Readme file for: IBM® FileNet® P8 Content Platform Engine Container
Update name: 5.5.3.0-P8CPE-Container
Fix ID: 5.5.3.0-P8CPE-Container-IF003
Publication date: 14 July 2020
Last modified date: 14 July 2020
This Interim Fix deploys a new Content Platform Engine (CPE) 5.5.3 container or updates an existing container. It is a full release of the CPE container. This Interim Fix can be deployed in either a Red Hat OpenShift, an IBM Cloud Private managed container environment or a certified Kubernetes managed container environment. It supports the rolling upgrade feature in Kubernetes which allows you to keep your environment up and running while upgrading each of the CPE servers in your configuration.
Important: If you are using this Interim Fix as a part of a new deployment of the Content Platform Engine container into IBM Cloud Private, you must first deploy the container as described in the Knowledge Center topic Deploying a new P8 domain by using containers. Then return to this readme and follow the instructions below to update the deployed Content Platform Engine instances with this Interim Fix.
Important: If you will update a Kubernetes managed environment as described in Knowledge Center Deploying containers on Kubernetes, prepare by becoming familiar with the kubernetes concepts for updating a deployment which are described at the following location: Kubernetes Updating A Deployment.
Important: If you are using this Interim Fix as part of upgrading an existing pre-5.5.3 deployment of the Content Platform Engine container deployed into IBM Cloud Private, you must follow the procedures described in the Knowledge Center topic (V5.5.3 or later) Upgrading container deployments. Then return to this readme and follow the instructions below to update the deployed Content Platform Engine instances with this Interim Fix.
Click the following link to access the files for this Interim Fix container update: Fix Central for Interim Fix 5.5.3.0-P8CPE-Container-IF003. You need an IBM login and password to access this download location, as well as entitlement to this interim fix in order to access it. Please contact IBM Support if you need assistance.
The following changes are introduced in this 5.5.3.0-P8CPE-Container-IF002 Interim Fix:
The following changes are introduced in this 5.5.3.0-P8CPE-Container-IF001 Interim Fix:
Following are some known problems and restrictions that are related to this Interim Fix:
If you are using this Interim Fix as part of a new installation of the Content Platform Engine into an OpenShift or certified Kubernetes environment, install the files as directed in this Readme. Then, use the information in the Knowledge Center topic Using containers to complete your deployment.
Note: For deployments into OpenShift, follow the topics for deploying on certified Kubernetes.If you are using this Interim Fix to upgrade a deployment of the Content Platform Engine container in OpenShift or certified Kubernetes environment, install the files as directed in this Readme.
Installation of this interim fix consists of the following tasks:
The container package must be expanded in a location that is accessible to the IBM Cloud Private server master node or where the Kubernetes private registry is visible. The container package contains Helm charts for both Content Container deployments and Digital Business Automation for Multicloud (DBAMC) deployments that use IBM Cloud Private.
Once expanded, the following items will be in a subdirectory called cpe:
Complete the following tasks to install this Interim Fix.
Definition: <mycluster.icp> Kubernetes cluster name.
Definition: <namespace> installation root directory of cluster.
Definition: <tag> Tags are how various images in a repository (registry) are distinguished from each other. You may utilize the same tag assigned by IBM to the Docker image in the interim fix package. Or you may apply a tag based on the scheme used by your organization.
docker load < cpe.tgz
docker tag cpe:ga-553-p8cpe-if003 <mycluster.icp>:8500/<namespace>/cpe:<tag>
For example:
cloudctl login -a https://<boot-master-ip>:8443 --skip-ssl-validation
For example:
docker login <mycluster.icp>:8500
docker push <mycluster.icp>:8500/<namespace>/cpe:<tag>
Definition: <kubernetescluster> Kubernetes cluster name.
Definition: <namespace> installation root directory of cluster.
