{"id":981,"date":"2014-06-26T18:05:31","date_gmt":"2014-06-26T16:05:31","guid":{"rendered":"http:\/\/www.satinfo.es\/noticies\/?p=981"},"modified":"2014-06-26T18:05:31","modified_gmt":"2014-06-26T16:05:31","slug":"publicacion-del-hotfix-hf968383-para-mcafee-email-gateway-7-5","status":"publish","type":"post","link":"https:\/\/www.satinfo.es\/noticies\/2014\/publicacion-del-hotfix-hf968383-para-mcafee-email-gateway-7-5\/","title":{"rendered":"Publicaci\u00f3n del Hotfix HF968383 para McAfee Email Gateway 7.5"},"content":{"rendered":"<p style=\"text-align: left;\" align=\"center\">McAfee ha publicado el Hotfix HF968383 para sus appliance McAfee Email Gateway 7.5, tanto f\u00edsicos como virtuales.<\/p>\n<p class=\"western\" align=\"left\">Este hotfix a\u00f1ade nuevas funcionalidades y soluciona problemas reportados en versiones anteriores.<\/p>\n<p class=\"western\" align=\"left\"><span style=\"color: #008000;\"><span style=\"text-decoration: underline;\"><b><br \/>\nP<\/b><\/span><\/span><span style=\"color: #008000;\"><span style=\"text-decoration: underline;\"><b>ROBLEMAS RESUELTOS<\/b><\/span><\/span><span style=\"color: #008000;\"><b>:<\/b><\/span><\/p>\n<p class=\"western\" align=\"left\"><span style=\"color: #800000;\"><span style=\"text-decoration: underline;\"><\/p>\n<p>Vulnerabilidades<\/span><\/span><span style=\"color: #800000;\">:<\/span><\/p>\n<ul>\n<li>\n<p class=\"western\" align=\"left\"><span style=\"color: #000000;\"><span style=\"font-family: Arial, sans-serif;\">Resuelve varias vulnerabilidades del interfaz de usuario<\/span><\/span><span style=\"color: #000000;\"><span style=\"font-family: Arial, sans-serif;\">(<\/span><\/span><span style=\"font-family: Arial, sans-serif;\">Referenc<\/span><span style=\"font-family: Arial, sans-serif;\">ia<\/span><span style=\"font-family: Arial, sans-serif;\">: <a href=\"https:\/\/kc.mcafee.com\/corporate\/index?page=content&amp;id=KB81872\">KB81872<\/a>)<\/span><\/p>\n<\/li>\n<li>\n<p class=\"western\" align=\"left\"><span style=\"font-family: Arial, sans-serif;\">Actualiza el paquete OpenSSL para solucionar las vulnerabilidades <\/span><span style=\"font-family: Arial, sans-serif;\"><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-6449\">CVE-2013-6449<\/a>, <a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-6450\">CVE-2013-6450<\/a>, <a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-4353\">CVE-2013-4353<\/a>, <a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0076\">CVE-2014-0076<\/a>, <a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0160\">CVE-2014-0160<\/a>, <a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0224\">CVE-2014-0224<\/a>, <\/span><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0221\"><span style=\"font-family: Arial, sans-serif;\">C<\/span><\/a><span style=\"font-family: Arial, sans-serif;\"><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0221\">VE-2014-0221<\/a>, <a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0195\">CVE-2014-0195<\/a>, <a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-0198\">CVE-2014-0198<\/a>, <a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2010-5298\">CVE-2010-5298<\/a>, <a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-3470\">CVE-2014-3470<\/a> <\/span><span style=\"font-family: Arial, sans-serif;\">(<\/span><span style=\"font-family: Arial, sans-serif;\">Referenc<\/span><span style=\"font-family: Arial, sans-serif;\">ias<\/span><span style=\"font-family: Arial, sans-serif;\">: <a href=\"https:\/\/kc.mcafee.com\/corporate\/index?page=content&amp;id=KB81651\">KB81651<\/a>, <a href=\"https:\/\/kc.mcafee.com\/corporate\/index?page=content&amp;id=KB82121\">KB82121<\/a>. <\/span><span style=\"font-family: Arial, sans-serif;\">Sustituye a<\/span><span style=\"font-family: Arial, sans-serif;\"> 7.5h960401, 7.5h965187)<\/span><\/p>\n<\/li>\n<li>\n<p class=\"western\" align=\"left\"><span style=\"font-family: Arial, sans-serif;\">Actualiza el mecanismo de carga y guardado del interfaz de usuario para solucionar las vulnerabilidades <\/span><span style=\"font-family: Arial, sans-serif;\"><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-7103\">CVE-2013-7103<\/a> <\/span><span style=\"font-family: Arial, sans-serif;\">y <\/span><span style=\"font-family: Arial, sans-serif;\"><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-7104\">CVE-2013-7104<\/a> <\/span><span style=\"font-family: Arial, sans-serif;\">por las cuales un administrador autenticado puede llevar a cabo acciones arbitrarias utilizando peticiones HTTP modificadas <\/span><span style=\"font-family: Arial, sans-serif;\">(Referenc<\/span><span style=\"font-family: Arial, sans-serif;\">ia<\/span><span style=\"font-family: Arial, sans-serif;\">: <a href=\"https:\/\/kc.mcafee.com\/corporate\/index?page=content&amp;id=KB80059\">KB80059<\/a>. <\/span><span style=\"font-family: Arial, sans-serif;\">Sustituye a <\/span><span style=\"font-family: Arial, sans-serif;\">7.5h938406, 7.5h948770, 7.5h952384, 7.5h960401, 7.5h965187)<\/span><\/p>\n<\/li>\n<li>\n<p class=\"western\" align=\"left\"><span style=\"font-family: Arial, sans-serif;\">Actualiza el sistema de reportes para filtrar correctamente los campos que se muestran en el interfaz del usuario. Esto soluciona una vulnerabilidad <\/span><span style=\"font-family: Arial, sans-serif;\"><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-7092\">CVE-2013-7092<\/a> <\/span><span style=\"font-family: Arial, sans-serif;\">que permite realizar una inyecci\u00f3n SQL por un usuario de reportes autenticado mediante peticiones HTTP modificadas. (<\/span><span style=\"font-family: Arial, sans-serif;\">Referenc<\/span><span style=\"font-family: Arial, sans-serif;\">ia<\/span><span style=\"font-family: Arial, sans-serif;\">: <a href=\"https:\/\/kc.mcafee.com\/corporate\/index?page=content&amp;id=KB80061\">KB80061<\/a>. <\/span><span style=\"font-family: Arial, sans-serif;\">Sustituye a <\/span><span style=\"font-family: Arial, sans-serif;\">7.5h938406, 7.5h948770, 7.5h952384, 7.5h960401, 7.5h965187)<\/span><\/p>\n<\/li>\n<li>\n<p class=\"western\" align=\"left\"><span style=\"font-family: Arial, sans-serif;\">Actualiza el interfaz de <\/span><span style=\"font-family: Arial, sans-serif;\">Secure Web Mail <\/span><span style=\"font-family: Arial, sans-serif;\">para solucionar una vulnerabilidad que permitir\u00eda divulgar los datos del usuario y una vulnerabilidad de inyecci\u00f3n de cabeceras HTTP (<\/span><span style=\"font-family: Arial, sans-serif;\">Referenc<\/span><span style=\"font-family: Arial, sans-serif;\">ia<\/span><span style=\"font-family: Arial, sans-serif;\">: <a href=\"https:\/\/kc.mcafee.com\/corporate\/index?page=content&amp;id=KB80076\">KB80076<\/a>. <\/span><span style=\"font-family: Arial, sans-serif;\">Sustituye a <\/span><span style=\"font-family: Arial, sans-serif;\">7.5h938406, 7.5h948770, 7.5h952384, 7.5h960401, 7.5h965187)<\/span><\/p>\n<\/li>\n<li>\n<p