Public disclosed vulnerability (CVE-2018-5382) from Bouncy Castle fix was addressed by Platform PCM
Data not yet populated.
Platform Cluster Manager Standard Edition Version 4.1.0, 4.1.1 and 4.1.1.1
Platform Cluster Manager Version 4.2.0, 4.2.0.1, 4.2.0.2 and 4.2.1
None.
<Product
| VRMF| APAR| Remediation/First Fix
—|—|—|—
Platform Cluster Manager Standard Edition| 4.1.0, 4.1.1, 4.1.1.1, 4.2.0, 4.2.0.1, 4.2.0.2, 4.2.1| None| See details below
Platform Cluster Manager Advanced Edition| 4.2.0, 4.2.0.1, 4.2.0.2, 4.2.1| None| See details below
Platform Cluster Manager 4.1.x and 4.2.x
1. Download Bouncy Castle jar file bcprov-jdk15on-159.jar from the following location http://www.bouncycastle.org/latest_releases.html
2. Copy the jar file into the management node. If high availability is enabled, copy the jar file to stand-by management node, as well.
3. If high availability is enabled, shutdown stand-by management node to avoid triggering high availability.
4. On the management node, stop GUI and PERF services
HA disabled:
HA enabled:
5. On management node, replace the old jar file with new one.
6. On management node, start GUI and PERF services
HA disabled:
HA enabled:
CPE | Name | Operator | Version |
---|---|---|---|
ibm spectrum cluster foundation | eq | 4.1.0 | |
ibm spectrum cluster foundation | eq | 4.1.1 | |
ibm spectrum cluster foundation | eq | 4.2 |