1. Home
  2. Security Advisories
  3. Gentoo
  4. GLSA-202209-02

[GLSA-202209-02] IBM Spectrum Protect: Multiple Vulnerabilities

Severity High
Affected Packages 1
Unaffected Packages 1
CVEs 5
Info Packages References Vulnerabilities

Multiple vulnerabilities have been discovered in IBM Spectrum Protect, the worst of which could result in arbitrary code execution.

Background
TSM provides the client and the API for IBM Spectrum Protect (formerly known as Tivoli Storage Manager), a backup and archival client/server solution targetting large tape libraries.

Description
Multiple vulnerabilities have been discovered in IBM Spectrum Protect. Please review the CVE identifiers referenced below for details.

Impact
Please review the referenced CVE identifiers for details.

Workaround
There is no known workaround at this time.

Resolution
All IBM Spectrum Protect users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-backup/tsm-8.1.13.3"

Package Affected Version
pkg:ebuild/app-backup/tsm?distro=gentoo < 8.1.13.3
Package Unaffected Version
pkg:ebuild/app-backup/tsm?distro=gentoo >= 8.1.13.3
ID
GLSA-202209-02
Severity
high
URL
https://security.gentoo.org/glsa/202209-02
Published
2022-09-07T00:00:00
(2 years ago)
Modified
2022-09-07T00:00:00
(2 years ago)
Rights
Gentoo Foundation, Inc.
Other Advisories
Source # ID Name URL
CVE CVE-2021-3711 CVE-2021-3711 https://nvd.nist.gov/vuln/detail/CVE-2021-3711
CVE CVE-2021-3712 CVE-2021-3712 https://nvd.nist.gov/vuln/detail/CVE-2021-3712
CVE CVE-2021-4104 CVE-2021-4104 https://nvd.nist.gov/vuln/detail/CVE-2021-4104
CVE CVE-2021-29672 CVE-2021-29672 https://nvd.nist.gov/vuln/detail/CVE-2021-29672
CVE CVE-2021-39048 CVE-2021-39048 https://nvd.nist.gov/vuln/detail/CVE-2021-39048
Bugzilla 788115 Bugzilla #788115 https://bugs.gentoo.org/show_bug.cgi?id=788115
Bugzilla 829189 Bugzilla #829189 https://bugs.gentoo.org/show_bug.cgi?id=829189
Bugzilla 831509 Bugzilla #831509 https://bugs.gentoo.org/show_bug.cgi?id=831509
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:ebuild/app-backup/tsm?distro=gentoo app-backup tsm < 8.1.13.3 gentoo
Unaffected pkg:ebuild/app-backup/tsm?distro=gentoo app-backup tsm >= 8.1.13.3 gentoo
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date