IBM Spectrum LSF Application Center
V10.2.0 Fix 600882 Readme
Abstract
This fix resolves
the log4j2 security CVE-2021-44228 and CVE-2021-45046
Description
Readme
documentation for IBM Spectrum LSF Application Center V10.2.0 Fix including
installation-related instructions, prerequisites and co-requisites, and list of
fixes.
This fix addresses the following issue:
The log4j2 has a security issue CVE-2021-44228.
Readme file for: IBM® Spectrum LSF Application Center
Product/Component Release: 10.2.0.6, 10.2.0.7, 10.2.0.8, 10.2.0.9,
10.2.0.10, 10.2.0.11
Update Name: Fix 600882
Fix ID: pac-10.2-build 600882
Publication date: Dec. 15
2021
Last modified date: Dec. 15 2021
Contents
P111111
Download from the following
location: http://www.ibm.com/eserver/support/fixes/
To receive information about
product solution and patch updates automatically, subscribe to product
notifications on the My notifications page http://www.ibm.com/support/mynotifications/
on the IBM Support website (http://support.ibm.com). You can edit your subscription
settings to choose the types of information you want to get notification about,
for example, security bulletins, fixes, troubleshooting, and product
enhancements or documentation changes.
Application Center Server
a.
N/A
6. Installation and configuration
6.1 Before installation
1)
Log on
to the IBM Spectrum LSF Application Center server host as root.
2)
Set
your IBM Spectrum LSF Application Center environment.
For csh or tcsh:
% source /opt/ibm/lsfsuite/ext/cshrc.platform
For sh, ksh, or bash:
$ . /opt/ibm/lsfsuite/ext/profile.platform
3)
Determine
the location of your existing IBM Spectrum LSF Application Center installation.
#rpm -q --queryformat
"%{INSTPREFIXES}\n" lsf-appcenter
4)
Check
and record the version and build number of your existing installation of IBM
Spectrum LSF Application Center in case you need to roll back the fix.
pmcadmin -V
5)
Stop
all IBM Spectrum LSF Application Center services.
perfadmin stop all
pmcadmin stop
6)
Back up
your existing installation.
For example:
#cp -rfp /opt/ibm /opt/ibm.bak
6.2 Installation steps for IBM Spectrum LSF
Application Center V10.2.0.
The following
steps assume that IBM Spectrum LSF Application Center is installed in /opt/ibm.
Replace with your actual installation directory.
Note: This patch is only for LSF Application Center V10.2.0. If you are using
other versions, you must first migrate to V10.2.0 before applying this Fix.
1)
Install
the patch
find $PMC_TOP -name "log4j-core-*.jar" -exec zip -q
-d {} org/apache/logging/log4j/core/lookup/JndiLookup.class
\;
2)
Start
IBM Spectrum LSF Application Center services.
perfadmin start all
pmcadmin start
7.1 Before uninstallation
Stop all IBM
Spectrum LSF Application Center services:
perfadmin stop all
pmcadmin stop
7.2 Roll back the fix
The following
steps assume that IBM Spectrum LSF Application Center is installed in the /opt/ibm directory.
Replace this with your actual installation directory.
1)
Delete
temporary files under directories $PMC_TOP/gui/work/notification
and $PMC_TOP/gui/work/platform
rm -rf $PMC_TOP/gui/work/notification/*
rm -rf $PMC_TOP/gui/work/platform/*
2)
Delete
jar files under directories $PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/
rm -rf
$PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j*
3)
Install
the patch
cp
/opt/ibm.bak/lsfsuite/ext/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j*
$PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/
4)
Start
IBM Spectrum LSF Application Center services.
perfadmin start all
pmcadmin start
$PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j-1.2-api-2.16.0.jar
$PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j-api-2.16.0.jar
$PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j-core-2.16.0.jar
$PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j-jcl-2.16.0.jar
$PMC_TOP/gui/3.0/wlp/usr/servers/platform/apps/platform.war/WEB-INF/lib/log4j-slf4j-impl-2.16.0.jar
©Copyright IBM Corporation
2021
U.S. Government Users Restricted Rights - Use, duplication or disclosure
restricted by GSA ADP Schedule Contract with IBM Corp.
IBM®, the IBM logo and ibm.com® are trademarks of International Business
Machines Corp., registered in many jurisdictions worldwide. Other product and
service names might be trademarks of IBM or other companies. A current list of
IBM trademarks is available on the Web at "Copyright and trademark
information" at http://www.ibm.com/legal/copytrade.shtml