Aktualizace pro SharePoint Server 2019 (June 2021 CU)

This security update resolves a Microsoft SharePoint remote code execution vulnerability, SharePoint spoofing vulnerability, SharePoint Server remote code execution vulnerability, and SharePoint Server information disclosure vulnerability. To learn more about these vulnerabilities, see the following security advisories:

• Microsoft Common Vulnerabilities and Exposures CVE-2021-26420

• Microsoft Common Vulnerabilities and Exposures CVE-2021-31948

• Microsoft Common Vulnerabilities and Exposures CVE-2021-31950

• Microsoft Common Vulnerabilities and Exposures CVE-2021-31963

• Microsoft Common Vulnerabilities and Exposures CVE-2021-31964

• Microsoft Common Vulnerabilities and Exposures CVE-2021-31965

• Microsoft Common Vulnerabilities and Exposures CVE-2021-31966

This security update contains improvements and fixes for the following nonsecurity issues in SharePoint Server 2019:

• Fixes a data loss issue that occurs when multiple attachments that have the same name are emailed to a SharePoint list.

• Fixes an issue in which the link that’s generated by Copy link causes issues when you open or check out the Microsoft 365 (formerly Office 365) client.

• Fixes an issue in which not all application pools can restart successfully after you install a custom sandbox solution.

• Fixes an issue in which extensive unnecessary ULS logs are recorded when rendering a page.
   

This update also contains fixes for the following issues. To fix these issues, you have to install KB 5001945 together with this update.

• Fixes an issue in which metadata about the Public Update that was stored in the Windows Registry contained nonprintable characters.

• Removes the engagement log query parameter „e“ from copy links for on-premises because it’s used only in SharePoint Online.

• Fixes an issue in which the screen reader doesn’t read the text of the Quick links Web Part title that’s given by a user.

• Fixes an issue in which the screen reader doesn’t read letters when you delete words.

• Fixes an issue in which the posted news doesn’t appear in the „News“ web part in Internet Explorer by using the list layout.

• Fixes the role relationship issue at the „Document“ page for accessibility.

• Fixes an issue in which the ARIA toggle field in a details list doesn’t have an accessible name.

• Fixes an issue in which New Items under Site Usage in a non-English modern team site counts only .docx files.

This security update also contains a fix for the following nonsecurity issue in Project Server 2019:

When the reporting database refresh is performed, the following OData specific SQL views may be removed and not regenerated as expected:

• pjrep.MSP_TimesheetLine_ODATAView

• pjrep.MSP_FiscalPeriods_ODATAView

• pjrep.MSP_ProjectTimephasedRollupInfo_ODATAView

• pjrep.MSP_EpmTaskByDay_ODATAView

• pjrep.MSP_ProjectBaseline_ODATAView

When these views are missing, reports that depend on them fail.