vcs-sol11_x64-Patch-7.4.1.1100
Obsolete
The latest patch(es) : infoscale-sol11_x64-Patch-7.4.1.2300 

 Basic information
Release type: Patch
Release date: 2019-11-05
OS update support: None
Technote: None
Documentation: None
Popularity: 678 viewed    downloaded
Download size: 101.19 MB
Checksum: 640757401

 Applies to one or more of the following products:
InfoScale Availability 7.4.1 On Solaris 11 X64

 Obsolete patches, incompatibilities, superseded patches, or other requirements:

This patch is obsolete. It is superseded by: Release date
infoscale-sol11_x64-Patch-7.4.1.2300 2022-01-16

 Fixes the following incidents:
3982912

 Patch ID:
None.

Readme file
                          * * * READ ME * * *
                * * * Veritas Cluster Server 7.4.1 * * *
                         * * * Patch 1100 * * *
                         Patch Date: 2019-08-26


This document provides the following information:

   * PATCH NAME
   * OPERATING SYSTEMS SUPPORTED BY THE PATCH
   * PACKAGES AFFECTED BY THE PATCH
   * BASE PRODUCT VERSIONS FOR THE PATCH
   * SUMMARY OF INCIDENTS FIXED BY THE PATCH
   * DETAILS OF INCIDENTS FIXED BY THE PATCH
   * INSTALLATION PRE-REQUISITES
   * INSTALLING THE PATCH
   * REMOVING THE PATCH


PATCH NAME
----------
Veritas Cluster Server 7.4.1 Patch 1100


OPERATING SYSTEMS SUPPORTED BY THE PATCH
----------------------------------------
Solaris 11 X86


PACKAGES AFFECTED BY THE PATCH
------------------------------
VRTSvcs


BASE PRODUCT VERSIONS FOR THE PATCH
-----------------------------------
   * InfoScale Availability 7.4.1


SUMMARY OF INCIDENTS FIXED BY THE PATCH
---------------------------------------
Patch ID: 7.4.1.1100
* 3982912 (3981992) A potentially critical security vulnerability in VCS needs to be addressed.


DETAILS OF INCIDENTS FIXED BY THE PATCH
---------------------------------------
This patch fixes the following incidents:

Patch ID: 7.4.1.1100

* 3982912 (Tracking ID: 3981992)

SYMPTOM:
A potentially critical security vulnerability in VCS needs to be addressed.

DESCRIPTION:
A potentially critical security vulnerability in VCS needs to be addressed.

RESOLUTION:
This hotfix addresses the security vulnerability. For details, refer to the security advisory at: https://www.veritas.com/content/support/en_US/security/VTS19-003.html



INSTALLING THE PATCH
--------------------
Run the Installer script to automatically install the patch:
-----------------------------------------------------------
Please be noted that the installation of this P-Patch will cause downtime.

To install the patch perform the following steps on at least one node in the cluster:
1. Copy the patch vcs-sol11_x64-Patch-7.4.1.1100.tar.gz to /tmp
2. Untar vcs-sol11_x64-Patch-7.4.1.1100.tar.gz to /tmp/hf
    # mkdir /tmp/hf
    # cd /tmp/hf
    # gunzip /tmp/vcs-sol11_x64-Patch-7.4.1.1100.tar.gz
    # tar xf /tmp/vcs-sol11_x64-Patch-7.4.1.1100.tar
3. Install the hotfix(Please be noted that the installation of this P-Patch will cause downtime.)
    # pwd /tmp/hf
    # ./installVRTSvcs741P1100 [<host1> <host2>...]

You can also install this patch together with 7.4.1 base release using Install Bundles
1. Download this patch and extract it to a directory
2. Change to the Veritas InfoScale 7.4.1 directory and invoke the installer script
   with -patch_path option where -patch_path should point to the patch directory
    # ./installer -patch_path [<path to this patch>] [<host1> <host2>...]

Install the patch manually:
--------------------------
To apply the patch perform the following steps on all nodes in the VCS cluster:
1. Stop VCS on the cluster node.
2. Install the patch.
3. Restart VCS on the node.
To stop VCS on the cluster node:
1. Ensure that the "/opt/VRTSvcs/bin" directory is included in your PATH environment variable so that you can execute all the VCS commands. For more information, refer to the Veritas Cluster Server Installation Guide.
2. Verify that the base version of VRTSvcs is 7.4.1
3. Persistently freeze all the service groups:
# haconf -makerw
# hagrp -freeze [group] -persistent
# haconf -dump -makero
4. Stop the cluster on all nodes. On any node, run the following command to stop the cluster:
# hastop -all -force
5. Verify that the cluster is stopped on all nodes: 
# hasys -state
6. On all nodes, make sure that both the had and hashadow processes are stopped. 
7. Stop the VCS CmdServer on all nodes:   
        # /opt/VRTSvcs/bin/CmdServer -stop
8. Copy the /etc/VRTSvcs/conf/config/types.cf file to /etc/VRTSvcs/conf/config/types.cf.orig as a backup.
9. Copy the /etc/VRTSvcs/conf/config/main.cf file to /etc/VRTSvcs/conf/config/main.cf.orig as a backup.
Installing the patch
--------------------
To install the patch:
1. Log in as superuser on the system where you are installing the patch.
2. Uncompress the patch that you downloaded from Veritas.
3. Change the directory to the uncompressed patch location.
4. Apply the patch by issuing the following commands
a. Set the publisher
# pkg set-publisher -g Veritas
e.g:
# pkg set-publisher -g /hotfix_dir/patches/VRTSvcs.p5p Veritas
b. Install the package
# pkg install --accept --no-backup-be VRTSvcs
5. After the installation completes, verify that the package is installed.
# pkg info VRTSvcs
6. Unset the publisher
# pkg unset-publisher Veritas
7. Start VCS:
# hastart
8. Start the VCS CmdServer on all nodes
   # /opt/VRTSvcs/bin/CmdServer


REMOVING THE PATCH
------------------
Note: Uninstalling this patch will remove the entire VRTSvcs package. If you need
an earlier version of the package, re-install it from original source media ( ref step 3 below ).
Run the following steps on all the nodes in the VCS cluster:
1. Stop VCS:
# haconf -dump -makero
# hastop -local -force
2. Stop the VCS CmdServer
    #/opt/VRTSvcs/bin/CmdServer -stop
3. Uninstall the VRTSvcs package:
a. If you have local zones on the system, uninstall the VRTSvcs package and its dependent packages from all local zones in which it is present (repeat with set to each local zone in which VRTSvcsag is installed):
# zlogin pkg uninstall VRTSvcsag VRTSvcswiz VRTSvcs
b. Once the package is uninstalled from all local zones, uninstall the VRTSvcs package and its dependent packages from the global zone:
# pkg uninstall VRTSvcsag VRTSvcswiz VRTSvcs
4. (optional) Install the previous version of the VRTSvcs package and its dependent packages from original source media to revert your system to pre-patch conditions.
5. Start VCS:
# hastart
6. Start the VCS CmdServer on all nodes
   # /opt/VRTSvcs/bin/CmdServer


SPECIAL INSTRUCTIONS
--------------------
If a local zone is in 'configured' state while the VRTSvcs package
is being updated, then the package is not updated in local zone. To update
packages inside a local zone, set the publisher on the global zone and execute
the below command (repeat per zone as needed):
# zoneadm -z attach -u


OTHERS
------
NONE