* * * READ ME * * * * * * Veritas File System Advanced Features 6.0.5 * * * * * * Patch 6.0.5.400 * * * Patch Date: 2016-02-24 This document provides the following information: * PATCH NAME * OPERATING SYSTEMS SUPPORTED BY THE PATCH * PACKAGES AFFECTED BY THE PATCH * BASE PRODUCT VERSIONS FOR THE PATCH * SUMMARY OF INCIDENTS FIXED BY THE PATCH * DETAILS OF INCIDENTS FIXED BY THE PATCH * INSTALLATION PRE-REQUISITES * INSTALLING THE PATCH * REMOVING THE PATCH * KNOWN ISSUES PATCH NAME ---------- Veritas File System Advanced Features 6.0.5 Patch 6.0.5.400 OPERATING SYSTEMS SUPPORTED BY THE PATCH ---------------------------------------- Solaris 11 SPARC PACKAGES AFFECTED BY THE PATCH ------------------------------ VRTSfsadv BASE PRODUCT VERSIONS FOR THE PATCH ----------------------------------- * Symantec VirtualStore 6.0.1 * Veritas Storage Foundation 6.0.1 * Veritas Storage Foundation Cluster File System HA 6.0.1 * Veritas Storage Foundation for Oracle RAC 6.0.1 * Veritas Storage Foundation HA 6.0.1 SUMMARY OF INCIDENTS FIXED BY THE PATCH --------------------------------------- Patch ID: 6.0.500.400 * 3868426 (3326146) Dedup fails with NULL pointer dereference. Patch ID: 6.0.500.100 * 3651859 (3621205) OpenSSL common vulnerability exposure (CVE): POODLE and Heartbleed. Patch ID: 6.0.500.000 * 3436393 (3462694) The fsdedupadm(1M) command fails with error code 9 when it tries to mount checkpoints on a cluster. DETAILS OF INCIDENTS FIXED BY THE PATCH --------------------------------------- This patch fixes the following Symantec incidents: Patch ID: 6.0.500.400 * 3868426 (Tracking ID: 3326146) SYMPTOM: Segmentation fault in dedup. DESCRIPTION: The deduplication failed during the incremental scan as it failed to allocate memory for the btree data structure at the fcl record processing stage, and NULL pointer check was not made there. RESOLUTION: Added NULL checks, error handling at necessary functions and included couple of other btree fixes. Patch ID: 6.0.500.100 * 3651859 (Tracking ID: 3621205) SYMPTOM: OpenSSL common vulnerability exposure (CVE): POODLE and Heartbleed. DESCRIPTION: VRTSfsadv package uses old versions of OpenSSL which are vulnerable to POODLE(CVE-2014-3566) and Hearbleed(CVE-2014-0160). By upgrading to OpenSSL 0.9.8zc, many security vulnerabilities have been fixed. RESOLUTION: The VRTSfsadv package is built with OpenSSL 0.9.8zc.. Patch ID: 6.0.500.000 * 3436393 (Tracking ID: 3462694) SYMPTOM: The fsdedupadm(1M) command fails with error code 9 when it tries to mount checkpoints on a cluster. DESCRIPTION: While mounting checkpoints, the fsdedupadm(1M) command fails to parse the cluster mount option correctly, resulting in the mount failure. RESOLUTION: The code is modified to parse cluster mount options correctly in the fsdedupadm(1M) operation. INSTALLING THE PATCH -------------------- Run the Installer script to automatically install the patch: ----------------------------------------------------------- To install the patch perform the following steps on at least one node in the cluster: 1. Copy the patch fsadv-sol11_sparc-Patch-6.0.5.400.tar.gz to /tmp 2. Untar fsadv-sol11_sparc-Patch-6.0.5.400.tar.gz to /tmp/hf # mkdir /tmp/hf # cd /tmp/hf # gunzip /tmp/fsadv-sol11_sparc-Patch-6.0.5.400.tar.gz # tar xf /tmp/fsadv-sol11_sparc-Patch-6.0.5.400.tar 3. Install the hotfix # pwd /tmp/hf # ./installFSADV605P4 [ ...] You can also install this patch together with 6.0.1 GA release and 6.0.5 Patch release # ./installFSADV605P4 -base_path [<601 path>] -mr_path [<605 path>] [ ...] where the -mr_path should point to the 6.0.5 image directory, while -base_path to the 6.0.1 image. Install the patch manually: -------------------------- 1. pkg uninstall VRTSfsadv 2. pkg unset-publisher Symantec 3. pkg unset-publisher Veritas 4. pkg set-publisher -g Veritas 5. pkg install --accept -g VRTSfsadv REMOVING THE PATCH ------------------ 1. pkg uninstall VRTSfsadv KNOWN ISSUES ------------ * Tracking ID: 3866876 SYMPTOM: When fully patching the non-global zones on sol10 using "attach -U" command, VRTSfsadv update might get fail. WORKAROUND: Before running "attach -U" command, please fire the following commands. cat /var/sadm/pkg/VRTSfsadv/save/pspool/VRTSfsadv/pkgmap | grep -v "all /" > /var/sadm/pkg/VRTSfsadv/save/pspool/VRTSfsadv/pkgmap_tpm mv /var/sadm/pkg/VRTSfsadv/save/pspool/VRTSfsadv/pkgmap_tpm /var/sadm/pkg/VRTSfsadv/save/pspool/VRTSfsadv/pkgmap SPECIAL INSTRUCTIONS -------------------- NONE OTHERS ------ NONE