Readme File for IBM® Spectrum Symphony 7.2.1 Interim Fix 521112
Readme file for: IBM Spectrum Symphony
Product/Component Release: 7.2.1
Update Name: Interim Fix 521112
Fix ID: sym-7.2.1-build521112
Publication date: November 05, 2019
This readme file provides guidance on upgrading the Jackson
databind, core, and annotations to version 2.9.8 in IBM Spectrum Symphony 7.2.1
and IBM Spectrum Symphony Developer Edition 7.2.1 in order to fix security
vulnerabilities CVE-2018-14719, CVE-2018-14718, CVE-2018-14720, and
CVE-2018-14721.
Contents
1. List of fixes
2. Download location
3. Products or components affected
4. Installation and configuration
5. Uninstallation
6. Product notifications
7. Copyright and trademark information
1. List of fixes
APAR: P103019
2. Download location
Download interim fix 521112 from
the following location: https://www.ibm.com/eserver/support/fixes/
3. Products or components affected
Component name, Platform, Fix
ID:
HostFactory/MapReduce/GUI,
Linux-x86_64, sym-7.2.1-build521112
4. Installation and configuration
Follow these steps to upgrade Jackson databind, core,
and annotations .jar files for IBM Spectrum Symphony
7.2.1 and IBM Spectrum Symphony Developer Edition 7.2.1:
a.
Log on to the
master host as the cluster administrator and stop the following services:
> egosh user logon -u Admin -x Admin
> egosh service stop MRSS WEBGUI HostFactory
b.
Log on to
each management and compute host in the cluster and download the following
packages:
·
jackson-databind-2.9.8.jar (http://central.maven.org/maven2/com/fasterxml/jackson/core/jackson-databind/2.9.8/)
· jackson-core-2.9.8.jar (http://central.maven.org/maven2/com/fasterxml/jackson/core/jackson-core/2.9.8/)
· jackson-annotations-2.9.8.jar (http://central.maven.org/maven2/com/fasterxml/jackson/core/jackson-annotations/2.9.8/)
c.
For
recovery purposes, move the following files to a backup directory on management
host:
> mkdir -p /tmp/hadoop-2.7.x/
> mkdir -p /tmp/guilib/
> mkdir -p /tmp/hflib/
> mv
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-annotations-2.9.5.jar
/tmp/hadoop-2.7.x/
> mv
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-core-2.9.5.jar
/tmp/hadoop-2.7.x/
> mv $EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-databind-2.9.5.jar
/tmp/hadoop-2.7.x/
> mv
$EGO_TOP/wlp/usr/servers/gui/apps/ego/3.7/platformv5/WEB-INF/lib/jackson-annotations-2.9.5.jar
/tmp/guilib/
> mv
$EGO_TOP/wlp/usr/servers/gui/apps/ego/3.7/platformv5/WEB-INF/lib/jackson-core-2.9.5.jar
/tmp/guilib/
> mv
$EGO_TOP/wlp/usr/servers/gui/apps/ego/3.7/platformv5/WEB-INF/lib/jackson-databind-2.9.5.jar
/tmp/guilib/
> mv
$EGO_TOP/3.7/hostfactory/providers/common/lib/jackson-annotations-2.9.5.jar
/tmp/hflib/
> mv $EGO_TOP/3.7/hostfactory/providers/common/lib/jackson-core-2.9.5.jar
/tmp/hflib/
> mv
$EGO_TOP/3.7/hostfactory/providers/common/lib/jackson-databind-2.9.5.jar
/tmp/hflib/
NOTE: To
avoid compatibility issues, move all old files to another directory altogether.
d.
For recovery
purposes, move the following files to a backup directory on compute host:
> mkdir -p /tmp/hadoop-2.7.x/
> mkdir -p /tmp/hflib/
> mv $EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-annotations-2.9.5.jar
/tmp/hadoop-2.7.x/
> mv
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-core-2.9.5.jar
/tmp/hadoop-2.7.x/
> mv $EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-databind-2.9.5.jar
/tmp/hadoop-2.7.x/
> mv
$EGO_TOP/3.7/hostfactory/providers/common/lib/jackson-annotations-2.9.5.jar
/tmp/hflib/
> mv
$EGO_TOP/3.7/hostfactory/providers/common/lib/jackson-core-2.9.5.jar
/tmp/hflib/
> mv $EGO_TOP/3.7/hostfactory/providers/common/lib/jackson-databind-2.9.5.jar
/tmp/hflib/
NOTE: To avoid compatibility issues, move all old
files to another directory altogether.
e.
