* * * README * * *
               * * * Veritas Operations Manager 7.1 * * *
                         * * * Patch 200 * * *
                         Patch Date: 2016-09-13


This document provides the following information:

   * PATCH NAME
   * OPERATING SYSTEMS SUPPORTED BY THE PATCH
   * PACKAGES AFFECTED BY THE PATCH
   * BASE PRODUCT VERSIONS FOR THE PATCH
   * SUMMARY OF INCIDENTS FIXED BY THE PATCH
   * DETAILS OF INCIDENTS FIXED BY THE PATCH
   * INSTALLATION PRE-REQUISITES
   * INSTALLING THE PATCH
   * REMOVING THE PATCH


PATCH NAME
----------
Veritas Operations Manager 7.1 Patch 200


OPERATING SYSTEMS SUPPORTED BY THE PATCH
----------------------------------------
AIX 6.1 ppc
AIX 7.1 ppc
AIX 7.2
RHEL5 i686
RHEL5 x86-64
RHEL6 x86-64
RHEL7 x86-64
SLES10 x86-64
SLES11 x86-64
SLES12 x86-64
Solaris 10 SPARC
Solaris 11 SPARC
Solaris 11 X86
Windows Server 2012 R2 X64
Windows 2012 X64
Windows Server 2008 R2 X64
Windows 2008 X64



BASE PRODUCT VERSIONS FOR THE PATCH
-----------------------------------
   * Veritas Operations Manager 7.1.0.0


SUMMARY OF INCIDENTS FIXED BY THE PATCH
---------------------------------------
Patch ID: vom-HF0710200
* 3874671 (3877660) Audit events are logged 6 hours different to the actual event time.
* 3876741 (3877426) 'Operation in Progress' while doing Enclosure un-configuration.
* 3876961 (3889392) vbs is getting offline and reconfigured repeatedly
* 3878021 (3889402) VOM is spawning multiple perl.exe perl.bin
* 3878874 (3889597) Removing the pagination for VCS logs wizard
* 3879128 (3881253) Solaris Logical Domains are not visible under Virtualization
Perspective.
* 3879635 (3889903) CP7 does not report as installed properly.
* 3880002 (3879999) Web server crash due to policy check rescans.
* 3880298 (3889400) VBS resource dependency was removed on VOM GUI after a AppHA server reboot.
* 3880516 (3889763) After at_migration.pl on VIOM CMS getting error V-394-4095-803
that 'You are not authorized to perform this action'.
* 3882240 (3892026) Wrong output in Performance View for CPU Utilization for AIX MH.
* 3889533 (3896534) API for disk/volume not showing data
* 3890097 (3896540) Create Volume operation failing.
* 3891147 (3892217) sfha6.2.1.100 patch was not recognized after install llt/gab patches.
* 3891425 (3893702) Tomcat Fileupload (CVE-2016-3092) vulnerability in VIOM.
* 3894849 (3894848) GUI log in fails with error "Server is unreachable. Please try
again after some time.
* 3895769 (3895914) Veritas Infoscale Operations Manager Vulnerabilities.


DETAILS OF INCIDENTS FIXED BY THE PATCH
---------------------------------------
This patch fixes the following incidents:

Patch ID: vom-HF0710200

* 3874671 (Tracking ID: 3877660)

SYMPTOM:
Audit Events have difference of 6 hours as compare to actual event time.

DESCRIPTION:
Time for the audit event is less than six hours to actual event time.

RESOLUTION:
The difference of +6 hours time is because PostgreSQL patch is
missing and postgreSQLs
/opt/VRTSsfmcs/pgsql/share/postgresql/timezone/Europe/Moscow is
having this issue. Fixed the Moscow time zone.

* 3876741 (Tracking ID: 3877426)

SYMPTOM:
Unconfigure Device windows shows 'Operation in Progress' for long time.

DESCRIPTION:
While performing unconfiguration of an enclosure, you may see
Unconfigure Device windows shows 'Operation in Progress' for long time.

RESOLUTION:
Fixed the broken DB Stored Procedure.

