Veritas™ Services and Operations Readiness Tools (SORT)
|
The latest patch(es) : vom-Patch-7.4.2.810
|
|---|
| Release type: | Patch |
| Release date: | 2021-07-01 |
| OS update support: | None |
| Technote: | None |
| Documentation: | None |
| Popularity: | 399 viewed downloaded |
| Download size: | 676 MB |
| Checksum: | 1134423764 |
|
Operations Manager 7.4.2.0 On AIX
Operations Manager 7.4.2.0 On Linux Operations Manager 7.4.2.0 On Solaris 11 SPARC Operations Manager 7.4.2.0 On Solaris 11 X64 Operations Manager 7.4.2.0 On Windows x64 |
|
|
4009452, 4009466, 4009469, 4009471, 4009475, 4017417, 4017420, 4017423, 4017437, 4017442, 4017453, 4017461, 4017472, 4028854, 4028872, 4028955, 4028959, 4028969, 4028998, 4029001, 4032937, 4032940, 4032946, 4032953, 4033084, 4042366, 4042371, 4042478, 4042481, 4042486
|
|
None.
|
* * * READ ME * * *
* * * Veritas Operations Manager 7.4.2 * * *
* * * Patch 400 * * *
Patch Date: 2021-06-25
This document provides the following information:
* PATCH NAME
* OPERATING SYSTEMS SUPPORTED BY THE PATCH
* PACKAGES AFFECTED BY THE PATCH
* BASE PRODUCT VERSIONS FOR THE PATCH
* SUMMARY OF INCIDENTS FIXED BY THE PATCH
* DETAILS OF INCIDENTS FIXED BY THE PATCH
* INSTALLATION PRE-REQUISITES
* INSTALLING THE PATCH
* REMOVING THE PATCH
PATCH NAME
----------
Veritas Operations Manager 7.4.2 Patch 400
OPERATING SYSTEMS SUPPORTED BY THE PATCH
----------------------------------------
AIX
AIX 7.1
AIX 7.2
RHEL6 x86-64
RHEL7 x86-64
RHEL8 x86-64
SLES11 x86-64
SLES12 x86-64
SLES15 x86-64
Solaris 11 SPARC
Solaris 11 X64
Windows Server 2012 R2 X64
Windows 2016 X64
Windows 2019 X64
BASE PRODUCT VERSIONS FOR THE PATCH
-----------------------------------
* Veritas Operations Manager 7.4.2.0
SUMMARY OF INCIDENTS FIXED BY THE PATCH
---------------------------------------
Patch ID: vom-HF0742400
* 4032937 (4032936) Upgrade tomcat to 9.0.45
* 4032940 (4032939) Search on Replications tab does not work
* 4032946 (4032947) Product Enhancement - Global reports to create custom and centralized reports over multiple VIOM Management Servers.
* 4032953 (4032950) Product enhancement - vxdclid plugin compatibility should not break while doing MH upgrade from VIOM GUI.
* 4033084 (4033081) Product Enhancement - InfoScale licensing service enhancement.
* 4042366 (4042365) V-16-25-30068 reported when trying to do VCS service group online/offline using VBS policy using VIOM GUI
* 4042371 (4042370) Use of 'had' command instead of 'hastart' command in sfmh-discovery.pl script.
* 4042478 (4042477) Duplicate Virtual Machine ID found in database and not able to add MH to VIOM CMS
* 4042481 (4042480) Some of the binaries in VRTSsfmh package are using older openssl version.
* 4042486 (4042485) Product Enhancement - Display a warning message in VIOM GUI if VIOM CMS is running in maintenance mode.
Patch ID: vom-HF0742300
* 4028854 (4028853) Discrepancy between ncore license report and Excel version.
* 4028872 (4028869) Product Enhancement - VIOM Web API to remove/unconfigure Agent from Management Server.
* 4028955 (4028954) VCS Service Groups status not showing intermittently for all hosts in a cluster in VIOM GUI.
* 4028959 (4028958) VIOM email notification does not mention the faulted resource name for VCS resource faulted alert.
* 4028969 (4028968) Product Enhancement - Support of third party certificate for xprtld process running on port 5634.
* 4028998 (4028997) Veritas InfoScale Operations Manager on Windows allows an attacker to run arbitrary code with administrator privilege.
* 4029001 (4028983) Upgrade tomcat to 9.0.41 and java to Amazon Corretto java 8.275.01.1
Patch ID: vom-HF0742200
* 4017417 (4017414) Host family discovery fail due to json error in Task.pm
* 4017420 (4017419) VIOM Web Server does not start at the end of VIOM CMS patch upgrade.
* 4017423 (4017422) While adding VIOM Agent to VIOM CMS, getting error "Host is already part of the domain".
* 4017437 (4017435) Not able to generate email alert for VCS cluster down from Availability perspective.
* 4017442 (4017440) VIOM does report no valid SFHA license for version 5.1 on Windows servers.
* 4017453 (4017444) Tomcat upgrade to 9.0.37.0
* 4017461 (4017460) Product Enhancement - New reports for Veritas Volume Replicator.
* 4017472 (4017463) Product Enhancement: CLI to configure LDAP in VIOM.
Patch ID: vom-HF0742100
* 4009452 (4009454) Can not expand VVR volume on Windows InfoScale Node from VIOM GUI.
* 4009466 (4009463) MH patch install on Solaris 11 hosts does not unset the Veritas publisher.
* 4009469 (4009472) Some other fixes and security upgrades.
* 4009471 (4009470) VIOM patch shows Not installed though it is installed.
* 4009475 (4009474) Windows MH agent showing disconnected in VIOM even after refresh/reboot
DETAILS OF INCIDENTS FIXED BY THE PATCH
---------------------------------------
This patch fixes the following incidents:
Patch ID: vom-HF0742400
* 4032937 (Tracking ID: 4032936)
SYMPTOM:
Tomcat security updates.
DESCRIPTION:
Tomcat upgraded to 9.0.45
RESOLUTION:
Upgraded tomcat to latest version available.
* 4032940 (Tracking ID: 4032939)
SYMPTOM:
Not able to filter/search RVGs.
DESCRIPTION:
Under Replication tab, you can not search or filter out the RVGs.
RESOLUTION:
Added search functionality on the replication tab.
* 4032946 (Tracking ID: 4032947)
SYMPTOM:
N/A
DESCRIPTION:
Details on using Global reports are available in technote https://www.veritas.com/support/en_US/doc/viom_technote_7.4.2.400
RESOLUTION:
N/A
* 4032953 (Tracking ID: 4032950)
SYMPTOM:
N/A
DESCRIPTION:
Earlier, while doing MH upgrade on InfoScale hosts used to break the vxdclid plugin compatibility with VxVM. Now, we have enhance the MH upgrade procedure to avoid the vxdclid plugin compatibility.
Upgrading MH through VIOM GUI on InfoScale hosts will retain the vxdclid plugin compatibility with VxVM version.
NOTE: After patch upgrade, SFMH 7.4.2 Managed Host bundle will be removed from VIOM CMS. You need to re-upload the 7.4.2 Managed Host bundle when you want to do MH upgrade from VIOM GUI. You may download Veritas_InfoScale_Operations_Manager_Managed_Host_Bundle_7.4.2 from Veritas Download Center.
RESOLUTION:
N/A
* 4033084 (Tracking ID: 4033081)
SYMPTOM:
N/A
DESCRIPTION:
For more details, please refer technote https://www.veritas.com/support/en_US/doc/viom_technote_7.4.2.400
RESOLUTION:
N/A
* 4042366 (Tracking ID: 4042365)
SYMPTOM:
Unable to online/offline VCS service groups using VBS
DESCRIPTION:
If a service group is part of VBS policy then using VBS start/stop operation, you can not online/offline service group.
RESOLUTION:
One flag value was not being handled correctly.
* 4042371 (Tracking ID: 4042370)
SYMPTOM:
May cause issue with systemctl start/stop of VCS service.
DESCRIPTION:
Use of 'had' command instead of 'hastart' command in sfmh-discovery.pl script.
RESOLUTION:
Changed command from had to hastart.
* 4042478 (Tracking ID: 4042477)
SYMPTOM:
Can not add MHs to VIOM CMS due to error duplicate id already present in db.
DESCRIPTION:
While adding MH using gendeploy script, you may see that MH is not getting added to CMS. You may see error like duplicate host id is already present in db. To re-add the MH, you need to remove the MH from VIOM CMS first. If you are using vomadm command to remove the MH, it may not work.
The fix is for removing the MH using vomadm cli.
RESOLUTION:
Checking the MH entry in configuration as well as in db.
* 4042481 (Tracking ID: 4042480)
SYMPTOM:
Some of the binaries in VRTSsfmh package are using older openssl version.
DESCRIPTION:
You may find that few of the binaries in VRTSsfmh package are using older openssl version.
RESOLUTION:
Upgraded openssl version.
* 4042486 (Tracking ID: 4042485)
SYMPTOM:
N/A
DESCRIPTION:
Terminating VIOM CMS upgrade or VIOM backup/restore procedure in middle can result VIOM CMS running in maintenance mode and VIOM admin may not know about this.
This product enhancement will pop-up a warning message whenever a VIOM user logs in GUI to know if CMS is running in maintenance mode.
RESOLUTION:
N/A
Patch ID: vom-HF0742300
* 4028854 (Tracking ID: 4028853)
SYMPTOM:
Data mismatch in Excel and license report.
DESCRIPTION:
Data of column ncore to license mismatch in Excel generated from Deployment details tab of licensing perspective and "Per core license information" report of licensing perspective.
RESOLUTION:
"Fixed db schema/view"
* 4028872 (Tracking ID: 4028869)
SYMPTOM:
N/A
DESCRIPTION:
Details on using VIOM Web API are available in technote https://www.veritas.com/support/en_US/doc/viom_technote_7.4.2.300
RESOLUTION:
N/A
* 4028955 (Tracking ID: 4028954)
SYMPTOM:
In Availability perspective, status of VCS service group was intermittently showing empty for some hosts or all hosts in a cluster.
DESCRIPTION:
VCS Service Groups status in VIOM GUI was intermittently showing empty for some hosts or all hosts in a cluster.
RESOLUTION:
Fix added in sfmh discovery -Triggered VCS rescan after 'hasys -add' operation.
* 4028959 (Tracking ID: 4028958)
SYMPTOM:
VIOM email notification does not mention the faulted resource name for VCS resource faulted alert.
DESCRIPTION:
Email notification for faulted VCS resource do not mention resource name.
RESOLUTION:
Added the resource name while generating alert in VCS discovery and in alert definition of 'event.alert.vom.vcs.resource.faulted'.
* 4028969 (Tracking ID: 4028968)
SYMPTOM:
N/A
DESCRIPTION:
You may import your own certificate for xprtld process running on port 5634 on Linux CMS and Linux, Solaris, AIX MHs.
Details on using third party certificate for xprtld process are available in technote https://www.veritas.com/support/en_US/doc/viom_technote_7.4.2.300
RESOLUTION:
N/A
* 4028998 (Tracking ID: 4028997)
SYMPTOM:
A low privileged user on the Windows system without any privileges in VIOM can create a <drive>:\usr\local\ssl\openssl.cnf configuration file to load a malicious OpenSSL engine resulting in arbitrary code execution as SYSTEM when the service starts.
DESCRIPTION:
On start-up, the VIOM Agent loads the OpenSSL library from \usr\local\ssl. This library attempts to load the \usr\local\ssl\openssl.cnf configuration file which may not exist. On Windows systems, this path could translate to <drive>:\usr\local\ssl\openssl.cnf, where <drive> could be the default Windows installation drive such as C:\ or the current working directory from where the VIOM services / processes are running. By default, on Windows systems, users can create directories under C:\. A low privileged user on the Windows system without any privileges in VIOM can create a <drive>:\usr\local\ssl\openssl.cnf configuration file to load a malicious OpenSSL engine resulting in arbitrary code execution as SYSTEM when the service starts. This gives the attacker administrator access on the system, allowing the attacker (by default) to access all data, to access all installed applications, etc.
This vulnerability affects Veritas InfoScale Operations Manager (VIOM) and Agents.
RESOLUTION:
Upgraded openssl version.
* 4029001 (Tracking ID: 4028983)
SYMPTOM:
Tomcat and java Security Updates.
DESCRIPTION:
Tomcat upgraded to 9.0.41 and java to Amazon Corretto java 8.275.01.1
RESOLUTION:
Upgraded tomcat and java to latest version available.
Patch ID: vom-HF0742200
* 4017417 (Tracking ID: 4017414)
SYMPTOM:
json error in Task.pm is seen in log messages.
DESCRIPTION:
During Host family discovery on VIOM servers (CMS and Agents), you may see 'json error in Task.pm'.
RESOLUTION:
Fixed json error
* 4017420 (Tracking ID: 4017419)
SYMPTOM:
VIOM Web Server does not start at the end of VIOM CMS patch upgrade.
DESCRIPTION:
If customer's own certificate is being used for VIOM web server and the keystore password is different from the default 'changeit', then you may see that VIOM web server is not getting started at the end of VIOM patch upgrade.
RESOLUTION:
Taking backup of server.xml and restoring it after patch upgrade.
* 4017423 (Tracking ID: 4017422)
SYMPTOM:
You may see this issue on Linux Virtual Machines where VMs are cloned.
DESCRIPTION:
While adding VIOM Agent (Linux VM) to VIOM CMS, getting error "Host is already part of the domain".
RESOLUTION:
Created a unique ID for cloned Linux VMs based.
* 4017437 (Tracking ID: 4017435)
SYMPTOM:
You are not receiving email alert for VCS cluster down if rule is created under Availability perspective.
DESCRIPTION:
You are not receiving email alert for VCS cluster down if rule is created under Availability perspective.
RESOLUTION:
Added support for sending email alert from Availability perspective for VCS cluster down.
* 4017442 (Tracking ID: 4017440)
SYMPTOM:
VIOM GUI shows no valid license fault for SFHA 5.1
DESCRIPTION:
VIOM was not able to detect the SFHA 5.1 license key on Windows.
RESOLUTION:
Detected the license key,
* 4017453 (Tracking ID: 4017444)
SYMPTOM:
Tomcat vulnerabilities reported.
DESCRIPTION:
Tomcat upgrade to 9.0.37.0
RESOLUTION:
Upgraded tomcat version.
* 4017461 (Tracking ID: 4017460)
SYMPTOM:
N/A
DESCRIPTION:
VIOM does now have three new reports related to VVR in Server perspective.
- VVR replication data status
- Data Replication Status-Weekly
- Data Replication Status-Monthly
Details on new VVR reports are available in technote https://www.veritas.com/support/en_US/doc/viom_technote_7.4.2.200
RESOLUTION:
N/A
* 4017472 (Tracking ID: 4017463)
SYMPTOM:
N/A
DESCRIPTION:
New CLI to allow VIOM user to -
- Configure LDAP
- Assign permissions
- Unconfigure LDAP
- Change bind user password for already configured LDAP.
RESOLUTION:
N/A
Patch ID: vom-HF0742100
* 4009452 (Tracking ID: 4009454)
SYMPTOM:
"Resize Volume" operation fails for VVR volume, for windows MH.
DESCRIPTION:
VIOM GUI operation "Resize Volume" fails on Windows InfoScale Node when try to resize VVR volume.
RESOLUTION:
Removed the decimal from VVR volume size and round off.
* 4009466 (Tracking ID: 4009463)
SYMPTOM:
After VIOM patch install on Solaris Agents, 'pkg publisher' command shows Veritas publisher.
