5 125196, 12.5 125197, 12.5 125198, 12.5 125201, 12.5 125203, 12.5 125204, 12.5 125212, 12.5 125213, 12.5 125214, 12.5 125215, 12.5 125216, 12.5 125221, 12.5 125228, 12.5 125229, 12.5 125230, 12.5 125231, 12.5 125232, 12.5 125233, 12.5 125235, 12.5 125300, 12.5 125306, 12.5 125307, 12.5 125312, 12.5 125323, 12.5 125324, 12.5 125326, 12.5 125328, 12.5 125329, 12.5 125340, 12.5 125341, 12.5 125342, 12.5 125343, 12.5 125344, 12.5 125346, 12.5 125358, 12.5 125359, 12.5 125360, 12.5 125361, 12.5 125362, 12.5 125364, 12.5 125366, 12.5 125375, 12.5 125376, 12.5 125377, 12.5 125378, 12.5 125379, 12.5 125380, 12.5 125381, 12.5 125382, 12.5 125392, 12.5 125393, 12.5 125394
CVE-2021-32028
Red Hat是美国红帽(Red Hat)公司的一个操作系统。提供了一个开源的操作系统。Red Hat Enterprise Linux 中存在安全漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。以下产品及版本受到影响:Zoho ManageEngine OpManager: 12.5 125000, 12.5 125001, 12.5 125002, 12.5 125003, 12.5 125004, 12.5 125005, 12.5 125006, 12.5 125007, 12.5 125008, 12.5 125009, 12.5 125010, 12.5 125100, 12.5 125101, 12.5 125102, 12.5 125108, 12.5 125110, 12.5 125111, 12.5 125112, 12.5 125113, 12.5 125114, 12.5 125116, 12.5 125117, 12.5 125118, 12.5 125120, 12.5 125121, 12.5 125123, 12.5 125124, 12.5 125125, 12.5 125127, 12.5 125128, 12.5 125129, 12.5 125136, 12.5 125137, 12.5 125139, 12.5 125140, 12.5 125143, 12.5 125144, 12.5 125145, 12.5 125147, 12.5 125148, 12.5 125149, 12.5 125150, 12.5 125156, 12.5 125157, 12.5 125158, 12.5 125159, 12.5 125161, 12.5 125163, 12.5 125174, 12.5 125175, 12.5 125176, 12.5 125177, 12.5 125178, 12.5 125180, 12.5 125181, 12.5 125192, 12.5 125193, 12.5 125194, 12.5 125195, 12.5 125196, 12.5 125197, 12.5 125198, 12.5 125201, 12.5 125203, 12.5 125204, 12.5 125212, 12.5 125213, 12.5 125214, 12.5 125215, 12.5 125216, 12.5 125221, 12.5 125228, 12.5 125229, 12.5 125230, 12.5 125231, 12.5 125232, 12.5 125233, 12.5 125235, 12.5 125300, 12.5 125306, 12.5 125307, 12.5 125312, 12.5 125323, 12.5 125324, 12.5 125326, 12.5 125328, 12.5 125329, 12.5 125340, 12.5 125341, 12.5 125342, 12.5 125343, 12.5 125344, 12.5 125346, 12.5 125358, 12.5 125359, 12.5 125360, 12.5 125361, 12.5 125362, 12.5 125364, 12.5 125366, 12.5 125375, 12.5 125376, 12.5 125377, 12.5 125378, 12.5 125379, 12.5 125380, 12.5 125381, 12.5 125382, 12.5 125392, 12.5 125393, 12.5 125394
CVE-2021-32029
ZOHO ManageEngine OpManager是美国卓豪(ZOHO)公司的一套网络、服务器及虚拟化监控软件。ZOHO ManageEngine OpManager 中存在安全漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。以下产品及版本受到影响:Zoho ManageEngine OpManager: 12.5 125000, 12.5 125001, 12.5 125002, 12.5 125003, 12.5 125004, 12.5 125005, 12.5 125006, 12.5 125007, 12.5 125008, 12.5 125009, 12.5 125010, 12.5 125100, 12.5 125101, 12.5 125102, 12.5 125108, 12.5 125110, 12.5 125111, 12.5 125112, 12.5 125113, 12.5 125114, 12.5 125116, 12.5 125117, 12.5 125118, 12.5 125120, 12.5 125121, 12.5 125123, 12.5 125124, 12.5 125125, 12.5 125127, 12.5 125128, 12.5 125129, 12.5 125136, 12.5 125137, 12.5 125139, 12.5 125140, 12.5 125143, 12.5 125144, 12.5 125145, 12.5 125147, 12.5 125148, 12.5 125149, 12.5 125150, 12.5 125156, 12.5 125157, 12.5 125158, 12.5 125159, 12.5 125161, 12.5 125163, 12.5 125174, 12.5 125175, 12.5 125176, 12.5 125177, 12.5 125178, 12.5 125180, 12.5 125181, 12.5 125192, 12.5 125193, 12.5 125194, 12.5 125195, 12.5 125196, 12.5 125197, 12.5 125198, 12.5 125201, 12.5 125203, 12.5 125204, 12.5 125212, 12.5 125213, 12.5 125214, 12.5 125215, 12.5 125216, 12.5 125221, 12.5 125228, 12.5 125229, 12.5 125230, 12.5 125231, 12.5 125232, 12.5 125233, 12.5 125235, 12.5 125300, 12.5 125306, 12.5 125307, 12.5 125312, 12.5 125323, 12.5 125324, 12.5 125326, 12.5 125328, 12.5 125329, 12.5 125340, 12.5 125341, 12.5 125342, 12.5 125343, 12.5 125344, 12.5 125346, 12.5 125358, 12.5 125359, 12.5 125360, 12.5 125361, 12.5 125362, 12.5 125364, 12.5 125366, 12.5 125375, 12.5 125376, 12.5 125377, 12.5 125378, 12.5 125379, 12.5 125380, 12.5 125381, 12.5 125382, 12.5 125392, 12.5 125393, 12.5 125394
2. 受影响的软件包
银河麒麟桌面操作系统V10 SP1
libecpg-compat3
libecpg-dev
libecpg6
libpgtypes3
libpq-dev
libpq5
postgresql-12
postgresql-client-12
postgresql-doc-12
postgresql-plperl-12
postgresql-plpython3-12
postgresql-pltcl-12
postgresql-server-dev-12
3. 影响的操作系统
银河麒麟桌面操作系统V10 SP1
4. 修复版本
软件包:postgresql-12
(V10 SP1)
5. 修复方法
方法一:配置源进行升级安装
打开软件包源配置文件,根据仓库地址进行修改。
4.0.2桌面版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2-desktop main restricted universe multiverse
4.0.2-sp1桌面版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp1-desktop main restricted universe multiverse
4.0.2-sp2桌面版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp2-desktop main restricted universe multiverse
4.0.2-sp3桌面版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp3-desktop main restricted universe multiverse
4.0.2-sp4桌面版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 4.0.2sp4-desktop main restricted universe multiverse
10.0版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 10.0 main restricted universe multiverse
10SP1版本:http://archive.kylinos.cn/kylin/KYLIN-ALL 10.1 main restricted universe multiverse
配置完成后执行更新命令进行升级。$sudo apt update
方法二:下载安装包进行升级安装
通过软件包地址下载软件包,使用软件包升级命令根据受影响的组件包列表 升级相关的组件包。$dpkg -i Packagelists
6. 软件包下载地址
银河麒麟桌面操作系统V10 SP1
X86下载地址