* 3876961 (Tracking ID: 3889392)

SYMPTOM:
vbs is getting offline and reconfigured repeatedly

DESCRIPTION:
Suspecting that sometime database query to fetch the vbs configured host not
return any data

RESOLUTION:
Added the fix to re-execute the query after 10 sec if no data return previously

* 3878021 (Tracking ID: 3889402)

SYMPTOM:
VOM is spawning multiple perl.exe perl.bin

DESCRIPTION:
VOM is spawning multiple perl.exe perl.bin , it is observed that vbsdeploy -verify
& vbsdeploy -deploy process does not exits sometime

RESOLUTION:
Added preventive fix in VOM to exits vbsdeploy -verify process after 30 sec and
vbsdeploy -deploy if these process did not exits
actual fix is provided in private vbsdeploy.pl script

* 3878874 (Tracking ID: 3889597)

SYMPTOM:
Even though 200 lines of logs are showing on single page wizard , pagination is
showing for wizard

DESCRIPTION:
Even though 200 lines of logs are showing on single page wizard , pagination is
incorrectly showing for wizard.
Logs are populated from file and not from databases, in VOM framework pagination
feature is not implemented for data populated from file

RESOLUTION:
Removing the pagination , we are showing logs on single page

* 3879128 (Tracking ID: 3881253)

SYMPTOM:
Do not see Solaris Logical Domains under Virtualization Perspective.

DESCRIPTION:
After adding Logical Domains to VIOM; it is not visible under
Virtualization Perspective due to length of the hostid of Oracle T4-1B blade server.

RESOLUTION:
Converted hostid from numeric to string by prefixing 'hid'.

* 3879635 (Tracking ID: 3889903)

SYMPTOM:
VOM GUI reporting that the CP7 is partially installed.

DESCRIPTION:
VOM GUI reporting that the CP7 is partially installed.

RESOLUTION:
Return correct CP status for each CP. On SFW 6.0.1 when multiple CP's
are installed, script was returning partially installed status even if CP is
installed properly.

* 3880002 (Tracking ID: 3879999)

SYMPTOM:
Not able to run policy check scans.

DESCRIPTION:
If policy check scans are run, this causes the web server to crash.

RESOLUTION:
Replaced threads based policy check scans by quartz based scheduler.

* 3880298 (Tracking ID: 3889400)

SYMPTOM:
VBS resource dependency was removed on VOM GUI after a AppHA server reboot.

DESCRIPTION:
It looks like that after guest is rebooted , discovery failed to get the
Application configuration in app.conf file and delete all the objects.
Added the fix to not delete the ApplicationHA configuration

RESOLUTION:
Added the fix to not delete the ApplicationHA configuration.

* 3880516 (Tracking ID: 3889763)

SYMPTOM:
You can not perform any operation on MHs.

DESCRIPTION:
There are multiple issues
1. Sometimes java.exe process is not killed on Windows CMS.
2. Changed location of 'SystemDefaultTrustDirectory' on Windows MHs.
3. Issues in migration when CMS is Windows and MHs are UNIX.

RESOLUTION:
1. Killing java.exe process forcefully.
2. Using correct location of 'SystemDefaultTrustDirectory'.
3. Modified at_migration.pl so that when this is pushed to UNIX MHs, does not face
execution issue.

* 3882240 (Tracking ID: 3892026)

SYMPTOM:
Performance View for CPU Utilization for AIX MH sometimes wrongly shows 100% spikes.

DESCRIPTION:
Performance View for CPU Utilization for AIX MH sometimes wrongly shows 100% spikes.

RESOLUTION:
Corrected parsing logic of vmstat CLI output to correctly compute CPU Utilization.

* 3889533 (Tracking ID: 3896534)

SYMPTOM:
API showing error when disk/volume information is queried.

DESCRIPTION:
VIOM API when executed via host > diskgroups, does not show information on upgraded
VIOM CS from VIOM 7.0 to VIOM 7.1

RESOLUTION:
Corrected columns required for disk/volume API to show output properly

* 3890097 (Tracking ID: 3896540)

SYMPTOM:
Create volume operation wizard shows blank page

DESCRIPTION:
Create Volume wizard shows blank page when operation is launched on host having SF
with patch

RESOLUTION:
Corrected SF version check to allow operation on host with SF patch installed

* 3891147 (Tracking ID: 3892217)

SYMPTOM:
sfha6.2.1.100 patch was not recognized after install llt/gab patches.

DESCRIPTION:
Some SFHA patches were not getting recognized by VIOM after you install llt/gab
patches.

RESOLUTION:
Fixed the script to recognize sfha6.2.1.100 patch.

* 3891425 (Tracking ID: 3893702)

SYMPTOM:
Tomcat Fileupload (CVE-2016-3092) vulnerability in VIOM.

DESCRIPTION:
commons-fileupload.jar version 1.3.1 is affected with CVE-2016-3092
vulnerability.

RESOLUTION:
Upgraded commons-fileupload.jar to version 1.3.2

* 3894849 (Tracking ID: 3894848)

SYMPTOM:
Login in VIOM GUI fails when login with LDAP user.

DESCRIPTION:
When login with LDAP user in VIOM GUI, you see error "Server is
unreachable. Please try again after some time". When you refresh the browser, you
see that login is success.

RESOLUTION:
Increased the login page time out.

* 3895769 (Tracking ID: 3895914)

SYMPTOM:
1. VULNERABILITY: Remote Command Execution via VIOM.
2. VULNERABILITY: Unauthenticated Blind SQL Injection via VIOM.

DESCRIPTION:
1. VULNERABILITY: Remote Command Execution via VIOM
- An authenticated, unprivileged user can execute arbitrary commands as root
using remote 
command injection.  This can lead to full compromise of the system.

2. VULNERABILITY: Unauthenticated Blind SQL Injection via VIOM
- An unauthenticated user can execute arbitrary commands using SQL injection. On
Linux 
this command runs as an unprivileged user.  On Windows this command runs as SYSTEM.

RESOLUTION:
1. VULNERABILITY: Remote Command Execution via VIOM
- VIOM scripts have been fixed to not allow command execution from unauthorized
users.

2. VULNERABILITY: Unauthenticated Blind SQL Injection via VIOM
- VIOM scripts have been fixed to not allow Blind SQL Injection.



INSTALLING THE PATCH
--------------------
IMPORTANT NOTE : Please take a backup of the database using the instructions given in the Admin guide before installing this Hotfix.

This Hotfix is applicable for VOM 7.1 Managed Hosts as well as VOM 7.1 Management Server.
This Hotfix is not applicable for VOM 7.1 Sol10_x86 Managed Hosts.

1. Download the file vom-7.1.0.200.sfa
2. Launch a browser and login to the VIOM management server.
3. Navigate to Settings ->           Deployment Icon.
4. Upload the Hotfix to the VIOM CMS using the "Upload Solutions" button.
   The Hotfix vom-7.1.0.200 should be visible in the Hot Fixes tree node.
5. Please install this Hotfix on CS using the following instructions:
    - Go to Settings ->          Deployment ->          Hot Fixes ->          Veritas Infoscale Operations Manager Managed Host.
    - Click on Hot Fixes Tab. Click on Applicable Hosts Tab.
    - Right click on CS Name and click on Install.


REMOVING THE PATCH
------------------
Un-installation and rollback of this Hotfix is supported only on Solaris 10 and AIX platforms.


SPECIAL INSTRUCTIONS
--------------------
It requires approximately around 3 GB of disk space to upload vom-7.1.0.200.sfa. Please ensure that Management Server has at least 3 GB of free disk space where CMS is installed.


OTHERS
------
Fixes of below incidents have been added to this cumulative patch vom-HF0710200.
3876741, 3874671, 3880002, 3879128, 3878874, 3876961, 3880298, 3880516, 3879635, 3878021, 3882240, 3890097, 3889533, 3891147, 3891425, 3894849