* * * READ ME * * * * * * Veritas File System Advanced Features 6.0.5 * * * * * * Patch 6.0.5.200 * * * Patch Date: 2014-11-20 This document provides the following information: * PATCH NAME * OPERATING SYSTEMS SUPPORTED BY THE PATCH * PACKAGES AFFECTED BY THE PATCH * BASE PRODUCT VERSIONS FOR THE PATCH * SUMMARY OF INCIDENTS FIXED BY THE PATCH * DETAILS OF INCIDENTS FIXED BY THE PATCH * INSTALLATION PRE-REQUISITES * INSTALLING THE PATCH * REMOVING THE PATCH PATCH NAME ---------- Veritas File System Advanced Features 6.0.5 Patch 6.0.5.200 OPERATING SYSTEMS SUPPORTED BY THE PATCH ---------------------------------------- RHEL6 x86-64 PACKAGES AFFECTED BY THE PATCH ------------------------------ VRTSfsadv BASE PRODUCT VERSIONS FOR THE PATCH ----------------------------------- * Symantec VirtualStore 6.0.1 * Veritas Storage Foundation 6.0.1 * Veritas Storage Foundation Cluster File System HA 6.0.1 * Veritas Storage Foundation for Oracle RAC 6.0.1 * Veritas Storage Foundation HA 6.0.1 SUMMARY OF INCIDENTS FIXED BY THE PATCH --------------------------------------- Patch ID: 6.0.500.200 * 3651859 (3621205) OpenSSL common vulnerability exposure (CVE): POODLE and Heartbleed. Patch ID: 6.0.500.100 * 3612059 (3602386) vfradmin man page shows the incorrect info about default behavior of -d option Patch ID: 6.0.500.000 * 3411725 (3415639) The type of the fsdedupadm(1M) command always shows as MANUAL even it is launched by the fsdedupschd daemon. * 3436393 (3462694) The fsdedupadm(1M) command fails with error code 9 when it tries to mount checkpoints on a cluster. DETAILS OF INCIDENTS FIXED BY THE PATCH --------------------------------------- This patch fixes the following Symantec incidents: Patch ID: 6.0.500.200 * 3651859 (Tracking ID: 3621205) SYMPTOM: OpenSSL common vulnerability exposure (CVE): POODLE and Heartbleed. DESCRIPTION: VRTSfsadv package uses old versions of OpenSSL which are vulnerable to POODLE(CVE-2014-3566) and Hearbleed(CVE-2014-0160). By upgrading to OpenSSL 0.9.8zc, many security vulnerabilities have been fixed. RESOLUTION: The VRTSfsadv package is built with OpenSSL 0.9.8zc.. Patch ID: 6.0.500.100 * 3612059 (Tracking ID: 3602386) SYMPTOM: vfradmin man page shows the incorrect info about default behavior of -d option DESCRIPTION: When we run vfradmin command without -d option then by default the debugging is in ENABLED mode but man page indicates that the default debugging should be in DISABLED mode. RESOLUTION: Changes has been done in man page of vfradmin to reflect the correct default behavior. Patch ID: 6.0.500.000 * 3411725 (Tracking ID: 3415639) SYMPTOM: The type of the fsdedupadm(1M) command always shows as MANUAL even it is launched by the fsdedupschd daemon. DESCRIPTION: The deduplication tasks scheduled by the scheduler do not show their type as "SCHEDULED", instead they show it as "MANUAL". This is because the fsdeduschd daemon, while calling fsdedup, does not set the flag -d which would set the correct status. RESOLUTION: The code is modified so that the flag is set properly. * 3436393 (Tracking ID: 3462694) SYMPTOM: The fsdedupadm(1M) command fails with error code 9 when it tries to mount checkpoints on a cluster. DESCRIPTION: While mounting checkpoints, the fsdedupadm(1M) command fails to parse the cluster mount option correctly, resulting in the mount failure. RESOLUTION: The code is modified to parse cluster mount options correctly in the fsdedupadm(1M) operation. INSTALLING THE PATCH -------------------- Run the Installer script to automatically install the patch: ----------------------------------------------------------- To install the patch perform the following steps on at least one node in the cluster: 1. Copy the patch fsadv-rhel6_x86_64-6.0.5.200-rpms.tar.gz to /tmp 2. Untar fsadv-rhel6_x86_64-6.0.5.200-rpms.tar.gz to /tmp/hf # mkdir /tmp/hf # cd /tmp/hf # gunzip /tmp/fsadv-rhel6_x86_64-6.0.5.200-rpms.tar.gz # tar xf /tmp/fsadv-rhel6_x86_64-6.0.5.200-rpms.tar 3. Install the hotfix # pwd /tmp/hf # ./installFSADV605P2 [ ...] You can also install this patch together with 6.0.1 GA release and 6.0.5 Patch release # ./installFSADV605P2 -base_path [<601 path>] -mr_path [<605 path>] [ ...] where the -mr_path should point to the 6.0.5 image directory, while -base_path to the 6.0.1 image. Install the patch manually: -------------------------- #rpm -Uvh VRTSfsadv-6.0.500.200-RHEL6.x86_64.rpm REMOVING THE PATCH ------------------ #rpm -e rpm_name SPECIAL INSTRUCTIONS -------------------- NONE OTHERS ------ NONE