For
recovery purposes, move the following files to a backup directory on Developer Edition
host:
> mkdir -p /tmp/hadoop-2.7.x/
> mkdir -p /tmp/CloudProxyClient/
> mv
$SOAM_HOME/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-annotations-2.9.5.jar
/tmp/hadoop-2.7.x/
> mv
$SOAM_HOME/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-core-2.9.5.jar
/tmp/hadoop-2.7.x/
> mv
$SOAM_HOME/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-databind-2.9.5.jar
/tmp/hadoop-2.7.x/
> mv
$SOAM_HOME/7.2.1/samples/Java/CloudProxyClient/lib/jackson-annotations-2.9.5.jar
/tmp/CloudProxyClient/
> mv
$SOAM_HOME/7.2.1/samples/Java/CloudProxyClient/lib/jackson-core-2.9.5.jar
/tmp/CloudProxyClient/
> mv
$SOAM_HOME/7.2.1/samples/Java/CloudProxyClient/lib/jackson-databind-2.9.5.jar
/tmp/CloudProxyClient/
f.
On each
management host, run the following commands:
> cp -rf jackson-databind-2.9.8.jar
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/
> cp -rf jackson-core-2.9.8.jar
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/
> cp -rf jackson-annotations-2.9.8.jar
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/
> cp -rf jackson-databind-2.9.8.jar
$EGO_TOP/wlp/usr/servers/gui/apps/ego/3.7/platformv5/WEB-INF/lib/
> cp -rf jackson-core-2.9.8.jar
$EGO_TOP/wlp/usr/servers/gui/apps/ego/3.7/platformv5/WEB-INF/lib/
> cp -rf jackson-annotations-2.9.8.jar
$EGO_TOP/wlp/usr/servers/gui/apps/ego/3.7/platformv5/WEB-INF/lib/
> cp -rf jackson-annotations-2.9.8.jar
$EGO_TOP/3.7/hostfactory/providers/common/lib/
> cp -rf jackson-core-2.9.8.jar
$EGO_TOP/3.7/hostfactory/providers/common/lib/
> cp -rf jackson-databind-2.9.8.jar
$EGO_TOP/3.7/hostfactory/providers/common/lib/
g.
On each
compute host, run the following commands:
> cp -rf jackson-databind-2.9.8.jar
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/
> cp -rf jackson-core-2.9.8.jar
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/
> cp -rf jackson-annotations-2.9.8.jar
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/
> cp -rf jackson-annotations-2.9.8.jar
$EGO_TOP/3.7/hostfactory/providers/common/lib/
> cp -rf jackson-core-2.9.8.jar
$EGO_TOP/3.7/hostfactory/providers/common/lib/
> cp -rf jackson-databind-2.9.8.jar
$EGO_TOP/3.7/hostfactory/providers/common/lib/
h.
On each
Developer Edition host, run the following commands:
> cp -rf jackson-annotations-2.9.8.jar
$SOAM_HOME/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/
> cp -rf jackson-core-2.9.8.jar
$SOAM_HOME/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/
> cp -rf jackson-databind-2.9.8.jar
$SOAM_HOME/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/
> cp -rf jackson-annotations-2.9.8.jar
$SOAM_HOME/7.2.1/samples/Java/CloudProxyClient/lib/
> cp -rf jackson-core-2.9.8.jar
$SOAM_HOME/7.2.1/samples/Java/CloudProxyClient/lib/
> cp -rf jackson-databind-2.9.8.jar
$SOAM_HOME/7.2.1/samples/Java/CloudProxyClient/lib/
i.
From the
master host, start the following services:
> egosh user logon -u Admin -x Admin
> egosh service start MRSS WEBGUI HostFactory
5. Uninstallation
If required, follow these steps to uninstall the
upgraded .jar files in a cluster with IBM Spectrum Symphony 7.2.1 installed:
a.
Log on to the
master host as the cluster administrator and stop the following services:
> egosh user logon -u Admin -x Admin
> egosh service stop MRSS WEBGUI HostFactory
b.
