IBM Spectrum LSF Suite V10.2.0 Fix 600896 Readme

 

Abstract

This fix resolves the log4j2 security issue CVE-2021-44228 and CVE-2021-45046.

Description

Readme documentation for IBM Spectrum LSF Suite 10.2 Fix  including installation-related instructions, prerequisites and co-requisites, and a list of fixes.

Readme file for: IBM® Spectrum LSF Suite

Product/Component Release: 10.2, 10.2.0.6, 10.2.0.7, 10.2.0.8, 10.2.0.9, 10.2.0.10, 10.2.0.11
Update Name: Fix 600896
Fix ID: Suite-10.2-build 600896
Publication date: 17-Dec-2021
Last modified date: 17-Dec-2021 

Contents

1.     List of fixes

2.     Products or components affected

3.     Known issues

4.     Product notifications

5.     Download location

6.     Installation and configuration

7.     Uninstallation

8.     Copyright and trademark information

 

1.    List of fixes

   

P111111

 

2.     Products or components affected

LSF Suite Enterprise Plus

LSF Suite Enterprise

LSF Suite HPC

LSF Suite Workgroups

 

 

 

3.     Known issues

Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.

 

4.    Product notifications

To receive information about product solution and patch updates automatically, subscribe to product notifications on the My notifications page http://www.ibm.com/support/mynotifications/ on the IBM Support website http://support.ibm.com. You can edit your subscription settings to choose the types of information that you want to get notifications about, for example, security bulletins, fixes, troubleshooting, and product enhancements or documentation changes. 

 

5.    Download location

Download from the following location: https://www.ibm.com/support/fixcentral.

 

 

6.    Installation 

1). Login each LSF Suite installed hosts with the following roles installed as root and repeat the following steps

     LSF_Masters, GUI_Hosts, DB_Host, LSF_Servers

2). Install the patch
          find $PMC_TOP/../..  -name "log4j-core-*.jar"  -not  -path "*/elasticsearch/*" -exec zip -q -d  {} org/apache/logging/log4j/core/lookup/JndiLookup.class \;

         If $PMC_TOP is not defined, use the top level installation directory of whole LSF Suite

      3). Start IBM Spectrum LSF Suite services if the service exists on the host
                  systemctl restart lsfd

systemctl restart elasticsearch-for-lsf

systemctl restart filebeat-for-lsf

systemctl restart logstash-for-lsf

systemctl restart metricbeat-for-lsf

perfadmin stop all

pmcadmin stop

perfadmin start all

pmcadmin start

 

 

7.     Copyright and trademark information 

©Copyright IBM Corporation 2021

U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

IBM®, the IBM logo and ibm.com® are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml