SAS Institute. The Power to Know
 
 
 

SAS Environment Manager 2.1

Hot Fix Downloads

* General Information about Hot Fixes

S46001 was replaced by S46010

S46002 was replaced by S46010

S46003 was replaced by S46010

S46004 was replaced by S46010

S46005 was replaced by S46010

S46006 was replaced by S46010

S46007 was replaced by S46010

S46008 was replaced by S46010

S46009 was replaced by S46010

S46010
SAS Web Server 9.4 hot fix for SAS Environment Manager 2.1
Issue(s) Addressed:Introduced:
52725 ALERT - An OpenSSL Heartbleed vulnerability exists in SAS® 9.4 Web Server S46001
53341 ALERT - OpenSSL vulnerabilities (05 Jun 2014) exist in the SAS® 9.4 Web Server S46001
54700 ALERT - OpenSSL vulnerabilities (06 Aug 2014 and 15 Oct 2014) exist in the SAS® 9.4 Web Server S46001
60908 OpenSSL vulnerabilities exist in the SAS® 9.4 Web Server (OpenSSL advisories through 26th January 2017) S46001
54701 SAS® Environment Manager does not recognize the updated SAS® Web Server S46001
56119 SAS® Environment Manager has a known security vulnerability (CVE-2011-2730) S46002
56481 ALERT - OpenSSL vulnerabilities exist in the SAS® 9.4 Web Server (OpenSSL advisories through 9th July 2015) S46003
57130 SAS® Environment Manager has known high-severity security issues S46003
58194 OpenSSL vulnerabilities exist in the SAS® 9.4 Web Server (OpenSSL advisories through 3rd May 2016) S46004
58351 ALERT - The SAS® Environment Manager agent log might contain a security vulnerability S46004
58686 SAS® Environment Manager exhibits a session-fixation vulnerability S46004
58688 SAS® Environment Manager exhibits a Reflected File Download vulnerability S46004
57612 ALERT - The Apache Commons Collections library is vulnerable to remote code execution S46004
59371 OpenSSL vulnerabilities exist in the SAS® 9.4 Web Server (OpenSSL advisories through 26th September 2016) S46006
59239 The SAS® 9.4 Installation Qualification Tool (W83001 Update) installation fails S46006
60108 ALERT - OpenSSL vulnerabilities exist in the SAS® 9.4 Web Server (OpenSSL advisories through 2nd January 2017) S46007
60381 A cross-site scripting vulnerability exists in the SAS® Environment Manager administrative application S46008
60408 ALERT - The JCraft and JSch libraries that reside in the SAS® Environment Manager server and agent are vulnerable to directory traversal S46008
60664 SAS® Environment Manager contains commons-beanutils libraries that are vulnerable to CVE-2014-0114 S46008
61480 SAS® Web Server uses an end-of-life version of the Apache 2.2 Server S46009
62144 SAS® Environment Manager contains security vulnerabilities (multiple CVEs) S46009
62190 OpenSSL vulnerabilities exist in the SAS® 9.4 Web Server (OpenSSL advisories through 27th March 2018) S46010
62511 SAS® Environment Manager contains a stored cross-site scripting vulnerability S46010
62513 SAS® Environment Manager is vulnerable to jackson-databind vulnerabilities S46010
62914 SAS® Environment Manager Server is affected by multiple Apache Tomcat vulnerabilities S46010
NOTE: If you install this hot fix and have SAS Environment Manager Agent 2.1 installed, you should also install hot fix Y47005.
Windows for x64 Released: November 24, 2018     Documentation: S46010x6.html D       Download: S46010pt.zip  
64-bit Enabled Solaris Released: November 24, 2018     Documentation: S46010s6.html D       Download: S46010pt.zip  
64-bit Enabled AIX Released: November 24, 2018     Documentation: S46010r6.html D       Download: S46010pt.zip  
HP-UX IPF Released: November 24, 2018     Documentation: S46010hx.html D       Download: S46010pt.zip  
Linux for x64 Released: November 24, 2018     Documentation: S46010la.html D       Download: S46010pt.zip  
Solaris for x64 Released: November 24, 2018     Documentation: S46010sx.html D       Download: S46010pt.zip  
D indicates that the Documentation has special pre-installation, post-installation or other unique instructions not commonly used for hot fix deployment.
Top ^




PLEASE CAREFULLY READ THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT ("AGREEMENT") BEFORE DOWNLOADING MATERIALS FROM THIS SITE. BY DOWNLOADING ANY MATERIALS FROM THIS SITE, YOU ARE AGREEING TO THESE TERMS.
You are downloading software code ("Code") which will become part of a product ("Software") you currently have licensed from SAS Institute Inc. or one of its subsidiaries ("the Institute"). this Code is designed to either correct an error in the Software or to add functionality to the Software. The code is governed by the same agreement which governs the Software. If you do not have an existing agreement with the Institute governing the Software, you may not download the Code.
SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are registered trademarks or trademarks of their respective companies.

Copyright © 2019 SAS Institute Inc. All Rights Reserved.