Upgrade the WebSphere Application Server Java SDK to resolve security vulnerabilities in Rational Reporting for Development Intelligence and Rational Insight - Oracle CPU June 2013

Fix readme


Abstract

Upgrade the WebSphere Application Server (WAS) Java SDK to IBM Java 6 SR14, IBM Java 6.0.1 SR6 or IBM Java 7 SR5 to resolve security vulnerabilities in Rational Reporting for Development Intelligence 1.0.2.x, 2.0.x and Rational Insight 1.0.1.x and 1.1.1.x.

Content

These security vulnerabilities are related to the Oracle Critical Patch Updates (CPU) June 2013. WAS itself is not vulnerable to these security vulnerabilities. However, both Rational Reporting for Development Intelligence (RRDI) and Rational Insight are vulnerable to two of them - CVE-2013-2407 and CVE-2013-2450.

Perform the following steps to upgrade the Java SDK that is installed with these WAS versions:


WAS 7.0.0.0 to 7.0.0.29

Install the WAS interim fix PM91295. The WAS Java SDK will automatically be upgraded to IBM Java 6 SR14:

1. Shut down all WAS server instances.

2. Download and install the latest Update Installer for WAS 7 from http://www-01.ibm.com/support/docview.wss?uid=swg21205991#updi70. See http://pic.dhe.ibm.com/infocenter/wasinfo/v7r0/topic/com.ibm.websphere.installation.nd.doc/info/ae/ae/tins_updi_install.html for the steps

3. Download the WAS interim fix PM91295 from http://www-01.ibm.com/support/docview.wss?uid=swg24035397 to a local directory.

4. Launch the Update Installer for WAS 7.

5. Click Next.

6. Specify the WAS 7.0.0.x installation path and click Next.

7. Select Install maintenance package and click Next.

8. Click Browse, select the directory containing the interim fix and click Open. Click Next.

9. Verify that 7.0.0.0-WS-WASJavaSDK-<platform>-IFPM91295.pak is selected and click Next.

10. Review the installation summary and click Next.

11. Click Finish.

12. Exit Update Installer for WAS 7.

13. Restart your WAS server instances.


WAS 8.0.0.0 to 8.0.0.6

Upgrade to WAS 8.0.0.7. The WAS Java SDK will automatically be upgraded to IBM Java 6.0.1 SR6:

1. Shut down all WAS server instances.

2. Start IBM Installation Manager and click Update.

3. Select IBM WebSphere Application Server V8.0 and click Next.

4. If prompted, enter your IBM ID and password for the IBM download site and click OK.

5. Verify that Version 8.0.0.7 is selected and click Next.
Note: A warning message will be displayed if you have previously installed a WAS interim fix that conflicts with the new update. To resolve the issue, uninstall the old interim fix and repeat the above steps.

6. Select all fixes that are applicable to your platform and click Next.

7. Select I accept the terms in the license agreement and click Next.

8. Review the features to install and click Next.

9. Review the summary information and click Update.

10. Click Finish.

11. Exit IBM Installation Manager.

12. Restart your WAS server instances.


WAS 8.5.0.0 to 8.5.5.0

Upgrade to WAS 8.5.5.1 and install WAS interim fix PM91291 or PM91292. The WAS Java SDK will automatically be upgraded to IBM Java 7 SR5 or IBM Java 6 SR6.

1. Shut down all WAS server instances.

2. Start IBM Installation Manager and click Update.

3. Select IBM WebSphere Application Server V8.5 and click Next.

4. If prompted, enter your IBM ID and password for the IBM download site and click OK.

5. Verify that Version 8.5.5.1 is selected and click Next.
Note: A warning message will be displayed if you have previously installed a WAS interim fix that conflicts with the new update. To resolve the issue, uninstall the old interim fix and repeat the above steps.

6. Select all fixes that are applicable to your platform and click Next.

7. Select I accept the terms in the license agreement and click Next.

8. Review the features to install and click Next.

9. Review the summary information and click Update.

10. Click Finish.

11. Exit IBM Installation Manager.

12. Restart your WAS server instances.

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Rational Insight
General Information

Software version:

1.0.1, 1.0.1.1, 1.1, 1.1.1, 1.1.1.1, 1.1.1.2, 1.1.1.3

Operating system(s):

Linux, Windows

Reference #:

1656749

Modified date:

2014-02-12

Translate my page

Machine Translation

Content navigation