A new update is available for SAS Environment Manager , version 2.5_M4 :
- Hot Fix: J9V007 - Published 22MAR2022 , Download link for J9V007
- Component name: SAS Environment Manager
- Related SAS release: 9.4
Issues addressed in J9V007
| SAS Note 68560 | SAS® Environment Manager contains a version of Apache Tomcat that is affected by CVE-2021-33037 and CVE-2021-30640 |
| SAS Note 68756 | SAS® 9.4 products contain an Apache Log4J version 2 component with known vulnerabilities |
| SAS Note 68786 | SAS® Environment Manager 2.5 contains an Apache HttpClient library affected by CVE-2020-13956 |
| SAS Note 68787 | SAS® Environment Manager contains an XStream library with known vulnerabilities |
| SAS Note 68972 | SAS® Environment Manager contains an Apache Commons IO library that is affected by CVE-2021-29425 |
| This list of notes might be incomplete. For a complete list of issues addressed by this hot fix, visit the hot fix page for J9V007 |
Note: A comprehensive list of all SAS hot fixes is available from support.sas.com. You can use the SAS Hot Fix Analysis, Download, and Deployment (SASHFADD) tool to manage your SAS hot fixes.
