IBM Support

Cognos Products Interim Fix for Java Security Exposure

Downloadable files


Abstract

These interim fixes address a serious security vulnerability (CVE-2010-4476) which can cause the Java Virtual Machine to enter an infinite loop.

Download Description

These interim fixes are made available for the products and versions listed below. For Linux and UNIX implementations, please follow the instructions provided in the Cognos Java Security Vulnerability Exposure Response.


The following fix packs contain this interim fix. If your product is listed here, we recommend that you install the fix pack instead.

Business Intelligence 8.4.1 Fix Pack 4

Business Intelligence 10.1.0 Fix Pack 1

Consumer Insight 1.1.0 Fix Pack 1

Series 7 Version 5 FP1

Installation Instructions

  1. Download the appropriate .tar.gz file using the links in the Download Package section using either HTTP or Download Director. Some browsers may change the downloaded file type from .tar.gz. to a file type not recognized by the operating system. To correct this, change the file type back to .tar.gz.
  2. Uncompress the image in a temporary directory:
  3. Change to the directory where you have downloaded the image.
  4. Double-click the .tar.gz file.
  5. Select the option "use folder names".
  6. Click Unzip.
  7. Stop the Cognos services.
  8. Launch the issetup application found under the <operating system> folder.
  9. Apply the interim fix to all installation locations in your environment.
  10. Restart the Cognos services.

Instructions for Cognos Consumer Insight
  1. Uncompress the distribution
  2. Change directory to Cognos_Consumer_Insight_1.1.IF2
  3. Open the file Readme.txt and follow the instructions.

Download package

Choose the download you need from the list below. JRE updaters are grouped by version, not product. They apply to all products with that version, with the following exceptions:

    Cognos Virtual View Manager use: JRE Updater VVM <by version and by platform>
    Cognos Controller 8.5.1 and 8.5.0, use: JRE Updater Cognos 8.4.1
    Cognos Analytic Applications 8.4.2, use: JRE Updater Cognos 8.4.1 (32-bit) or JRE Updater Cognos 8.4.1 (64-bit).

The Cognos Analytic Applications are:
    Banking Risk Performance
    Credit Risk
    Customer Performance Sales Analytics
    Financial Performance
    Supply Chain Performance Procurement Analytics
    Workforce Performance

Known side effects

Installing a fix pack over JRE Updater Cognos 10.1 will fail unless you first follow the steps in Technote 1499328.


Download RELEASE DATE LANGUAGE SIZE(Bytes) Download Options
What is Fix Central(FC)?
JRE Updater Cognos 10.1 (32-bit) 3/11/2011 English 63753421 FC HTTP
JRE Updater Cognos 10.1 (64-bit) 3/11/2011 English 130547712 FC HTTP
JRE Updater Cognos 8.4.1 (32-bit) 3/11/2011 English 104333312 FC HTTP
JRE Updater Cognos 8.4.1 (64-bit) 3/11/2011 English 208142336 FC HTTP
JRE Updater Cognos 8.4.0 (32-bit) 3/11/2011 English 44040192 FC HTTP
JRE Updater Cognos 8.4.0 (64-bit) 3/11/2011 English 82522931 FC HTTP
JRE Updater Cognos 8.3 (32-bit) 3/21/2011 English 26109542 FC HTTP
JRE Updater Cognos S7.5 (32-bit) 3/22/2011 English 306310021 FC HTTP
JRE Updater Cognos S7.4 (32-bit) 3/22/2011 English 306310021 FC HTTP
JRE Updater Cognos 9.5 (32-bit) 5/2/2011 English 108800246 FC HTTP
JRE Updater Cognos 9.0 (32-bit) 4/1/2011 English 133997527 FC HTTP
JRE Updater Cognos 1.1 (64-bit) 4/21/2011 English 67266150 FC HTTP
JRE Updater VVM 10.1 Windows 4/25/2011 English 77217137 FC HTTP
JRE Updater VVM 10.1 Linux x86 4/26/2011 English 62904074 FC HTTP
JRE Updater VVM 10.1 AIX 4/26/2011 English 73127690 FC HTTP
JRE Updater VVM 10.1 HPUX-RISC 4/26/2011 English 66584576 FC HTTP
JRE Updater VVM 10.1 Solaris 4/26/2011 English 63302533 FC HTTP
JRE Updater VVM 10.1 zLinux 4/26/2011 English 60534292 FC HTTP
JRE Updater VVM 8.4.1 AIX 4/29/2011 English 49041899 FC HTTP
JRE Updater VVM 8.4.1 HP-UX PA-RISC 4/29/2011 English 52460257 FC HTTP
JRE Updater VVM 8.4.1 Linux x86 4/29/2011 English 33869005 FC HTTP
JRE Updater VVM 8.4.1 Solaris 4/29/2011 English 41041265 FC HTTP
JRE Updater VVM 8.4.1 Windows 4/29/2011 English 28122808 FC HTTP
JRE Updater VVM 8.4.1 zLinux 4/29/2011 English 47322235 FC HTTP
JRE Updater VVM 8.4.0 Windows 4/29/2011 English 28133294 FC HTTP
JRE Updater VVM 8.4.0 AIX 4/29/2011 English 48926556 FC HTTP
JRE Updater VVM 8.4.0 HP-UX PA-RISC 4/29/2011 English 52974060 FC HTTP
JRE Updater VVM 8.4.0 Linux x86 4/29/2011 English 33764147 FC HTTP
JRE Updater VVM 8.4.0 Solaris 4/29/2011 English 40936407 FC HTTP
JRE Updater VVM 8.4.0 zLinux 4/29/2011 English 47196406 FC HTTP

Cross reference information
Segment Product Component Platform Version Edition
Business Analytics Cognos 8 Business Intelligence PowerPlay Windows 8.4.1, 8.4, 8.3, 10.1
Business Analytics Cognos Mobile Windows 10.1, 8.4.1, 8.4, 8.3
Business Analytics Cognos Business Viewpoint Windows 8.4.1, 8.4, 10.1
Business Analytics Cognos Planning Windows 10.1, 8.4.1, 8.4, 8.3
Business Analytics Cognos Statistics Windows 10.1 All Editions
Business Analytics Cognos Controller Windows 8.5.1, 8.5, 8.4, 8.3
Business Analytics Cognos Series 7 Windows 7.5, 7.4
Business Analytics Cognos Express Windows 9.0, 9.5
Business Analytics Cognos Consumer Insight Not Applicable Linux 1.1
Business Analytics Cognos 8 Business Intelligence Virtual View Manager AIX, HP-UX, HP Itanium, Linux, Solaris, Windows 8.4.1, 8.4, 10.1


Document information

More support for: Cognos Business Intelligence

Software version: 8.3, 8.4, 8.4.1, 10.1

Operating system(s): AIX, HP-UX, Linux, Solaris, Windows

Software edition: All Editions

Reference #: 4029220

Modified date: 26 May 2011