Remove
the following files on management host that were introduced by this interim
fix:
> rm -rf
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-databind-2.9.8.jar
> rm -rf
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-core-2.9.8.jar
> rm -rf
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-annotations-2.9.8.jar
> rm -rf
$EGO_TOP/wlp/usr/servers/gui/apps/ego/3.7/platformv5/WEB-INF/lib/jackson-databind-2.9.8.jar
> rm -rf
$EGO_TOP/wlp/usr/servers/gui/apps/ego/3.7/platformv5/WEB-INF/lib/jackson-core-2.9.8.jar
> rm -rf
$EGO_TOP/wlp/usr/servers/gui/apps/ego/3.7/platformv5/WEB-INF/lib/jackson-annotations-2.9.8.jar
> rm -rf
$EGO_TOP/3.7/hostfactory/providers/common/lib/jackson-databind-2.9.8.jar
> rm -rf $EGO_TOP/3.7/hostfactory/providers/common/lib/jackson-core-2.9.8.jar
> rm -rf
$EGO_TOP/3.7/hostfactory/providers/common/lib/jackson-annotations-2.9.8.jar
c.
Remove
the following files on compute host that were introduced by this interim fix:
> rm -rf $EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-databind-2.9.8.jar
> rm -rf
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-core-2.9.8.jar
> rm -rf
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-annotations-2.9.8.jar
> rm -rf
$EGO_TOP/3.7/hostfactory/providers/common/lib/jackson-databind-2.9.8.jar
> rm -rf
$EGO_TOP/3.7/hostfactory/providers/common/lib/jackson-core-2.9.8.jar
> rm -rf
$EGO_TOP/3.7/hostfactory/providers/common/lib/jackson-annotations-2.9.8.jar
d.
Remove
the following files on Developer Edition host that were introduced by this
interim fix:
> rm -rf
$SOAM_HOME/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-annotations-2.9.8.jar
> rm -rf
$SOAM_HOME/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-core-2.9.8.jar
> rm -rf
$SOAM_HOME/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/jackson-databind-2.9.8.jar
> rm -rf
$SOAM_HOME/7.2.1/samples/Java/CloudProxyClient/lib/jackson-annotations-2.9.8.jar
> rm -rf
$SOAM_HOME/7.2.1/samples/Java/CloudProxyClient/lib/jackson-core-2.9.8.jar
> rm -rf
$SOAM_HOME/7.2.1/samples/Java/CloudProxyClient/lib/jackson-databind-2.9.8.jar
e.
On each
management host, restore the following files from your backup:
> mv /tmp/hadoop-2.7.x/*.jar
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/
> mv /tmp/guilib/*
$EGO_TOP/wlp/usr/servers/gui/apps/ego/3.7/platformv5/WEB-INF/lib/
> mv /tmp/hflib/*
$EGO_TOP/3.7/hostfactory/providers/common/lib/
f.
On each
compute host, restore the following files from your backup:
> mv /tmp/hadoop-2.7.x/*.jar
$EGO_TOP/soam/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/
> mv /tmp/hflib/*
$EGO_TOP/3.7/hostfactory/providers/common/lib/
g.
On each
Developer Edition host, restore the following files from your backup:
> mv /tmp/hadoop-2.7.x/*.jar
$SOAM_HOME/mapreduce/7.2.1/linux-x86_64/lib/hadoop-2.7.x/
> mv /tmp/CloudProxyClient/*.jar
$SOAM_HOME/7.2.1/samples/Java/CloudProxyClient/lib/
h.
From the
master host, start the following services:
> egosh user logon -u Admin -x Admin
> egosh service start MRSS WEBGUI HostFactory
6. Product notifications
To receive information about
product solution and patch updates automatically, subscribe to product
notifications on the My Notifications page http://www.ibm.com/support/mynotifications/
on the IBM Support website (http://support.ibm.com). You can edit your
subscription settings to choose the types of information you want to get
notification about, for example, security bulletins, fixes, troubleshooting,
and product enhancements or documentation changes.
7. Copyright and trademark information
© Copyright IBM Corporation 2019
U.S. Government Users Restricted
Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract
with IBM Corp.
IBM®, the IBM logo and ibm.com® are
trademarks of International Business Machines Corp., registered in many
jurisdictions worldwide. Other product and service names might be trademarks of
IBM or other companies. A current list of IBM trademarks is available on the
Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.