Readme File for IBM® Platform Symphony 7.1.1 Interim Fix 493251

Readme File for: Platform Symphony

Product Release: 7.1.1

Update Name: Interim Fix 493251

Fix ID: sym-7.1.1_x86_64-build493251

Publication Date: June 14, 2018

This interim fix resolves the vertical authorization bypass vulnerability on the Symping page in Platform Symphony 7.1.1.

Contents

1. List of fixes

2. Download location

3. Product and components affected

4. Installation and configuration

5. Uninstallation

6. List of files

7. Copyright and trademark information

1.     List of fixes

APAR: P102505

2.     Download location

Download interim fix 493251 from the following location: https://www.ibm.com/eserver/support/fixes/

3.     Product and components affected

Component name, Platform, Fix ID:                                                  

PMC, Linux x86_64, sym-7.1.1_x86_64-build493251

4.     Installation and configuration

Follow the instructions in this section to download and install this interim fix in your cluster.

System requirements

Linux x86_64

Before installation

1.      Log on to the master host as the cluster administrator and stop the WEBGUI service:

$ egosh user logon -u Admin -x Admin

$ egosh service stop WEBGUI

2.      For recovery purposes, back up the following files:

$ cd $EGO_TOP

$ tar -cvf backup.tar gui/conf/useracl/permission_GUIPermissionSoam.acl

$ tar -uf backup.tar gui/3.3/lib/commons-ego.jar

3.      Download the pssasetup2015_linux-x86_64_build493251.tar.gz file.

Installation

1.      Log on to any management and compute host in your cluster as the cluster administrator and decompress the pssasetup2015_linux-x86_64_build493251.tar.gz file to the top-level installation directory. For example, enter:

$ tar zxfo pssasetup2015_linux-x86_64_build493251.tar.gz -C $EGO_TOP/

2.      Copy the permission_GUIPermissionSoam.acl file to your shared directory:

$ cp $EGO_TOP/gui/conf/useracl/permission_GUIPermissionSoam.acl $EGO_CONFDIR/../../gui/conf/useracl/

3.      Delete all subdirectories and files from the following directories:

$ rm -rf $EGO_TOP/gui/work/*

$ rm -rf $EGO_TOP/gui/workarea/*

$ rm -rf $WLP_OUTPUT_DIR/webgui_hostname/gui/workarea/*

4.      Clear your browser cache.

5.      Start the WEBGUI service:

$ egosh service start WEBGUI

5.     Uninstallation

If required, follow the instructions in this section to uninstall this interim fix from your cluster.

1.         Log on to the master host as the cluster administrator and stop the WEBGUI service:

$ egosh user logon -u Admin -x Admin

$ egosh service stop WEBGUI

2.         Log on to any management host in the cluster and restore your backup:

$ cd $EGO_TOP

$ tar -xvf backup.tar

3.         Copy the permission_GUIPermissionSoam.acl backup file to your shared directory:

$ cp $EGO_TOP/gui/conf/useracl/permission_GUIPermissionSoam.acl $EGO_CONFDIR/../../gui/conf/useracl/

4.         Delete all subdirectories and files from the following directories:

 $ rm -rf $EGO_TOP/gui/work/*

 $ rm -rf $EGO_TOP/gui/workarea/*

 $ rm -rf $WLP_OUTPUT_DIR/webgui_hostname/gui/workarea/*

5.         Clear your browser cache.

6.         Start the WEBGUI service:

 $ egosh service start WEBGUI

6.     List of files

gui/3.3/lib/commons-ego.jar

gui/conf/useracl/permission_GUIPermissionSoam.acl

7.     Copyright and trademark information

© Copyright IBM Corporation 2018

U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

IBM®, the IBM logo, and ibm.com® are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.