SAS Institute. The Power to Know
 
 
 

SAS Environment Manager Agent 2.5_M4

Hot Fix Downloads for HP-UX IPF

* General Information about Hot Fixes

J9U001 was replaced by J9U008

J9U002 was replaced by J9U008

J9U003 was replaced by J9U008

J9U004 was replaced by J9U008

J9U005 was replaced by J9U008

J9U006 was replaced by J9U008

J9U007 was replaced by J9U008

J9U008 for HP-UX IPF
SAS Environment Manager Agent 2.5_M4
Issue(s) Addressed:Introduced:
67194 SAS® Environment Manager includes a version of Apache Ant that has known vulnerabilities J9U001
67844 SAS® Environment Manager contains a PostgreSQL library that is affected by a known vulnerability J9U002
67891 SAS® Environment Manager contains an XStream library that is affected by known vulnerabilities J9U002
68098 SAS® Environment Manager contains a Velocity library that contains known vulnerabilities J9U003
68378 SAS® Environment Manager contains a version of Apache Ant with known vulnerabilities J9U004
68578 SAS® Environment Manager fails to start with "EXCEPTION_ACCESS_VIOLATION" after applying the SAS Private Java Runtime Environment (JRE) update J9U005
68637 SAS® Environment Manager contains a version of Apache Groovy affected by CVE-2020-17521 J9U006
68638 SAS® Environment Manager contains a version of the Jasypt library affected by CVE-2014-9970 J9U006
68648 SAS® 9.4M7 deployments using SAS Software Depots prior to revision 21w26 encounter an error at the "SAS Environment Manager Configuration" step J9U006
68756 SAS® 9.4 products contain an Apache Log4J version 2 component with known vulnerabilities J9U007
68786 SAS® Environment Manager 2.5 contains an Apache HttpClient library affected by CVE-2020-13956 J9U007
68787 SAS® Environment Manager contains an XStream library with known vulnerabilities J9U007
68972 SAS® Environment Manager contains an Apache Commons IO library that is affected by CVE-2021-29425 J9U007
69248 SAS® Environment Manager contains an XStream library that is affected by CVE-2021-43859 J9U008
69249 SAS® Environment Manager contains a PostgreSQL JDBC Driver affected by CVE-2022-21724 J9U008
Released: May 27, 2022     Documentation: J9U008hx.html D       Download: J9U008pt.zip  
D indicates that the Documentation has special pre-installation, post-installation or other unique instructions not commonly used for hot fix deployment.
Top ^




PLEASE CAREFULLY READ THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT ("AGREEMENT") BEFORE DOWNLOADING MATERIALS FROM THIS SITE. BY DOWNLOADING ANY MATERIALS FROM THIS SITE, YOU ARE AGREEING TO THESE TERMS.
You are downloading software code ("Code") which will become part of a product ("Software") you currently have licensed from SAS Institute Inc. or one of its subsidiaries ("the Institute"). this Code is designed to either correct an error in the Software or to add functionality to the Software. The code is governed by the same agreement which governs the Software. If you do not have an existing agreement with the Institute governing the Software, you may not download the Code.
SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are registered trademarks or trademarks of their respective companies.

Copyright © 2022 SAS Institute Inc. All Rights Reserved.