Definition: <tag> Tags are how various images in a repository (registry) are distinguished from each other. You may utilize the same tag assigned by IBM to the Docker image in the interim fix package. Or you may apply a tag based on the scheme used by your organization.
Updates to the Content Platform Engine client files must be installed as needed on the Content Platform Engine clients and customized application installation locations. See the Readme for the Content Platform Engine 5.5.3.0-P8CPE-Container-IF003 readme for details.
Updates to the Content Platform Engine client tools must be installed as needed on the Content Platform Engine tools installation locations. See the Readme for the Content Platform Engine 5.5.3.0-P8CPE-Container-IF003 readme for details.
The following table lists the product fixes for this interim fix.
APAR |
Description |
|---|---|
PJ46044 |
Administration Console for Content Platform Engine (ACCE) Opening subclass Annotation does not display the annotation in a new tab. |
PJ46049 |
External Share REST: Allow user to enable share even if we cannot resolve email template resource bundle for a locale. |
PJ46050 |
PSIRT ADV0020631 (CVE-2019-4679): Administration Console for Content Platform Engine (ACCE) security vulnerability in logon response. See security bulletin 1283950. |
PJ46053, PJ45998 |
On some CPE (Content Platform Engine) client applications intermittent FIPSRuntimeExceptions may occur. |
PJ46054 |
FNRAM9018 Error returned when you try create a Case History store. |
PJ46059 |
Administration Console for Content Platform Engine (ACCE) document properties page - right pane is transparent. |
PJ46061 |
Administration Console for Content Platform Engine (ACCE) FNRAC1005E error occurs when trying to add choice item to a choice list with 951 choice items. |
PJ46065 |
PSIRT Advisory ADV0021947 (CVE-2019-4720), ADV0022013 (CVE-2020-4163): IBM WebSphere Application Server Network Deployment. See security bulletin 1581579. |
PJ46069 |
Case History - Handle update events on case comments. |
PJ46070 |
Content Engine (CE) Audit disposition has a check against the bookmark which has the reverse of the desired effect. |
PJ46075 |
BACSoC NullPointer exception from Process Engine (PE) when any PE RPC's are performed. |
PJ46086 |
"SymbolicName is a read-only property" error occurs on import with FileNet Deployment Manager (FDM). |
PJ46120 |
Administration Console for Content Platform Engine (ACCE) set default class for new Object Store search. |
PJ46130 |
NullPointerException occurs when trying to Generate an Audit report with FileNet Deployment Manager (FDM). |
PJ46132 |
Problem with Content Search Services (CSS) Content Based Retrieval (CBR) indexing dispatcher stats logging and locale (German) decimal parsing. |
PJ46141 |
PSIRT ADV0022946 (CVE-2020-4303, CVE-2020-4304): IBM WebSphere Application Server Network Deployment in CPE Container. See security bulletin 6203516. |
PJ46144 |
PSIRT Advisory ADV0023337 (CVE-2020-4447): Administration Console for Content Platform Engine (ACCE) Cross-site scripting security vulnerabilities. See security bulletin 6208453. |
PJ46150 |
PSIRT ADV0023727 (CVE-2020-4329): WebSphere Application Server security vulnerability. See security bulletin 6209707. |
PJ46153 |
Apache Commons FileUpload Resource Leak WS-2014-0034. |
PJ46159 |
PSIRT ADV0023806 (CVE-2020-4329): IBM WebSphere Application Server Network Deployment in CPE Container. See security bulletin 6209092. |
PJ46166 |
Administration Console for Content Platform Engine (ACCE) FileNet Rounding float decimals. |
PJ46167 |
PSIRT ADV0023949 (CVE-2020-4421): IBM WebSphere Application Server Network Deployment in CPE Container. See security bulletin 6209095. |
PJ46176 |
Administration Console for Content Platform Engine (ACCE) shows wrong queue sweep items. |
PJ46196 |
Administration Console for Content Platform Engine (ACCE) Security Policy does not save configuration of Security Template when using Delegate users. |
PJ46198 |
Administration Console for Content Platform Engine (ACCE) Choice List Localization of Choice Items after group in a Choice List showing items of group in localization dialog and Editing of Display Name not working. |
PJ46199 |
Administration Console for Content Platform Engine (ACCE) Property Template Misalignment of buttons/Filterbox/ObjectCount. |
