* * * READ ME * * * * * * Veritas File System Advanced Features 6.2 * * * * * * Patch 100 * * * Patch Date: 2015-01-30 This document provides the following information: * PATCH NAME * OPERATING SYSTEMS SUPPORTED BY THE PATCH * PACKAGES AFFECTED BY THE PATCH * BASE PRODUCT VERSIONS FOR THE PATCH * SUMMARY OF INCIDENTS FIXED BY THE PATCH * DETAILS OF INCIDENTS FIXED BY THE PATCH * INSTALLATION PRE-REQUISITES * INSTALLING THE PATCH * REMOVING THE PATCH PATCH NAME ---------- Veritas File System Advanced Features 6.2 Patch 100 OPERATING SYSTEMS SUPPORTED BY THE PATCH ---------------------------------------- AIX 6.1 AIX 7.1 PACKAGES AFFECTED BY THE PATCH ------------------------------ VRTSfsadv BASE PRODUCT VERSIONS FOR THE PATCH ----------------------------------- * Symantec File System 6.2 * Symantec Storage Foundation 6.2 * Symantec Storage Foundation for Oracle RAC 6.2 * Symantec Storage Foundation HA 6.2 SUMMARY OF INCIDENTS FIXED BY THE PATCH --------------------------------------- Patch ID: 6.2.0.100 * 3702445 (3621205) OpenSSL common vulnerability exposure (CVE): POODLE and Heartbleed. DETAILS OF INCIDENTS FIXED BY THE PATCH --------------------------------------- This patch fixes the following Symantec incidents: Patch ID: 6.2.0.100 * 3702445 (Tracking ID: 3621205) SYMPTOM: OpenSSL common vulnerability exposure (CVE): POODLE and Heartbleed. DESCRIPTION: VRTSfsadv package uses old versions of OpenSSL which are vulnerable to POODLE(CVE-2014-3566) and Hearbleed(CVE-2014-0160). By upgrading to OpenSSL 0.9.8zc, many security vulnerabilities have been fixed. RESOLUTION: The VRTSfsadv package is built with OpenSSL 0.9.8zc.. INSTALLING THE PATCH -------------------- Run the Installer script to automatically install the patch: ----------------------------------------------------------- To install the patch perform the following steps on at least one node in the cluster: 1. Copy the patch fsadv-aix-6.2.0.100-patches.tar.gz to /tmp 2. Untar fsadv-aix-6.2.0.100-patches.tar.gz to /tmp/hf # mkdir /tmp/hf # cd /tmp/hf # gunzip /tmp/fsadv-aix-6.2.0.100-patches.tar.gz # tar xf /tmp/fsadv-aix-6.2.0.100-patches.tar 3. Install the hotfix # pwd /tmp/hf # ./installVRTSfsadv620P100 [ ...] Install the patch manually: -------------------------- If the currently installed VRTSfsadv is below 6.2.0.000, you must upgrade VRTSfsadv to 6.2.0.000 level before installing this patch. AIX maintenance levels and APARs can be downloaded from the IBM Web site: http://techsupport.services.ibm.com Install the VRTSfsadv.bff patch if VRTSfsadv is already installed at fileset level 6.2.0.100 A system reboot is required after installing this patch. To apply the patch, first unmount all VxFS file systems, then enter these commands: # mount | grep vxfs # cd # installp -aXd VRTSfsadv.bff VRTSfsadv # reboot REMOVING THE PATCH ------------------ Run the Uninstaller script to automatically remove the patch: ------------------------------------------------------------ To uninstall the patch perform the following step on at least one node in the cluster: # /opt/VRTS/install/uninstallVRTSfsadv620P100 [ ...] Remove the patch manually: ------------------------- If you need to remove the patch, first unmount all VxFS file systems, then enter these commands: # mount | grep vxfs # installp -r VRTSfsadv 6.2.0.100 # reboot SPECIAL INSTRUCTIONS -------------------- NONE OTHERS ------ NONE