Readme file
for IBM® Spectrum Conductor 2.5.1 Interim Fix 602397
Readme file for: IBM Spectrum Conductor
Product/Component release: 2.5.1
Fix ID: cws-2.5.1-build602397
Publication date: March 21, 2025
This interim fix
resolves known vulnerabilities CVE-2023-38264, CVE-2024-25026, and
CVE-2024-22329 by upgrading IBM WebSphere Liberty Profile to 24.0.0.11 and IBM
JRE to 8.0.8.30 on IBM Spectrum Conductor 2.5.1 with Fix 601861.
1. List
of fixes
2. Download
location
3. Products
or components affected
4. Installation
and configuration
5. Uninstallation
6. List
of files
7. Product
notifications
8. Copyright
and trademark information
APAR: P105307
Download interim fix 602397 from the following location: https://www.ibm.com/eserver/support/fixes/.
Component name, Platform, Fix ID:
IBM JRE/WLP, linux-x86_64
or linux-ppc64le, cws-2.5.1-build602397
Follow the instructions in this section
to download and install this interim fix on hosts in your cluster.
System
requirements
Linux x86_64 or Linux
ppc64le
Prerequisites
Fix 601861 must be installed
before applying this fix package.
Installation
a. Log on to the primary host as the cluster administrator and stop the
cluster:
>
egosh user logon -u Admin -x Admin
>
egosh service stop all
>
egosh ego shutdown
b. On each management and compute host, create a directory (for
example, /scfixes directory) and download following packages to the directory:
egowlp-24.0.0.11.noarch.rpm
egojre-8.0.8.30.x86_64.rpm or egojre-8.0.8.30.ppc64le.rpm
c. Change to the directory where you downloaded all installation
packages, and then install them:
d. Depending on OS run on each host either
> rpm -ivh --replacefiles egojre-8.0.8.30.x86_64.rpm --prefix <install_location> --dbpath <dbpath_location>
or> rpm -ivh --replacefiles egojre-8.0.8.30.ppc64le.rpm --prefix <install_location> --dbpath <dbpath_location>
And then only for management hosts run:> rpm -ivh --replacefiles egowlp-24.0.0.11.noarch.rpm --prefix <install_location> --dbpath <dbpath_location>
e.
Verify the installation using the pversions command.
>
pversions -b 602397
f.
Delete all
subdirectories and files from the following directories:
> rm -rf $EGO_TOP/gui/work/*
> rm -rf $EGO_TOP/gui/workarea/*
> rm -rf $EGO_TOP/kernel/rest/workarea/*
(Optional) > rm -rf
$WLP_OUTPUT_DIR/webgui_hostname/gui/workarea/*
g.
Clear your browser cache.
h. From the primary host, source the latest environment and start the
cluster:
(BASH) . $EGO_TOP/profile.platform
(CSH) source $EGO_TOP/cshrc.platform
>
egosh ego start
Notes:
· To allow for potential
rollbacks to the existing versions, this fix does not remove the current
versions of IBM WebSphere Liberty
Profile or IBM
JRE.
·
Your previous IBM JRE 8.0.8.5 can still be in use by previously deployed
IBM Spectrum Conductor components such as instances groups or application instances.
To switch these existing instances to the upgraded IBM JRE versions, you must
reconfigure their JAVA_HOME value value to
the updated IBM JRE version and redeploy manually.
If required, follow the instructions in this
section to uninstall this fix from hosts in your cluster.
a.
Log on to the primary
host as the cluster administrator and stop the cluster:
> egosh user logon -u Admin -x <Admin
password>
> egosh service stop all
> egosh ego shutdown
b. On
each management host in the cluster, roll back this fix
by manually associating the following files with the previous IBM WebSphere
Liberty Profile and IBM JRE versions:
$EGO_TOP/jre/cshrc.jre
with setenv
EGOJRE_VERSION 8.0.8.5
$EGO_TOP/jre/profile.jre
with EGOJRE_VERSION=8.0.8.5
$EGO_TOP/wlp/cshrc.wlp
with setenv WLP_VERSION 23.0.0.6
$EGO_TOP/wlp/profile.wlp
with WLP_VERSION=23.0.0.6
c.
Delete all subdirectories
and files from the following directories:
> rm -rf $EGO_TOP/gui/work/*
> rm -rf $EGO_TOP/gui/workarea/*
> rm -rf $EGO_TOP/kernel/rest/workarea/*
(Optional) > rm -rf
$WLP_OUTPUT_DIR/webgui_hostname/gui/workarea/*
d. Clear your browser cache.
e. To completely remove the fix’s RPMs on each host, depending on OS, run either:
> rpm -e egojre-8.0.8.30.x86_64 --prefix <install_location> --dbpath
<dbpath_location>
or
> rpm -e egojre-8.0.8.30.ppc64le --prefix
<install_location> --dbpath
<dbpath_location>
Then, on management hosts only, run:
> rpm -e egowlp-24.0.0.11.noarch --prefix
<install_location> --dbpath
<dbpath_location>
f. From the primary host, source the latest environment and start the
cluster:
(BASH) . $EGO_TOP/profile.platform
(CSH) source $EGO_TOP/cshrc.platform
>
egosh ego start
egowlp-24.0.0.11.noarch.rpm
egojre-8.0.8.30.x86_64.rpm
egojre-8.0.8.30.ppc64le.rpm
To receive
information about product solution and patch updates automatically, subscribe
to product notifications on the My Notifications page http://www.ibm.com/support/mynotifications/ on the IBM Support website
(http://support.ibm.com). You can edit your subscription settings to choose the
types of information you want to get notification about, for example, security
bulletins, fixes, troubleshooting, and product enhancements or documentation
changes.
© Copyright IBM Corporation 2025
U.S.
Government Users Restricted Rights - Use, duplication or disclosure restricted
by GSA ADP Schedule Contract with IBM Corp.
IBM®, the IBM
logo, and ibm.com® are trademarks of International Business Machines Corp.,
registered in many jurisdictions worldwide. Other product and service names
might be trademarks of IBM or other companies. A current list of IBM trademarks
is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.