Documentation forPatch Manager

Patch Manager 2023.3 release notes

Release date: July 25, 2023

Here's what's new in Patch Manager 2023.3.

Patch Manager runs on the SolarWinds Platform.

Learn more

New features and improvements in Patch Manager

For information about new features and fixes in the SolarWinds Platform, see the SolarWinds Platform 2023.3 Release Notes.

Secure access to the Patch Manager Administrator Console

Beginning with this release, you can only access the Patch Manager Administrator Console using a secure HTTPS connection on port 443. This improvement will help prevent unauthorized access to your Patch Manager deployment.

Other improvements

This release includes additional updates that improve the product stability and functionality.

Return to top

Fixes

Patch Manager 2023.3 fixes the following issues in the Patch Manager Web Console.

The Patch Manager Web Console includes the fixes in version 2023.3 of the SolarWinds Platform.
Case number Description

N/A

 Various security improvements.

Patch Manager 2023.3 also fixes the following issues in the Patch Manager Administrator Console.

Case number Description

N/A

 Reports now print correctly on a server running Windows Server 2019 hosting the Patch Manager Reports application.

01215189

 When you run the Patch Manager Configuration Wizard on a system running Windows Server 2022, the wizard now installs the Patch Manager Web API correctly.

Return to top

CVEs

SolarWinds would like to thank our Security Researchers below for reporting on the issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability.

CVE-ID Vulnerability Title Description Severity

CVE-2022-37434

 Zlib Buffer over-read or buffer overflow vulnerability

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field.

NOTE: Only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader

 Critical

CVE-2018-25032

 Zlib Memory Corruption Vulnerability An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating (ex: when compressing) if the input has many distant matches. High

Return to top

Installation or upgrade

For new installations, you can download the installation file from the product page at https://www.solarwinds.com or from the Customer Portal. For more information, see the Patch Manager Installation and Upgrade Guide.

If you are upgrading from an earlier version, use the Patch Manager Installation and Upgrade Guide to help you plan and implement your upgrade. When you are ready, download the upgrade package from the Customer Portal.

You must be on Patch Manager 2020.2.1 or later to upgrade to Patch Manager 2023.3. If you are on Patch Manager 2019.4 or earlier, first upgrade to 2020.2.6 and then upgrade to 2023.3.

If you are upgrading the Patch Manager Web Console on the Patch Manager server to version 2023.3, use the Patch Manager Installer. Using this installer, you can upgrade the Patch Manager Web Console and your Patch Manager Administrator Console in one session. See Get the installer for instructions.

Return to top

Before you upgrade!

If you are upgrading from a previous version, do the following:

  • Make sure your server complies with the system requirements.

  • Back up any custom code, such as changed SolarWinds .css files or added .js files. These files may be overwritten with the upgrade. Learn more.

Return to top

Legal notices

© 2023 SolarWinds Worldwide, LLC. All rights reserved.

This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.