IBM Spectrum LSF Application Center V10.2.0 Fix 600882 Readme

 

Abstract

This fix resolves the log4j2 security CVE-2021-44228 and CVE-2021-45046

Description

Readme documentation for IBM Spectrum LSF Application Center V10.2.0 Fix including installation-related instructions, prerequisites and co-requisites, and list of fixes.

This fix addresses the following issue:
The log4j2 has a security issue CVE-2021-44228.

Readme file for: IBM® Spectrum LSF Application Center
Product/Component Release:  10.2.0.6, 10.2.0.7, 10.2.0.8, 10.2.0.9, 10.2.0.10, 10.2.0.11
Update Name: Fix 600882
Fix ID: pac-10.2-build 600882
Publication date: Dec. 15 2021
Last modified date: Dec. 15 2021

Contents

  1. List of fixes
  2. Download location
  3. Product notifications
  4. Products or components affected
  5. System requirements
  6. Installation and configuration
  7. Uninstallation
  8. List of files
  9. Copyright and trademark information
  1. List of fixes

P111111

  1. Download location

Download from the following location: http://www.ibm.com/eserver/support/fixes/

  1. Product notifications:

To receive information about product solution and patch updates automatically, subscribe to product notifications on the My notifications page http://www.ibm.com/support/mynotifications/ on the IBM Support website (http://support.ibm.com). You can edit your subscription settings to choose the types of information you want to get notification about, for example, security bulletins, fixes, troubleshooting, and product enhancements or documentation changes.

  1. Products or components affected

Application Center Server

  1. System requirements

a.  N/A

6. Installation and configuration

6.1  Before installation

1)     Log on to the IBM Spectrum LSF Application Center server host as root.

2)     Set your IBM Spectrum LSF Application Center environment.
For csh or tcsh:
% source /opt/ibm/lsfsuite/ext/cshrc.platform
For sh, ksh, or bash:
$ . /opt/ibm/lsfsuite/ext/profile.platform

3)     Determine the location of your existing IBM Spectrum LSF Application Center installation.
#rpm -q --queryformat "%{INSTPREFIXES}\n" lsf-appcenter

4)     Check and record the version and build number of your existing installation of IBM Spectrum LSF Application Center in case you need to roll back the fix.
pmcadmin -V

5)     Stop all IBM Spectrum LSF Application Center services.
perfadmin stop all
pmcadmin stop

6)     Back up your existing installation.
For example:
#cp -rfp /opt/ibm /opt/ibm.bak

6.2  Installation steps for IBM Spectrum LSF Application Center V10.2.0.

The following steps assume that IBM Spectrum LSF Application Center is installed in /opt/ibm.
Replace with your actual installation directory.
Note: This patch is only for LSF Application Center V10.2.0. If you are using other versions, you must first migrate to V10.2.0 before applying this Fix.

1)     Install the patch

          find $PMC_TOP  -name "log4j-core-*.jar" -exec zip -q -d  {} org/apache/logging/log4j/core/lookup/JndiLookup.class \;

2)     Start IBM Spectrum LSF Application Center services.
perfadmin start all
pmcadmin start

  1. Uninstallation

7.1  Before uninstallation

Stop all IBM Spectrum LSF Application Center services:

perfadmin stop all
pmcadmin stop

7.2  Roll back the fix

The following steps assume that IBM Spectrum LSF Application Center is installed in the /opt/ibm directory.
Replace this with your actual installation directory.

1)     Delete temporary files under directories $PMC_TOP/gui/work/notification and $PMC_TOP/gui/work/platform
rm -rf $PMC_TOP/gui/work/notification/*
rm -rf $PMC_TOP/gui/work/platform/*

2)     Delete jar files under directories $PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/
rm -rf $PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j*

3)     Install the patch
cp /opt/ibm.bak/lsfsuite/ext/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j* $PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/

4)     Start IBM Spectrum LSF Application Center services.
perfadmin start all
pmcadmin start

  1. List of files

$PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j-1.2-api-2.16.0.jar
$PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j-api-2.16.0.jar
$PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j-core-2.16.0.jar
$PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j-jcl-2.16.0.jar
$PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j-slf4j-impl-2.16.0.jar

  1. Copyright and trademark information

©Copyright IBM Corporation 2021

U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

IBM®, the IBM logo and ibm.com® are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at http://www.ibm.com/legal/copytrade.shtml