:::: MENU ::::

Aktualizace pro SharePoint Server 2019 (April 2020 CU)

Pro SharePoint Server 2019 byla vydána nová kumulativní aktualizace (April 2020 CU).

SP Build:
16.0.10358.20000 (Language independent CU)
16.0.10358.20000 (Language dependent CU)

SharePoint 2019 CU – KB články popisující CU:

  • KB 4484292 – April 2020 Update for SharePoint Server 2019 (language independent)
  • KB 4484291 – April 2020 Update for SharePoint Server 2019 (language dependent)
  • KB 4484290 – April 2020 Update for Office Online Server

SharePoint Server 2019 CU – Odkaz ke stažení CU:

Po dokončení instalace nezapomeňte na spuštění průvodce konfigurací služby SharePoint 2019 (SharePoint 2019 Products Configuration Wizard), nebo příkazu:
PSConfig.exe -cmd upgrade -inplace b2b -wait -cmd applicationcontent -install -cmd installfeatures -cmd secureresources -cmd services -install

Upozornění

Vždy instalujte oba balíčky a to v pořadí:

  1. language independent (aktualizuje jazykové nezávislé komponenty)
  2. language dependent (aktualizuje jazykové závislé komponenty)

V případě jazykově závislých balíčku (language dependent) nezáleží jaký jazyk si ve výsledku vyberete, jelikož každý balíček obsahuje aktualizace pro všechny jazyky.

V případě, že na SharePoint Server 2019 farmu instalujete nový jazykový balíček, je nutné následně znova nainstalovat jazykové závislý balíček (language dependent).

Nezapomínejte, že krom SharePoint je nutné mít aktualizovanou i službu Distributed Cache, viz. Jak správně aktualizovat Distributed Cache a v případě Office Online Serveru musíte mít aktuální RTM verzi, viz.  Jak aktualizovat Office Online Server.

Obsažené opravy a vylepšení

Seznam oprav a vylepšení tohoto CU je soubor výňatků z oficiálních Microsoft KB článků v původním jazyce (EN).

SharePoint Server 2019

This security update resolves remote code execution vulnerabilities that exist in Microsoft SharePoint if the software does not check the source markup of an application package. To learn more about these vulnerabilities, see the following security advisories:

This security update resolves a cross-site-scripting (XSS) vulnerability that exists if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request to an affected SharePoint server. This update also resolves a remote code execution vulnerability that exists in Microsoft SharePoint if the software does not check the source markup of an application package. To learn more about the vulnerabilities, see the following security advisories:

This security update contains improvements and fixes for the following nonsecurity issues in SharePoint Server 2019:

  • Adds a new NumeralFormat parameter for Word Automation Services conversion jobs that enable the job to specify numeral formatting as Arabic, Hindi, or Context.
    • „Arabic“: Numbers will be shown to have Arabic glyphs.
    • „Hindi“: Numbers will be shown to have Hindi glyphs.
    • „Context „: Numbers will be shown to have glyphs that are appropriate for the surrounding run of text (either Arabic or Hindi).
  • Because Brazil no longer observes daylight saving time, date and time values are displayed incorrectly for list items in site collections that use the „(UTC-03:00) Brasilia“ and „(UTC-04:00) Cuiaba“ time zones.
  • When on-premises servers use Azure AD for SAML-based authentication, the authentication fails because the trusted issuer on the SharePoint on-premises server appends an at sign (@), and the issuer claim in the token doesn’t include the at sign.
  • Mixtures of Traditional Chinese and other text are not handled correctly by the Chinese Traditional Word Breaker.
This security update contains fixes for the following issues in Project Server 2019:

  • Querying for a task dependency through the client-side object model (CSOM) returns a non-elapsed LinkLagDuration string for elapsed values. For example, you have a dependency that says 2FS+1ed. Instead of returning the expected 1ed, it returns 3d.
  • When accessing certain projects through the client-side object model (CSOM) or REST, the process fails because of overflow in the Schedule Variance Percentage (SVP) or Cost Variance Percentage (CVP) fields.
  • Consider the following scenario:
    • You have server event code on the publishing event that extracts data from a project through the client-side object model (CSOM).
    • You open a project by using Project or Project Web App.
    • You make changes in the project.
    • You publish the project.

In this scenario, the publishing event code that reads the project data runs for more than a minute and then times out. Therefore, the event unexpectedly cancels the publishing job.

  • If you apply a filter to a Tasks list, you don’t see the expected result for those items (which are on the second and subsequent pages).

Office Online Server

This security update resolves a remote code execution vulnerability that exists in Microsoft Word software if it does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2020-0980.

Known issues in this update

After you install this security update, Office Online Server logging will be set to Verbose by default. We recommend that you change this setting to Medium by running the following command:

Set-OfficeWebAppsFarm -LogVerbosity “Medium”

Note After you run the command, you have to restart the Office Online Service. To do this, run the following command:

Restart-Service WACSM


Komentáře