DESCRIPTION:
After VIOM patch install on Solaris Agents, 'pkg publisher' command shows Veritas publisher. This publisher should be removed after patch install.
RESOLUTION:
Unsetting publisher once patch is installed.
* 4009469 (Tracking ID: 4009472)
SYMPTOM:
N/A
DESCRIPTION:
- Java upgrade - Upgrade JAVA version to 1.8.0.252.
- Tomcat upgrade - Upgrade apache tomcat to 9.0.35 as mitigation to CVE-2020-9484 vulnerability.
- SmartIO related fixes
1) Cache state update in GUI.
2) Impact Analysis Chart fix.
3) Can not create multiple cache on same disk
- VCS Service Group related fixes
1) Not able to create link for Service group dependency
2) GUI shows firedrill task in RUNNING.
- xprtld service getting timed out after reboot because of slow network service start.
- vomsc status/start/stop command throwing error message.
- Policy signature scan report is giving exception when signature is registered.
- Storage Migration Solution fixes
1) Multiple volume migration tasks not able to schedule in single operations using migrate by host method.
2) Not able to do Volume Migration using Migrate Volume by Host method
RESOLUTION:
Fixed above all mentioned issues.
* 4009471 (Tracking ID: 4009470)
SYMPTOM:
In Deployment, the patch shows as Not Installed though it is successfully installed.
DESCRIPTION:
Sometimes, you may see that VIOM patch installation is successful but when checking in Deployment, the patch shows as Not Installed and hence unable to apply the patch to other MH hosts.
RESOLUTION:
Handled the Json exception.
* 4009475 (Tracking ID: 4009474)
SYMPTOM:
Sometimes after Windows MH agent reboot, host can be seen in disconnected state in Settings->Host.
DESCRIPTION:
You can see agent in disconnected state if host has Microsoft Failover Cluster Virtual Adapter.
RESOLUTION:
Skipping the Microsoft Failover Cluster Virtual Adapter from the host GUID.
INSTALLING THE PATCH
--------------------
IMPORTANT NOTE : Please take a backup of the database using the instructions given in the Admin guide before installing this Hotfix.
This Hotfix is applicable for VOM 7.4.2 Managed Hosts as well as VOM 7.4.2 Management Server.
1. Download the file vom-7.4.2.400.sfa
2. Launch a browser and login to the VIOM management server.
3. Navigate to Settings -&gt; Deployment Icon.
4. Upload the Hotfix to the VIOM CMS using the Upload Solutions button.
The Hotfix vom-7.4.2.400 should be visible in the Hot Fixes tree node.
5. Please install this Hotfix on CS using the following instructions:
- Go to Settings -&gt; Deployment -&gt; Hot Fixes -&gt; Veritas Infoscale Operations Manager Managed Host.
- Click on Hot Fixes Tab. Click on Applicable Hosts Tab.
- Right click on CS Name and click on Install.
REMOVING THE PATCH
------------------
Un-installation and rollback of this Hotfix is supported only on Solaris 11 and AIX platforms.
SPECIAL INSTRUCTIONS
--------------------
NONE
OTHERS
------
NONE
|
Why Register?
Get notifications about ASLs/APMs, HCLs, patches, and high availability agents
As a registered user, you can create notifications to receive updates about NetBackup Future Platform and Feature Plans, NetBackup hot fixes/EEBs in released versions, Array Support Libraries (ASLs)/Array Policy Modules (APMs), hardware compatibility lists (HCLs), patches and high availability agents. In addition, you can create system-specific notifications customized to your environment.
Compare configurations
The Compare Configurations feature lets you compare different system scans by the data collector. When you sign in, you can choose a target system, compare reports run at different times, and easily see how the system's configuration has changed.
Save configurations
After logging in, you can retrieve past reports, share reports with colleagues, review notifications you received, and retain custom settings. Anonymous users cannot access these features.
Bulk uploader
As a registered user,you can upload multiple reports, using the Bulk Uploader.