Appliance Event Broker Patches

This section contains background information and instructions for installing patches on Solace Appliance Event Brokers. Unless otherwise noted, patches are available from products.solace.com.

Patch Description Issues Resolved Instructions

Patch	Description	Issues Resolved	Instructions
Patch SOL-40151	This patch updates firmware to address potential security vulnerabilities in some Intel Server Boards that may allow escalation of privilege or denial of service. This patch applies to all versions of SolOS for the following appliance event broker types shipped prior to October 19, 2020 only: CHS-3530AC-02-A CHS-3560AC-03-A CHS-3560AC-06-A Other appliance event broker types are not exposed to these vulnerabilities.	This patch resolves the following Common Vulnerabilities and Exposures (CVEs): CVE‑2020‑8708, CVE‑2020‑8730, CVE‑2020‑8731, CVE‑2020‑8707, CVE‑2020‑8719, CVE‑2020‑8721, CVE‑2020‑8710, CVE‑2020‑8711, CVE‑2020‑8712, CVE‑2020‑8718, CVE‑2020‑8722, CVE‑2020‑8732, CVE‑2020‑8709, CVE‑2020‑8723, CVE‑2020‑8713, CVE‑2020‑8706, CVE‑2020‑8729, CVE‑2020‑8715, CVE‑2020‑8716, CVE‑2020‑8714, CVE‑2020‑8717, CVE‑2020‑8720.	Instructions for Standalone Appliance Event Brokers Instructions for Redundant (HA) Appliance Event Brokers
Patch SOL-45844	This patch updates the `sudo` utility to address a heap-based buffer overflow in argument parsing. This patch applies to ALL appliance event broker types. This patch applies to the following SolOS releases: SolOS 9.3	This patch resolves the following Common Vulnerabilities and Exposures (CVEs): CVE-2021-3156	Installation Procedure

Patch SOL-40151

This patch updates firmware to address potential security vulnerabilities in some Intel Server Boards that may allow escalation of privilege or denial of service. This patch applies to all versions of SolOS for the following appliance event broker types shipped prior to October 19, 2020 only:

CHS-3530AC-02-A
CHS-3560AC-03-A
CHS-3560AC-06-A

Other appliance event broker types are not exposed to these vulnerabilities.

This patch resolves the following Common Vulnerabilities and Exposures (CVEs):

CVE‑2020‑8708, CVE‑2020‑8730, CVE‑2020‑8731, CVE‑2020‑8707, CVE‑2020‑8719, CVE‑2020‑8721, CVE‑2020‑8710, CVE‑2020‑8711, CVE‑2020‑8712, CVE‑2020‑8718, CVE‑2020‑8722, CVE‑2020‑8732, CVE‑2020‑8709, CVE‑2020‑8723, CVE‑2020‑8713, CVE‑2020‑8706, CVE‑2020‑8729, CVE‑2020‑8715, CVE‑2020‑8716, CVE‑2020‑8714, CVE‑2020‑8717, CVE‑2020‑8720.

Instructions for Standalone Appliance Event Brokers

Instructions for Redundant (HA) Appliance Event Brokers

Patch SOL-45844

This patch updates the sudo utility to address a heap-based buffer overflow in argument parsing.

This patch applies to ALL appliance event broker types.

This patch applies to the following SolOS releases:

SolOS 9.3

This patch resolves the following Common Vulnerabilities and Exposures (CVEs):

CVE-2021-3156

Installation Procedure

Provide feedback