SOLVED

About SQL 2016's patch

Copper Contributor

SQL 2016 是否使用新补丁 (CVE-2022-29143) 进行修补,旧补丁(CVE-2021-1636,CVE-2020-0618,CVE-2018-8273)无法修补?或者,新补丁是旧补丁覆盖吗?期待您的回复,谢谢!

2 Replies
best response confirmed by Yangbo_Liu (Copper Contributor)
Solution
You have installed "KB5015371 Security update for SQL Server 2016 SP3 Azure Connect Feature Pack: June 14, 2022 CVE-2022-29143" that automatically covers all the older CUs. For your understanding. How CUs work - Installing the latest cumulative update (CU) for SQL Server will include all the fixes and updates from the previous CUs. Therefore, you do not need to install all previous CUs one at a time if you are installing the latest CU. For example, let's say you have SQL Server 2019 installed and you want to apply the latest CU, which is CU13. CU13 will include all the fixes and updates from previous CUs, such as CU1, CU2, CU3, and so on. So, you can directly install CU13 without the need to install any of the previous CUs. However, if you have skipped one or more CUs and you want to apply a specific CU, then you should install all the previous CUs that you have skipped before installing the specific CU. For example, let's say you have SQL Server 2019 installed with CU10 installed, and you want to apply CU12. In this case, you should first install CU11 (as it includes all the fixes and updates from CU10) and then install CU12. ----------Hope it's clear------- If yes, reply and hit like ----- If not reply with your query in more detail-----
I like your reply, Thank you very much.
1 best response

Accepted Solutions
best response confirmed by Yangbo_Liu (Copper Contributor)
Solution
You have installed "KB5015371 Security update for SQL Server 2016 SP3 Azure Connect Feature Pack: June 14, 2022 CVE-2022-29143" that automatically covers all the older CUs. For your understanding. How CUs work - Installing the latest cumulative update (CU) for SQL Server will include all the fixes and updates from the previous CUs. Therefore, you do not need to install all previous CUs one at a time if you are installing the latest CU. For example, let's say you have SQL Server 2019 installed and you want to apply the latest CU, which is CU13. CU13 will include all the fixes and updates from previous CUs, such as CU1, CU2, CU3, and so on. So, you can directly install CU13 without the need to install any of the previous CUs. However, if you have skipped one or more CUs and you want to apply a specific CU, then you should install all the previous CUs that you have skipped before installing the specific CU. For example, let's say you have SQL Server 2019 installed with CU10 installed, and you want to apply CU12. In this case, you should first install CU11 (as it includes all the fixes and updates from CU10) and then install CU12. ----------Hope it's clear------- If yes, reply and hit like ----- If not reply with your query in more detail-----

View solution in original post