Thunderstone Support Forums

Several updates for system internal items have been released to fix security issues (CVEs listed below) .

CVE-2023-52489 CVE-2023-6240 CVE-2024-25742 CVE-2024-25743 CVE-2024-26642
CVE-2024-26643 CVE-2024-26673 CVE-2024-26804 CVE-2024-2961 CVE-2024-33599
CVE-2024-33600 CVE-2024-33601 CVE-2024-33602

Use your appliance's System / System Setup / Webmin / Software Package Updates to install all available updates. You should plan and perform a reboot shortly after installing the updates.

Many updates for the system base OS to bring it in line to the latest Rocky Linux 9.4. CVEs fixed along the way listed below.

Use your appliance's System / System Setup / Update Software followed by System / System Setup / Webmin / Software Package Updates to install all available updates. You should plan and perform a reboot shortly after installing the updates.

CVE-2006-20001 CVE-2007-4559 CVE-2015-20107 CVE-2018-25032 CVE-2020-10735
CVE-2020-12762 CVE-2020-27347 CVE-2021-28861 CVE-2021-3468 CVE-2021-3502
CVE-2021-35937 CVE-2021-35938 CVE-2021-35939 CVE-2021-40153 CVE-2021-41072
CVE-2021-43519 CVE-2021-43618 CVE-2021-44964 CVE-2022-21216 CVE-2022-21233
CVE-2022-2127 CVE-2022-25147 CVE-2022-25235 CVE-2022-25236 CVE-2022-25313
CVE-2022-25314 CVE-2022-25315 CVE-2022-26280 CVE-2022-28805 CVE-2022-29824
CVE-2022-3094 CVE-2022-32221 CVE-2022-32746 CVE-2022-33068 CVE-2022-33099
CVE-2022-33196 CVE-2022-33972 CVE-2022-34903 CVE-2022-35252 CVE-2022-35737
CVE-2022-36227 CVE-2022-36760 CVE-2022-3715 CVE-2022-37434 CVE-2022-37436
CVE-2022-37967 CVE-2022-38090 CVE-2022-39377 CVE-2022-40303 CVE-2022-40304
CVE-2022-40674 CVE-2022-40982 CVE-2022-41804 CVE-2022-42010 CVE-2022-42011
CVE-2022-42012 CVE-2022-42898 CVE-2022-42919 CVE-2022-43552 CVE-2022-43680
CVE-2022-44792 CVE-2022-44793 CVE-2022-45061 CVE-2022-46329 CVE-2022-46663
CVE-2022-48468 CVE-2022-48554 CVE-2022-48624 CVE-2023-1667 CVE-2023-1981
CVE-2023-20569 CVE-2023-20593 CVE-2023-20867 CVE-2023-20900 CVE-2023-22745
CVE-2023-22809 CVE-2023-2283 CVE-2023-23583 CVE-2023-23908 CVE-2023-23916
CVE-2023-24329 CVE-2023-24593 CVE-2023-25180 CVE-2023-25193 CVE-2023-25690
CVE-2023-2650 CVE-2023-27043 CVE-2023-27533 CVE-2023-27534 CVE-2023-27535
CVE-2023-27536 CVE-2023-27538 CVE-2023-2828 CVE-2023-28321 CVE-2023-28322
CVE-2023-28484 CVE-2023-28486 CVE-2023-28487 CVE-2023-2911 CVE-2023-29469
CVE-2023-29491 CVE-2023-2975 CVE-2023-31122 CVE-2023-31124 CVE-2023-31130
CVE-2023-31147 CVE-2023-31486 CVE-2023-32067 CVE-2023-32324 CVE-2023-32360
CVE-2023-33204 CVE-2023-3341 CVE-2023-3347 CVE-2023-34058 CVE-2023-34059
CVE-2023-34241 CVE-2023-3446 CVE-2023-34966 CVE-2023-34967 CVE-2023-34968
CVE-2023-34969 CVE-2023-3817 CVE-2023-38408 CVE-2023-38469 CVE-2023-38470
CVE-2023-38471 CVE-2023-38472 CVE-2023-38473 CVE-2023-38545 CVE-2023-38546
CVE-2023-39615 CVE-2023-39975 CVE-2023-4001 CVE-2023-40217 CVE-2023-4091
CVE-2023-42465 CVE-2023-42669 CVE-2023-4408 CVE-2023-44487 CVE-2023-46218
CVE-2023-4692 CVE-2023-47038 CVE-2023-48795 CVE-2023-50387 CVE-2023-50868
CVE-2023-51385 CVE-2023-52489 CVE-2023-5363 CVE-2023-5388 CVE-2023-5517
CVE-2023-5678 CVE-2023-5679 CVE-2023-6004 CVE-2023-6129 CVE-2023-6237
CVE-2023-6240 CVE-2023-6516 CVE-2023-6918 CVE-2023-7104 CVE-2024-1048
CVE-2024-22365 CVE-2024-25062 CVE-2024-25742 CVE-2024-25743 CVE-2024-27316

