SAS Institute. The Power to Know
 
 
 

SAS Environment Manager 2.5_M4

Hot Fix Downloads

* General Information about Hot Fixes

J9V001 was replaced by J9V010

J9V002 was replaced by J9V010

J9V003 was replaced by J9V010

J9V004 was replaced by J9V010

J9V005 was replaced by J9V010

J9V006 was replaced by J9V010

J9V007 was replaced by J9V010

J9V008 was replaced by J9V010

J9V010
SAS Environment Manager 2.5_M4
Issue(s) Addressed:Introduced:
67194 SAS® Environment Manager includes a version of Apache Ant that has known vulnerabilities J9V001
61159 A security scan might report a vulnerability in SAS® Environment Manager J9V002
67844 SAS® Environment Manager contains a PostgreSQL library that is affected by a known vulnerability J9V002
67848 The SAS® Environment Manager server contains a version of Apache Tomcat that is affected by known vulnerabilities J9V002
67850 SAS® Environment Manager accepts GET requests in circumstances where the POST method should be used J9V002
67851 SAS® Environment Manager fails to disable the autocomplete function for certain password input fields J9V002
67891 SAS® Environment Manager contains an XStream library that is affected by known vulnerabilities J9V002
68098 SAS® Environment Manager contains a Velocity library that contains known vulnerabilities J9V003
68378 SAS® Environment Manager contains a version of Apache Ant with known vulnerabilities J9V004
68578 SAS® Environment Manager fails to start with "EXCEPTION_ACCESS_VIOLATION" after applying the SAS Private Java Runtime Environment (JRE) update J9V005
68431 SAS® Environment Manager contains a cross-site scripting vulnerability (CVE-2021-35475) J9V006
68637 SAS® Environment Manager contains a version of Apache Groovy affected by CVE-2020-17521 J9V006
68638 SAS® Environment Manager contains a version of the Jasypt library affected by CVE-2014-9970 J9V006
68648 SAS® 9.4M7 deployments using SAS Software Depots prior to revision 21w26 encounter an error at the "SAS Environment Manager Configuration" step J9V006
68560 SAS® Environment Manager contains a version of Apache Tomcat that is affected by CVE-2021-33037 and CVE-2021-30640 J9V007
68756 SAS® 9.4 products contain an Apache Log4J version 2 component with known vulnerabilities J9V007
68786 SAS® Environment Manager 2.5 contains an Apache HttpClient library affected by CVE-2020-13956 J9V007
68787 SAS® Environment Manager contains an XStream library with known vulnerabilities J9V007
68909 The SAS® Environment Manager Configuration step of the Load Content stage fails with "…Failed To create ev initial User and Role…" J9V007
68972 SAS® Environment Manager contains an Apache Commons IO library that is affected by CVE-2021-29425 J9V007
69029 SAS® Environment Manager 2.5 contains a Terracotta Quartz Scheduler library affected by CVE-2019-13990 J9V007
69033 SAS® Environment Manager contains a version of the Terracotta Quartz Scheduler with known vulnerabilities J9V007
69248 SAS® Environment Manager contains an XStream library that is affected by CVE-2021-43859 J9V008
69249 SAS® Environment Manager contains a PostgreSQL JDBC Driver affected by CVE-2022-21724 J9V008
69483 SAS® Environment Manager Agent reports incorrect Microsoft Windows releases for Windows releases after 2015 J9V009
69798 SAS® Environment Manager contains a version of the PostgreSQL JDBC Driver that is known to be affected by CVE-2022-31197 J9V010
69930 SAS® Environment Manager contains multiple libraries with known vulnerabilities J9V010
Windows for x64 Released: March 10, 2023     Documentation: J9V010x6.html D       Download: J9V010pt.zip  
64-bit Enabled Solaris Released: March 10, 2023     Documentation: J9V010s6.html D       Download: J9V010pt.zip  
64-bit Enabled AIX Released: March 10, 2023     Documentation: J9V010r6.html D       Download: J9V010pt.zip  
HP-UX IPF Released: March 10, 2023     Documentation: J9V010hx.html D       Download: J9V010pt.zip  
Linux for x64 Released: March 10, 2023     Documentation: J9V010la.html D       Download: J9V010pt.zip  
Solaris for x64 Released: March 10, 2023     Documentation: J9V010sx.html D       Download: J9V010pt.zip  
D indicates that the Documentation has special pre-installation, post-installation or other unique instructions not commonly used for hot fix deployment.
Top ^



PLEASE CAREFULLY READ THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT ("AGREEMENT") BEFORE DOWNLOADING MATERIALS FROM THIS SITE. BY DOWNLOADING ANY MATERIALS FROM THIS SITE, YOU ARE AGREEING TO THESE TERMS.
You are downloading software code ("Code") which will become part of a product ("Software") you currently have licensed from SAS Institute Inc. or one of its subsidiaries ("the Institute"). this Code is designed to either correct an error in the Software or to add functionality to the Software. The code is governed by the same agreement which governs the Software. If you do not have an existing agreement with the Institute governing the Software, you may not download the Code.
SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are registered trademarks or trademarks of their respective companies.
Copyright © SAS Institute Inc. All Rights Reserved.