IBM Support

Java parseDouble security vulnerability update for Linux Tivoli Storage Manager Administration Center V6.1

Flashes (Alerts)


Abstract

A critical Java class library security vulnerability is now in the public domain. This vulnerability can be used as a denial of service attack against application servers. This vulnerability affects all versions and releases of Java (1.4.2, 5.0 and 6.0) on all platforms. Web servers and web services are particularly at risk. You are urged to install eWAS fixpacks to remediate the vulnerability. When you install the eWAS fixpack to the Linux Tivoli Storage Manager Administration Center V6.1, a problem might appear concerning partially installed maintenance packages. If you run into this problem, complete the following steps.

Content

1. Download the following eWAS packages from the site (ftp://public.dhe.ibm.com/storage/tivoli-storage-management/e-fix/WAS/6.1.0.45)

  • 6.1.0-WS-WASEmbeded-LinuxX64-FP0000043.pak
  • 6.1.0-WS-WASSDK-LinuxX64-FP0000043.pak
  • 6.1.0-WS-WASEmbeded-LinuxX64-FP0000045.pak
  • 6.1.0-WS-WASSDK-LinuxX64-FP0000045.pak
2. Make sure that the WAS server is stopped. If the WAS server is running, issue the following command:
/ISCW61/profiles/TsmAC/bin/stopServer.sh tsmServer
3. Modify the attributes of the /ISCW61/bin/iscdeploy.sh script with the following changes:
  /ISCW61/bin # cp -p iscdeploy.sh iscdeploy.sh.orig
 /ISCW61/bin # chmod 755 iscdeploy.sh 
4. Run the WAS Updateinstaller to install the following two packages. 5. After the packages are successfully installed, install the following eWAS fixpacks:
  • 6.1.0-WS-WASEmbeded-LinuxX64-FP0000045.pak
  • 6.1.0-WS-WASSDK-LinuxX64-FP0000045.pak
6. Start the WAS server and open the Administration Center. The eWAS server is now updated to version 6.1.0.45.

[{"Product":{"code":"SSGSG7","label":"Tivoli Storage Manager"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"--","Platform":[{"code":"PF016","label":"Linux"}],"Version":"6.1","Edition":"","Line of Business":{"code":"LOB26","label":"Storage"}}]

Document Information

Modified date:
25 September 2022

UID

swg21622149

Page Feedback