This is a public Hot Fix that addresses the following issues:
- Notification fails when object criteria select more than one self-object
- Maintenance schedules not ending in Aria Ops
- Report generation in PDF format fails due to missing "DejaVMUni.ttf" font file
The following CVEs have been resolved :
Component |
CVE |
CVSS v3 score |
Azure/azure-sdk-for-go |
CVE-2024-35255 |
5.5 |
DOMPurify |
CVE-2024-48910 |
9.1 |
docker |
CVE-2024-24557 |
7.8 |
docker |
CVE-2024-29018 |
7.5 |
github.com/nats-io/nkeys |
CVE-2023-46129 |
7.5 |
GitPython |
CVE-2022-24439 |
9.8 |
GitPython |
CVE-2023-40267 |
9.8 |
GitPython |
CVE-2023-40590 |
7.8 |
GitPython |
CVE-2023-41040 |
6.5 |
GitPython |
CVE-2024-22190 |
7.8 |
golang.org/x/crypto |
CVE-2023-48795 |
5.9 |
golang.org/x/net |
CVE-2023-39325 |
7.5 |
golang.org/x/net |
CVE-2023-3978 |
6.1 |
golang.org/x/net |
CVE-2023-44487 |
7.5 |
grpc-go |
CVE-2023-44487 |
7.5 |
jinjapython |
CVE-2020-28493 |
5.3 |
jose2go |
CVE-2023-50658 |
7.5 |
nats-server |
CVE-2023-47090 |
6.5 |
OpenSSL |
CVE-2024-9143 |
4.3 |
pip |
CVE-2019-20916 |
7.5 |
pip |
CVE-2021-3572 |
5.7 |
PostgreSQL Database Server |
CVE-2024-10976 |
5.4 |
PostgreSQL Database Server |
CVE-2024-10977 |
3.7 |
PostgreSQL Database Server |
CVE-2024-10978 |
4.2 |
PostgreSQL Database Server |
CVE-2024-10979 |
8.8 |
pycryptodome |
CVE-2023-52323 |
5.9 |
pycryptodomex |
CVE-2023-52323 |
5.9 |
python-certifi |
CVE-2024-39689 |
7.5 |
Python programming language |
CVE-2023-40217 |
5.3 |
python-wheel |
CVE-2022-40898 |
7.5 |
runc |
CVE-2024-21626 |
8.6 |
salt |
CVE-2023-20897 |
5.3 |
salt |
CVE-2023-20898 |
7.8 |
snowflakedb/gosnowflake |
CVE-2023-34231 |
8.8 |
urllib3 |
CVE-2020-26137 |
6.5 |
urllib3 |
CVE-2020-7212 |
7.5 |
urllib3 |
CVE-2021-33503 |
7.5 |
virtualenv |
CVE-2024-53899 |
8.4 |
XZ Utils |
CVE-2022-1271 |
8.8 |
zstd |
CVE-2021-24032 |
4.7 |