Aktualizace pro SharePoint Server 2019 (May 2021 CU)

Pro SharePoint Server 2019 byla vydána nová kumulativní aktualizace (May 2021 CU).

SP Build:
16.0.10374.20000 (Language independent CU)
16.0.10374.20000 (Language dependent CU)

SharePoint 2019 CU – KB články popisující CU:

• KB 5001916 – May 2021 Update for SharePoint Server 2019 (language independent)
  
• KB 5001915 – May 2021 Update for SharePoint Server 2019 (language dependent)
• KB 5001914 – May 2021 Update for Office Online Server

SharePoint Server 2019 CU – Odkaz ke stažení CU:

• Download May 2021 Update for SharePoint Server 2019 (language independent)
• Download May 2021 Update for SharePoint Server 2019 (language dependent)
• Download May 2021 Update for Office Online Server

Po dokončení instalace nezapomeňte na spuštění průvodce konfigurací služby SharePoint 2019 (SharePoint 2019 Products Configuration Wizard), nebo příkazu:
PSConfig.exe -cmd upgrade -inplace b2b -wait -cmd applicationcontent -install -cmd installfeatures -cmd secureresources -cmd services -install

Upozornění

Vždy instalujte oba balíčky a to v pořadí:

1. language independent (aktualizuje jazykové nezávislé komponenty)
2. language dependent (aktualizuje jazykové závislé komponenty)

V případě jazykově závislých balíčku (language dependent) nezáleží jaký jazyk si ve výsledku vyberete, jelikož každý balíček obsahuje aktualizace pro všechny jazyky.

V případě, že na SharePoint Server 2019 farmu instalujete nový jazykový balíček, je nutné následně znova nainstalovat jazykové závislý balíček (language dependent).

Nezapomínejte, že krom SharePoint je nutné mít aktualizovanou i službu Distributed Cache, viz. Jak správně aktualizovat Distributed Cache a v případě Office Online Serveru musíte mít aktuální RTM verzi, viz.  Jak aktualizovat Office Online Server.

Obsažené opravy a vylepšení

Seznam oprav a vylepšení tohoto CU je soubor výňatků z oficiálních Microsoft KB článků v původním jazyce (EN).

SharePoint Server 2019

This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and a Microsoft SharePoint spoofing vulnerability and information disclosure vulnerability. To learn more about these vulnerabilities, see the following security advisories:

• Microsoft Common Vulnerabilities and Exposures CVE-2021-26418
• Microsoft Common Vulnerabilities and Exposures CVE-2021-28474
• Microsoft Common Vulnerabilities and Exposures CVE-2021-28478
• Microsoft Common Vulnerabilities and Exposures CVE-2021-31171
• Microsoft Common Vulnerabilities and Exposures CVE-2021-31172
• Microsoft Common Vulnerabilities and Exposures CVE-2021-31173
• Microsoft Common Vulnerabilities and Exposures CVE-2021-31181

This security update contains improvements and fixes for the following nonsecurity issues in SharePoint Server 2019:

• Adds the ability to update the SQL authentication account username and password when SharePoint uses Azure SQL Managed Instance. To do this, use the following script:

  $db = Get-SPDatabase databasename
  $db.Username = "PlaceholderAccountName"
  $db.Password = "PlaceholderPassword"
  $db.Update()

• Fixes the issue that affects the file path limit of 260 characters for the site collection that’s hosted in a web application that’s configured with multiple authentication methods.
• Fixes an issue in which assigned badges don’t render on discussions, in a My Membership web part, or a members list.
• Fixes an issue in which shared columns in a document set are unexpectedly synchronized to a contained folder after the folder is renamed.

This update also contains fixes for the following issues. To fix these issues, you have to install KB 5001915 together with this update.

• Fixes an issue in which a link is still added even though you select Cancel on the Add a link page in the site Edit navigation pane.
• Fixes an issue in which the focus isn’t clearly visible on an Activity list when high contrast mode is on.
• Fixes an issue in which you can’t activate a submenu drop-down box in scan mode.
• Fixes an issue in which the Persona Component doesn’t have the sufficient color contrast.
• Fixes an issue in which the focus doesn’t go to the first interactive element of the submenu in the Documents recent activity feed pane.
• Fixes an issue in which attachments in a custom list can’t be deleted.
• Fixes an issue in which timestamps of comments are displayed as a link.
• Fixes an issue in which the focus order is not correct on the Documents page in the Narrator scan mode.
• Fixes an issue in which the screen reader is not announcing sufficient information for the „about me“ menu in the upper-right corner of a site.
• Fixes an issue in which the focus is not visible on the Hide in SharePoint mobile app checkbox in the New link dialog box.

This security update also contains a fix for the following nonsecurity issue in Microsoft Project Server 2019:

• After you run the ExportWorkspaceItemsByDisplayName2019.sql script from the General Data Protection Regulation (GDPR) for Project Server, you can’t find the OwnerUserClaimsAccount field in the query results.

Office Online Server

This security update resolves a Microsoft Excel remote code execution vulnerability and Office information disclosure vulnerability. To learn more, see the following security advisories:

• Microsoft Common Vulnerabilities and Exposures CVE-2021-31174
• Microsoft Common Vulnerabilities and Exposures CVE-2021-31175
• Microsoft Common Vulnerabilities and Exposures CVE-2021-31177
• Microsoft Common Vulnerabilities and Exposures CVE-2021-31178
• Microsoft Common Vulnerabilities and Exposures CVE-2021-31179