class=\"western\" align=\"left\"><span style=\"font-family: Arial, sans-serif;\">Actualiza la configuraci\u00f3n de <\/span><span style=\"font-family: Arial, sans-serif;\">NTP <\/span><span style=\"font-family: Arial, sans-serif;\">para evitar que el appliance sea atacado durante ataques de denegaci\u00f3n de servicio distribuido (DDOS) utilizando la vulnerabilidad <\/span><span style=\"font-family: Arial, sans-serif;\"><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-5211\">CVE-2013-5211<\/a>. (Referenc<\/span><span style=\"font-family: Arial, sans-serif;\">ia<\/span><span style=\"font-family: Arial, sans-serif;\">: <a href=\"https:\/\/kc.mcafee.com\/corporate\/index?page=content&amp;id=KB81087\">KB81087<\/a>. <\/span><span style=\"font-family: Arial, sans-serif;\">Sustituye a <\/span><span style=\"font-family: Arial, sans-serif;\">7.5h938406, 7.5h948770, 7.5h952384, 7.5h960401, 7.5h965187)<\/span><\/p>\n<\/li>\n<\/ul>\n<p class=\"western\" align=\"left\">\n<p class=\"western\" align=\"left\"><span style=\"color: #800000;\"><span style=\"text-decoration: underline;\">Sistema operativo<\/span><\/span><span style=\"color: #800000;\">:<\/span><\/p>\n<p class=\"western\" align=\"left\"><span style=\"color: #000000;\"><span style=\"font-family: Arial, sans-serif;\">Soluciona un problema con el Interfaz de Gesti\u00f3n de Plataforma Inteligente (IPMI) en appliances Dell PE1950, lo que causaba s\u00edntomas intermitentes de lentitud, fallos al mostrar el estado de hardware y fallos en el acceso remoto a la tarjeta de configuraci\u00f3n (Referencia: <a href=\"https:\/\/kc.mcafee.com\/corporate\/index?page=content&amp;id=PD24844\">PD24844<\/a>. Sustituye a 7.5h965187.)<\/span><\/span><\/p>\n<p class=\"western\" align=\"left\">\n<p class=\"western\" align=\"left\"><span style=\"color: #800000;\"><span style=\"text-decoration: underline;\">Email<\/span><\/span><span style=\"color: #800000;\">:<\/span><\/p>\n<p class=\"western\" align=\"left\"><span style=\"color: #000000;\"><span style=\"font-family: Arial, sans-serif;\">Deshabilita el cacheado de certificados TLS en el proxy SMTP para evitar errores de certificado que causen fallos de conexi\u00f3n. (Referencia: <a href=\"https:\/\/kc.mcafee.com\/corporate\/index?page=content&amp;id=KB81297\">KB81297<\/a>. Sustituye a 7.5h948770, 7.5h952384, 7.5h960401, 7.5h965187.)<\/span><\/span><\/p>\n<p class=\"western\" align=\"left\">\n<p class=\"western\" align=\"left\"><span style=\"color: #800000;\"><span style=\"text-decoration: underline;\">Interfaz de usuario<\/span><\/span><span style=\"color: #800000;\">:<\/span><\/p>\n<p class=\"western\" align=\"left\"><span style=\"color: #000000;\"><span style=\"font-family: Arial, sans-serif;\">Corrige el recuento de destinatarios de correos rechazados del panel, que inclu\u00eda de forma err\u00f3nea destinatarios que no se encontraban en la lista de destinatarios permitidos pero eran aceptados por la consulta LDAP (Referencia: <a href=\"https:\/\/kc.mcafee.com\/corporate\/index?page=content&amp;id=KB81821\">KB81821<\/a>. Sustituye a 7.5h965187.)