There are various settings that accept REX expressions. Go to the All Walk Settings page and use the browser's search-in-page function to search for \" then remove the extraneous \

An update to webmin 2.111 has been released to fix security issue CVE-2023-52046.

Use your appliance's System / System Setup / Webmin / Software Package Updates to install all available updates. Reboot is not necessary after installing this update.

For Thunderstone Search Appliances based on HP hardware, there are updates for the HPE provided iLO firmware. Download from https://ftp.thunderstone.com/pub/HP-iLO4/ or https://ftp.thunderstone.com/pub/HP-iLO5/ depending on your hardware.

This is a catch up notice since a number of intervening versions weren't announced. See the latest version and older versions in the above locations. See the readme files there for related fixes and enhancements. 2.82 is the latest for iLO 4. 3.04 is the latest for iLO 5.

After downloading the latest iLO .bin file, install it by logging in to iLO, then navigating to the Update Firmware page. On iLO 4 it's under Administration->Firmware, on iLO 5 it's under Firmware & OS Software->Firmware.

If you're not sure if you have an affected appliance or don't know how to access iLO go to the appliance's
System / Information / System Information
page. Look on the "System" tab. If it shows "iLO Admin:" use that URL to access iLO. If it doesn't show then your appliance doesn't have iLO and no update is necessary. Updating iLO won't affect the appliance search or walk interfaces or activity.

Package thunderstonePatch-2.23 is available for 3rd and 4th generation appliance platforms.

For Gen4 appliances it provides:

• Add ability to create a self-signed certificate to the console menu
• Fix potential problem restoring HTTPS certificates from backups
• Extend httpd Timeout for long running processes like backup/restore of many profiles
• Disable httpd TRACE
• Reduce apache httpd info disclosures (file inodes, server version and features)
• Add clickjacking httpd protection headers
• Increase number of profiles that can be backed up/restored/in use at once

For Gen3 appliances it provides:

• Allow https clickjacking headers to be customized from web UI in upcoming scripts release
• Increase number of profiles that can be backed up/restored/in use at once
• Recreate/repair task tables on appliance startup

Note: The lists aren't identical because different platforms may or may not already have some features/fixes.

Use your appliance's System / System Setup / Update Software to install all available updates. Reboot is not necessary for this update.

Several updates for system internal items have been released to fix security issues (CVEs listed below) .

CVE-2022-27782 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208 CVE-2022-32221
CVE-2022-35252 CVE-2022-43552 CVE-2023-23916 CVE-2023-27535 CVE-2023-28321
CVE-2023-28322 CVE-2023-38545 CVE-2023-38546 CVE-2023-44487

Use your appliance's System / System Setup / Webmin / Software Package Updates to install all available updates. Reboot is not necessary after installing these updates.

Updates for system internal bind libs have been released to fix security issues (CVEs listed below) and other minor bugs.

CVE-2022-2795, CVE-2022-3080, CVE-2022-3094, CVE-2022-3736
CVE-2022-38177, CVE-2022-38178, CVE-2022-3924, CVE-2023-2828
CVE-2023-3341

Use your appliance's System / System Setup / Webmin / Software Package Updates to install all available updates. You should plan and perform a reboot shortly after installing the updates.

Updates are available for Gen3 appliances that reenable support connections with Thunderstone's updated support server certificate. Install all of the following that are available for update at the same time:

ca-certificates, libtasn1, p11-kit, p11-kit-trust

Updates can be found via the System / System Setup / Update Software menu item.
A reboot is not necessary.

Various updates for system internal items have been released to fix security issues (CVEs listed below) and other minor bugs.

CVE-2015-20107, CVE-2020-10735, CVE-2021-28861, CVE-2022-42919
CVE-2022-45061, CVE-2023-24329, CVE-2023-40217, CVE-2023-4527
CVE-2023-4806, CVE-2023-4813, CVE-2023-4911

Use your appliance's System / System Setup / Webmin / Software Package Updates to install all available updates. You should plan and perform a reboot shortly after installing the updates.