Providing software solutions since 1976


SAS Web Server 9.4_M3

Hot Fix Downloads

* Important changes to Hot Fixes!

V77001 was replaced by V77015

V77002 was replaced by V77015

V77003 was replaced by V77015

V77004 was replaced by V77015

V77005 was replaced by V77015

V77007 was replaced by V77015

V77008 was replaced by V77015

V77009 was replaced by V77015

V77010 was replaced by V77015

V77011 was replaced by V77015

V77012 was replaced by V77015

V77013 was replaced by V77015

V77014 was replaced by V77015

V77015
SAS Web Server 9.4_M3
Issue(s) Addressed:Introduced:
56481 ALERT - OpenSSL vulnerabilities exist in the SASŪ 9.4 Web Server (OpenSSL advisories through 9th July 2015) V77001
58196 The Apache Groovy library is vulnerable to remote code execution V77001
56688 You cannot log on to SASŪ Environment Manager when an external reverse proxy is configured V77002
57130 SASŪ Environment Manager has known high-severity security issues V77003
57612 ALERT - The Apache Commons Collections library is vulnerable to remote code execution V77004
58194 OpenSSL vulnerabilities exist in the SASŪ 9.4 Web Server (OpenSSL advisories through 3rd May 2016) V77007
58686 SASŪ Environment Manager exhibits a session-fixation vulnerability V77007
58688 SASŪ Environment Manager exhibits a Reflected File Download vulnerability V77007
56119 SASŪ Environment Manager has a known security vulnerability (CVE-2011-2730) V77008
59371 OpenSSL vulnerabilities exist in the SASŪ 9.4 Web Server (OpenSSL advisories through 26th September 2016) V77009
60108 ALERT - OpenSSL vulnerabilities exist in the SASŪ 9.4 Web Server (OpenSSL advisories through 2nd January 2017) V77010
60381 A cross-site scripting vulnerability exists in SASŪ Environment Manager V77011
60408 ALERT - The JCraft and JSch libraries that reside in the SASŪ Environment Manager server and agent are vulnerable to directory traversal V77011
60664 SASŪ Environment Manager contains commons-beanutils libraries that are vulnerable to CVE-2014-0114 V77012
60809 A cross-site scripting vulnerability exists in SASŪ Environment Manager V77013
60908 OpenSSL vulnerabilities exist in the SASŪ 9.4 Web Server (OpenSSL advisories through 26th January 2017) V77014
58351 ALERT - The SASŪ Environment Manager agent log might contain a security vulnerability V77015
61159 A security scan might report a vulnerability in SASŪ Environment Manager V77015
NOTE: If you install this hot fix and have SAS Environment Manager Agent 2.5 installed, you should also install hot fix W85005.
Windows for x64 Released: October 02, 2017     Documentation: V77015x6.html D       Download: V77015pt.zip  
64-bit Enabled Solaris Released: October 02, 2017     Documentation: V77015s6.html D       Download: V77015pt.zip  
64-bit Enabled AIX Released: October 02, 2017     Documentation: V77015r6.html D       Download: V77015pt.zip  
HP-UX IPF Released: October 02, 2017     Documentation: V77015hx.html D       Download: V77015pt.zip  
Linux for x64 Released: October 02, 2017     Documentation: V77015la.html D       Download: V77015pt.zip  
Solaris for x64 Released: October 02, 2017     Documentation: V77015sx.html D       Download: V77015pt.zip  
D indicates that the Documentation has special pre-installation, post-installation or other unique instructions not commonly used for hot fix deployment.
Top ^




PLEASE CAREFULLY READ THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT ("AGREEMENT") BEFORE DOWNLOADING MATERIALS FROM THIS SITE. BY DOWNLOADING ANY MATERIALS FROM THIS SITE, YOU ARE AGREEING TO THESE TERMS.
You are downloading software code ("Code") which will become part of a product ("Software") you currently have licensed from SAS Institute Inc. or one of its subsidiaries ("the Institute"). this Code is designed to either correct an error in the Software or to add functionality to the Software. The code is governed by the same agreement which governs the Software. If you do not have an existing agreement with the Institute governing the Software, you may not download the Code.
SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are registered trademarks or trademarks of their respective companies.

Copyright © 2017 SAS Institute Inc. All Rights Reserved.