导语
Esri在2015年二月份发布了关于ArcGIS for Server的安全补丁,Esri建议ArcGIS10.1 SP1 QIP for Server和ArcGIS10.2的用户重点关注该补丁的动态。ArcGIS10.2的用户应该首先打上10.2.1或者10.2.2然后再打该补丁!
ArcGIS for Server Security (January 2015) PatchArcGIS10.2.2
ArcGIS 10.2.2 for Server
- BUG-000080898 – Reflected cross-site scripting security (XSS) vulnerability.
- BUG-000081239 – ArcGIS Server has an open redirect vulnerability.
- BUG-000081401 – Multiple cross-site scripting (XSS) vulnerabilities in ArcGIS for Server.
- BUG-000082665 – Disable SSLv3 on the internal tomcat to prevent “POODLE” vulnerability.
- BUG-000083941 – Unable to return attachments larger than a certain size in ArcGIS for Server on Linux.