<\/span><\/span><\/p>\n<p class=\"western\" align=\"left\">\n<p class=\"western\" align=\"left\"><span style=\"color: #000000;\"><span style=\"font-family: sans-serif;\"><span style=\"color: #800000;\"><span style=\"text-decoration: underline;\">Configuraci\u00f3n<\/span><\/span><span style=\"color: #800000;\">:<\/span><\/span><\/span><\/p>\n<p class=\"western\" align=\"left\"><span style=\"font-family: Arial, sans-serif;\"><span style=\"color: #000000;\">Res<\/span><span style=\"color: #000000;\">uelve un problema en el<\/span><span style=\"color: #000000;\"> hotfix 7.5h938406 <\/span><span style=\"color: #000000;\">a la hora de editar listas TLS en el interfaz de usuario <\/span>(Referencia: <a href=\"https:\/\/kc.mcafee.com\/corporate\/index?page=content&amp;id=KB81406\">KB81406<\/a>, <a href=\"https:\/\/kc.mcafee.com\/corporate\/index?page=content&amp;id=KB81424\">KB81424<\/a>. Sustituye a 7.5h952384, 7.5h960401, 7.5h965187)<\/span><\/p>\n<p class=\"western\" align=\"left\">\n<p class=\"western\" align=\"left\"><span style=\"color: #000000;\"><span style=\"font-family: Arial, sans-serif;\"><span style=\"color: #800000;\"><span style=\"text-decoration: underline;\">I<\/span><\/span><span style=\"color: #800000;\"><span style=\"text-decoration: underline;\">nformes<\/span><\/span><span style=\"color: #800000;\">:<\/span><\/span><\/span><\/p>\n<p class=\"western\" align=\"left\"><span style=\"font-family: Arial, sans-serif;\">Actualiza el sistema de informes para permitir un filtrado correcto de nombres de usuario que incluyan caracteres que no sea ASCII. (Referencia: <a href=\"https:\/\/kc.mcafee.com\/corporate\/index?page=content&amp;id=KB79829\">KB79829<\/a>. Sustituye a 7.5h938406, 7.5h948770, 7.5h952384, 7.5h960401, 7.5h965187.)<\/span><\/p>\n<p class=\"western\" align=\"left\">\n<p class=\"western\" align=\"left\">\n<p class=\"western\" align=\"left\"><span style=\"color: #008000;\"><span style=\"font-family: Arial, sans-serif;\"><b><span style=\"text-decoration: underline;\">REQUISITOS DE INSTALACI\u00d3N<\/span>:<\/b><\/span><\/span><\/p>\n<p class=\"western\" align=\"left\"><span style=\"color: #000000;\"><span style=\"font-family: Arial, sans-serif;\">Este hotfix puede instalarse sobre la versi\u00f3n 7.5 de McAfee Email Gateway, con los parches 1 y 2 previamente instalados.<\/span><\/span><\/p>\n<p class=\"western\" align=\"left\">\n<p class=\"western\" align=\"left\"><span style=\"color: #008000;\"><span style=\"font-family: Arial, sans-serif;\"><b><span style=\"text-decoration: underline;\">VERSIONES SUSTITUIDAS<\/span>:<\/b><\/span><\/span><\/p>\n<p class=\"western\" align=\"left\"><span style=\"color: #000000;\"><span style=\"font-family: Arial, sans-serif;\">Este hotfix sustituye los hotfix siguientes:<\/span><\/span><\/p>\n<ul>\n<li>\n<p class=\"western\" align=\"left\"><span style=\"color: #000000;\"><span style=\"font-family: Arial, sans-serif;\">Hotfix 7.5h938406<\/span><\/span><\/p>\n<\/li>\n<li>\n<p class=\"western\" align=\"left\"><span style=\"font-family: Arial, sans-serif;\">Hotfix 7.5h948770<\/span><\/p>\n<\/li>\n<li>\n<p class=\"western\" align=\"left\"><span style=\"font-family: Arial, sans-serif;\">Hotfix 7.5h952384<\/span><\/p>\n<\/li>\n<li>\n<p class=\"western\" align=\"left\"><span style=\"font-family: Arial, sans-serif;\">Hotfix 7.5h960401<\/span><\/p>\n<\/li>\n<li>\n<p class=\"western\" align=\"left\"><span style=\"font-family: Arial, sans-serif;\">Hotfix 7.5h965187<\/span><\/p>\n<p class=\"western\" align=\"left\">\n<\/li>\n<\/ul>\n<p class=\"western\" align=\"left\"><span style=\"color: #008000;\"><span style=\"font-family: Arial, sans-serif;\"><b><span style=\"text-decoration: underline;\">ACCIONES DURANTE LA INSTALACI\u00d3N<\/span>:<\/b><\/span><\/span><\/p>\n<p class=\"western\" align=\"left\"><span style=\"color: #000000;\"><span style=\"font-family: Arial, sans-serif;\">Se