To resolve advisory SYM17-004 and SYM17-006, Messaging Gateway servers need to be updated to the 10.6.3-2 release and patched with patch 10.6.3-267.
Resolving SYM17-006 requires two steps be completed on *all* Messaging Gateway systems:
patch -p 10.6.3-267 notes
patch -p 10.6.3-267 install
SMS appliance 10.6.3, patch #267
This patch supercedes and replaces patch 10.6.3-266
This patch addresses the following issues:
A potential remote code execution via the Control Center.
A potential for Cross Site Scripting in the Control Center.
The ability to enable or disable "Allow email addresses to start with a dash" was inadvertently removed in a previous release; this configuration option has been restored.
An issue where certain malformed Microsoft Office documents will fail to be detected or modified by the Disarm feature.
These document types will now be processed by Disarm in the expected fashion.
This patch is removable upon installation.
This patch will not force the system to reboot after installation