PJ46200 |
Administration Console for Content Platform Engine (ACCE) Not able to create Master domain with option CPEDomainType. |
PJ46201 |
Administration Console for Content Platform Engine (ACCE) enhancement to improve display of choice items for choice lists. |
PJ46202 |
Administration Console for Content Platform Engine (ACCE) Choice list Audit history with out editing items, showing in update event Properties. |
PJ46203 |
WebSphere LTPA SSO fails from traditional WebSphere Application Server (tWAS) Content Platform Engine (CPE) client to CPE server on Liberty. |
PJ46206 |
A file handle and memory leak occurs when using Process Engine (PE) custom component queues in Apache Axix2. |
PJ46207 |
Opening Process Engine (PE) Process Designer (PD) from IBM Content Navigator (ICN) causes login prompt. |
APAR |
Description |
|---|---|
PJ44132 |
Content Search Services (CSS) indexed XLS Documents with numbers in German format containing a comma “,” are not searchable using comma but require using a dot ".". Fixed for AIX. Oracle Outside In Technology patch - October 2019 |
PJ45822 |
Sensitive Information in Administration Console for Content Platform Engine (ACCE) URL Parameters. |
PJ45873 |
Process Engine (PE) WSDL breaks down with 401 error (unauthorized). |
PJ45887 |
Administration Console for Content Platform Engine (ACCE) localization issue in string and integer Choicelists. |
PJ45888 |
Administration Console for Content Platform Engine (ACCE): Get error: 'theName is invalid' when importing an operation and changing the parameter name for a Component Queue. |
PJ45908 |
PISRT ADV0018019 (CVE-2019-4642), ADV0020486 (CVE-2019-4646, CVE-2019-4652, CVE-2019-4643, CVE-2019-4645, CVE-2019-4650, CVE-2019-4656, CVE-2019-4651, CVE-2019-4659, CVE-2019-4644, CVE-2019-4655, CVE-2019-4657, CVE-2019-4641, CVE-2019-4654), ADV0020487 (CVE-2019-4661), ADV0020488 (CVE-2019-4662): IBM FileNet Content Manager has multiple security vulnerabilities in Administration Console for Content Platform Engine (ACCE). See security bulletin 1073876 |
PJ45929 |
PSIRT 17771 (CVE-2019-12402): Administration Console for Content Platform Engine (ACCE) Apache Commons Compress jar security vulnerability. See security bulletin 1077471 |
PJ45931 |
FileNet Deployment Manager (FDM) "Retrieve Data for Connection Point Half Map -> From Content Platform Engine" does not retrieve object store or isolated region values. |
PJ45932 |
User information in IBM Content Navigator (ICN) Entry Template not updating when migrating with FileNet Deployment Manager (FDM). |
PJ45945 |
java.lang.ClassNotFoundException occurs while trying to run "Configure the Case Management Object Store". |
PJ45961 |
Administration Console for Content Platform Engine (ACCE): Content Platform Engine(CPE) Security Policy does not save configuration of Security Template when using Roles. |
PJ45964 |
Administration Console for Content Platform Engine (ACCE) Choice lists have a null value added. |
PJ45969 |
Modifying a Fixed Content Storage created in pre-5.5.2 version will cause Null Point Exceptionn. |
PJ45973 |
Process Engine (PE) AutomaticUpgrade fails when working with Database connection attribute with "/" in the display name. |
PJ46028 |
Administration Console for Content Platform Engine (ACCE) using greater then ">" or less then "<" in a sweep job filter expression throws syntax error "Bad filter expression". |
PJ46032 |
Container: Administration Console for Content Platform Engine (ACCE) hangs or errors out with creation/navigation to Choice Lists, Audit Definition Tab when the object names contain non-English (accented) characters. |
PJ46033 |
Snaplock Fixed Content Device (FCD) update retention failure for NFS mount. |
PJ46224 |
Administration Console for Content Platform Engine (ACCE) on WebSphere fails adding Property Template of type Object or integer into Document Class after upgrade. |
APAR |
Description |
|---|---|
PJ44132 |
XLS files that use GERMAN FORMAT WITH COMMA ',' are not searchable using comma but require using dot '.'. Fixed for Windows, Linux, zLinux |
PJ44718 |
Enhancement: Add PDF Adobe Sign Content Search Services indexing (CSS) support with Oracle Outside In Technology (OIT). |
PJ45807 |