cerrar\u00e1 la sesi\u00f3n del usuario<br \/>\nSe reiniciar\u00e1n algunos servicios del sistema, dependiendo de la configuraci\u00f3n<br \/>\nSe reiniciar\u00e1n protocolos del proxy, dependiendo de la configuraci\u00f3n<\/span><\/span><\/p>\n<p class=\"western\" align=\"left\">\n<p class=\"western\" align=\"left\"><span style=\"color: #008000;\"><span style=\"font-family: Arial, sans-serif;\"><span style=\"color: #000000;\"><span style=\"text-decoration: underline;\"><b>Nota<\/b><\/span><\/span><span style=\"color: #000000;\"><b>:\u00a0<\/b><\/span><span style=\"color: #000000;\">McAfee <\/span><span style=\"color: #000000;\">ha calificado esta actualizaci\u00f3n como <\/span><span style=\"color: #800000;\"><span style=\"text-decoration: underline;\"><b>Recomendado<\/b><\/span><\/span><span style=\"color: #000000;\">. Aplique esta actualizaci\u00f3n <\/span><span style=\"color: #000000;\">cuando le sea <\/span><span style=\"color: #000000;\">posible.<\/span><\/span><\/span><\/p>\n<p class=\"western\" align=\"left\">\n<p class=\"western\" align=\"left\"><span style=\"color: #000000;\">Para realizar la descarga del hotfix puede hacerlo desde la <a href=\"http:\/\/www.mcafee.com\/es\/downloads\/downloads.aspx\">p\u00e1gina de descargas de McAfee<\/a> utilizando su Grant Number o N\u00famero de Concesi\u00f3n.<\/span><\/p>\n<p class=\"western\" align=\"left\">\n<p class=\"western\" align=\"left\"><b><span style=\"color: #0000ff;\"><span lang=\"es-ES\">SATINFO<\/span><\/span><span lang=\"es-ES\">, <\/span><span lang=\"es-ES\">SERVICIO DE ASISTENCIA T\u00c9CNICA INFORMATICA\u00a0<\/span><span lang=\"es-ES\">2<\/span><span lang=\"es-ES\">6<\/span><span lang=\"es-ES\"> de <\/span><span lang=\"es-ES\">Junio\u00a0<\/span><span lang=\"es-ES\">de 201<\/span><span lang=\"es-ES\">4<\/span><\/b><\/p>\n","protected":false},"excerpt":{"rendered":"<p>McAfee ha publicado el Hotfix HF968383 para sus appliance McAfee Email Gateway 7.5, tanto f\u00edsicos como virtuales. Este hotfix a\u00f1ade nuevas funcionalidades y soluciona problemas reportados en versiones anteriores. PROBLEMAS RESUELTOS: Vulnerabilidades: Resuelve varias vulnerabilidades del interfaz de usuario(Referencia: KB81872) Actualiza el paquete OpenSSL para solucionar las vulnerabilidades CVE-2013-6449, CVE-2013-6450, CVE-2013-4353, CVE-2014-0076, CVE-2014-0160, CVE-2014-0224, CVE-2014-0221, <a href='https:\/\/www.satinfo.es\/noticies\/2014\/publicacion-del-hotfix-hf968383-para-mcafee-email-gateway-7-5\/' class='excerpt-more'>[&#8230;]<\/a><\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[517,890,892],"tags":[579,577,242,578],"class_list":["post-981","post","type-post","status-publish","format-standard","hentry","category-517","category-mcafee","category-todos","tag-7-5","tag-hf968383","tag-hotfix","tag-mcafee-email-gateway","category-517-id","category-890-id","category-892-id","post-seq-1","post-parity-odd","meta-position-corners","fix"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/posts\/981","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/comments?post=981"}],"version-history":[{"count":0,"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/posts\/981\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/media?parent=981"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/categories?post=981"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.satinfo.es\/noticies\/wp-json\/wp\/v2\/tags?post=981"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}