Public disclosed vulnerability (CVE-2018-5382) from Bouncy Castle fix was addressed by Platform HPC
Data not yet populated
Platform HPC Version 4.1.1, 4.1.1.1, 4.2.0 and 4.2.1
None.
<Product
| VRMF| APAR| Remediation/First Fix
—|—|—|—
_Platform HPC _| 4.1.1, 4.1.1.1, 4.2.0, 4.2.1| None| See details below
Platform HPC 4.1.x and 4.2.x
1. Download Bouncy Castle jar file bcprov-jdk15on-159.jar from the following location http://www.bouncycastle.org/latest_releases.html
2. Copy the jar file into the management node. If high availability is enabled, copy the jar file to stand-by management node, as well.
3. If high availability is enabled, shutdown stand-by management node to avoid triggering high availability.
4. On the management node, stop GUI and PERF services
HA disabled:
HA enabled:
5. On management node, replace the old jar file with new one.
6. On management node, start GUI and PERF services
HA disabled:
HA enabled:
CPE | Name | Operator | Version |
---|---|---|---|
ibm spectrum cluster foundation | eq | 4.1.0 | |
ibm spectrum cluster foundation | eq | 4.1.1 | |
ibm spectrum cluster foundation | eq | 4.2 |