FileNet Deployment Manager - Reassign Object Store - Object Store selection control does not have a vertical scroll bar. |
PJ45829 |
"E_BAD_CLASSID: Class "Obsolete class VSC" not found." occurs during upgrade causing issues with Process Engine (PE). |
PJ45830 |
Open attachments from a work object which was opened by Process Administrator from a User InBox fails with a malformed URL. |
PJ45834 |
Isilon multi content elements document migration command retry is not handled correctly. |
PJ45857 |
Administration Console for Content Platform Engine (ACCE) - select from Search Result pane were checked even though users didn't do the selection. |
PJ45867 |
Administration Console for Content Platform Engine (ACCE) not able to move up Marking because they are greyed out. |
PJ45868 |
PSIRT 17288: (CVE-2019-2769, CVEID: CVE-2019-2762): Java Technology Edition Critical Patch Update - July 2019. See security bulletin 0967409 |
PJ45873 |
WSDL breaks down with 401 error (unauthorized). See APAR PJ45873 for details |
PJ45878 |
Remove default user data from Axis. |
PJ45881 |
ACCE Export Work Flow Search Results to file user specified location. |
PJ45882 |
PSIRT 17737 (CVE-2019-4572): Security vulnerability in Process Orchestration Web Service logging. See security bulletin 1072042 |
This information was developed for products and services offered in the U.S.A.
IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service.
IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not grant you any license to these patents. You can send license inquiries, in writing, to:
IBM Director of Licensing IBM Corporation J74/G4 555 Bailey Avenue San Jose, CA 95141 U.S.A.
For license inquiries regarding double-byte (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to:
Intellectual Property Licensing Legal and Intellectual Property Law IBM Japan, Ltd. 19-21, Nihonbashi-Hakozakicho, Chuo-ku Tokyo 103-8510, Japan
The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you.
This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.
Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk.
IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you.
Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact:
IBM Corporation J46A/G4 555 Bailey Avenue San Jose, CA 95141-1003 U.S.A.
Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee.
The licensed program described in this document and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement or any equivalent agreement between us.
Any performance data contained herein was determined in a controlled environment. Therefore, the results obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurements may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment.
Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.
All statements regarding IBM's future direction or intent are subject to change or withdrawal without notice and represent goals and objectives only.
This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental.
COPYRIGHT LICENSE:
This information contains sample application programs in source language, which illustrate programming techniques on various operating platforms. You may copy, modify and distribute these sample programs in any form without payment to IBM, for the purposes of developing, using, marketing or distributing application programs conforming to the application programming interface for the operating platform for which the sample programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. The sample programs are provided "AS IS", without warranty of any kind. IBM shall not be liable for any damages arising out of your use of the sample programs.
IBM, the IBM logo and ibm.com are trademarks or registered trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.
Intel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.
Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both.
Microsoft, Windows, Windows NT and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both.
UNIX is a registered trademark of The Open Group in the United States and other countries.
Java and all Java-based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates.
Other product and service names might be trademarks of IBM or other companies.
| Date |
Description |
|---|---|
| 14 July 2020 |
Initial interim fix release. |