Security Update for Filr 2.0 and Filr 1.2 available – July 22nd, 2016

Posted on Jul 25, 2016 in Micro Focus, Micro Focus Filr, Novell, Novell Filr

A new security update for Filr 2.0 and Filr 1.2 has been released by Micro Focus on July 22nd, 2016. This patch provides a number of Security Updates for Filr, Search and MySQL 1.2 appliances including updated Java applets.

Feel free to contact us for more information about these issues and in case you need support with the application of this update. We are looking forward to helping you with planning, installing and keeping your Filr installation up to date.

Filr_icon_128r

Filr 2.0 – Security Update 2

Download the Hot Patch here and read the information about system requirements, notes and installation carefully:

“This patch is intended to address the security issues outlined in the following TIDs:
TID 7017482 – Badlock Samba vulnerability (CVE-2016-2118)
TID 7017786 – Cross Site Request Forgery in Filr admin (CVE-2016-1607)
TID 7017789 – OS command injection in Filr admin (CVE-2016-1608)
TID 7017787 – Persistent XSS in Filr User Profile (CVE-2016-1609)
TID 7017788 – Authentication bypass and path traversal in email template upload (CVE-2016-1610)
TID 7017793 – openSSL security vulnerability in Filr (CVE-2016-2107)
TID 7017776 – Update for expired Filr Java applets”

Warning: Do NOT apply this patch IF you have one or more OES-2015 based Net Folders in Filr and your OES-2015 server is NOT patched to “OES 2015 – May 2016 Update 10911” update. Apply the OES-2015 update first.

Filr_icon_128r

Filr 1.2 – Security Update 3

Download the Hot Patch here and read the information about system requirements, notes and installation carefully:

“This patch is intended to address the security issues outlined in the following TIDs:
TID 7017482 – Badlock Samba vulnerability (CVE-2016-2118)
TID 7017789 – OS command injection in Filr admin (CVE-2016-1608)
TID 7017787 – Persistent XSS in Filr User Profile (CVE-2016-1609)
TID 7017788 – Authentication bypass and path traversal in email template upload (CVE-2016-1610)
TID 7017776 – Update for expired Filr Java applets”