Sign In
Forgot Password

Don’t have an account? Create One.

Instructions for How to Create, View, and Manage Cases

Fsadv Security Patch IS-8.0.2U5SP1 for RHEL9

Patch
Update ID: UPD641575
Version: 8.0.2.2500
Platform: Linux
Release date: 2025-04-04

Abstract

Fsadv Security Patch IS-8.0.2U5SP1 for RHEL9

Description

This patch provides a Security update on IS-8.0.2 Update 5 patch for RHEL9 platform. This patch should be installed on IS-8.0.2 GA + latest cumulative patch released on IS-8.0.2

In this case latest cumulative patch on IS-8.0.2 is IS 8.0.2 Update 5 on RHEL9 platform(Patch version : InfoScale 8.0.2.2700).

 


SORT ID:  21976


Supported Platforms :

RHEL9.4, RHEL9.5


Patch IDs:

VRTSfsadv-8.0.2.2500-0313_RHEL9 for VRTSfsadv


PREREQUISITE TO INSTALLING THE PATCH - 
IS-8.0.2 GA + IS-8.0.2 U5(8.0.2.2700)

                          * * * READ ME * * *
        * * * Veritas File System Advanced Features 8.0.2 * * *
                         * * * Patch 2500 * * *
                         Patch Date: 2025-04-02


This document provides the following information:

   * PATCH NAME
   * OPERATING SYSTEMS SUPPORTED BY THE PATCH
   * PACKAGES AFFECTED BY THE PATCH
   * BASE PRODUCT VERSIONS FOR THE PATCH
   * SUMMARY OF INCIDENTS FIXED BY THE PATCH
   * DETAILS OF INCIDENTS FIXED BY THE PATCH
   * INSTALLATION PRE-REQUISITES
   * INSTALLING THE PATCH
   * REMOVING THE PATCH


PATCH NAME
----------
Veritas File System Advanced Features 8.0.2 Patch 2500


OPERATING SYSTEMS SUPPORTED BY THE PATCH
----------------------------------------
RHEL9 x86-64


PACKAGES AFFECTED BY THE PATCH
------------------------------
VRTSfsadv


BASE PRODUCT VERSIONS FOR THE PATCH
-----------------------------------
   * InfoScale Enterprise 8.0.2
   * InfoScale Storage 8.0.2


SUMMARY OF INCIDENTS FIXED BY THE PATCH
---------------------------------------
Patch ID: VRTSfsadv-8.0.2.2500
* 4188577 (4188576) Security vulnerabilities exist in the Curl third-party components used by VxFS.


DETAILS OF INCIDENTS FIXED BY THE PATCH
---------------------------------------
This patch fixes the following incidents:

Patch ID: VRTSfsadv-8.0.2.2500

* 4188577 (Tracking ID: 4188576)

SYMPTOM:
Security vulnerabilities exist in the Curl third-party components used by VxFS.

DESCRIPTION:
VxFS uses the Curl third-party components in which some security vulnerability exist.

RESOLUTION:
VxFS is updated to use newer version (8.12.1v) of this third-party components in which the security vulnerabilities have been addressed.



INSTALLING THE PATCH
--------------------
Run the Installer script to automatically install the patch:
-----------------------------------------------------------
Please be noted that the installation of this P-Patch will cause downtime.

To install the patch perform the following steps on at least one node in the cluster:
1. Copy the patch fsadv-rhel9_x86_64-Patch-8.0.2.2500.tar.gz to /tmp
2. Untar fsadv-rhel9_x86_64-Patch-8.0.2.2500.tar.gz to /tmp/hf
    # mkdir /tmp/hf
    # cd /tmp/hf
    # gunzip /tmp/fsadv-rhel9_x86_64-Patch-8.0.2.2500.tar.gz
    # tar xf /tmp/fsadv-rhel9_x86_64-Patch-8.0.2.2500.tar
3. Install the hotfix(Please be noted that the installation of this P-Patch will cause downtime.)
    # pwd /tmp/hf
    # ./installVRTSfsadv802P2500 [<host1> <host2>...]

You can also install this patch together with 8.0.2 base release using Install Bundles
1. Download this patch and extract it to a directory
2. Change to the Veritas InfoScale 8.0.2 directory and invoke the installer script
   with -patch_path option where -patch_path should point to the patch directory
    # ./installer -patch_path [<path to this patch>] [<host1> <host2>...]

Install the patch manually:
--------------------------
rpm -Uvh VRTSfsadv-8.0.2.2500-0313_RHEL9.x86_64.rpm


REMOVING THE PATCH
------------------
rpm -evh VRTSfsadv-8.0.2.2500-0313_RHEL9.x86_64.rpm


SPECIAL INSTRUCTIONS
--------------------
FIXED CVES : CVE-2021-22898,BDSA-2023-2253,BDSA-2022-1130,CVE-2020-8284,CVE-2023-28322,CVE-2021-
22924,CVE-2023-38546,CVE-2022-35252,BDSA-2024-9563,BDSA-2020-1933,CVE-2021-22923,CVE-2021-22925,CVE-
2021-22876,BDSA-2022-0504,CVE-2023-27538,BDSA-2020-3058,CVE-2022-27774,CVE-2023-28320,CVE-2023-
27535,CVE-2022-43552,CVE-2022-32208,CVE-2023-28321,CVE-2023-27536,CVE-2021-22947,CVE-2021-22922,CVE-
2024-7264,CVE-2022-32206,CVE-2022-27776,CVE-2023-46218,CVE-2023-23916,BDSA-2021-0022,BDSA-2025-
0944,BDSA-2024-6196,BDSA-2023-0018,BDSA-2024-0743,BDSA-2022-1120,BDSA-2022-1336,CVE-2020-8285,CVE-
2023-28319,CVE-2022-27781,CVE-2022-27782,CVE-2019-3823,CVE-2021-22946,CVE-2020-8286,CVE-2021-
22926,CVE-2020-8231,CVE-2018-16890,CVE-2019-5443,CVE-2019-5436,CVE-2020-8177,CVE-2022-22576,CVE-2023-
27534,CVE-2023-27533,CVE-2018-1000301,CVE-2018-16842,CVE-2018-16839,CVE-2022-32221,CVE-2019-5482,CVE-
2018-0500,CVE-2019-5481,CVE-2018-1000300,CVE-2019-3822,CVE-2018-14618,CVE-2018-16840.


OTHERS
------
NONE

Applies to the following product releases

InfoScale Availability 8.0.2
Release date: 2023-06-05
End of standard support: 2027-06-05
Sustaining support starts: 2029-06-05
End of support life: To be determined
InfoScale Enterprise 8.0.2
Release date: 2023-06-05
End of standard support: 2027-06-05
Sustaining support starts: 2029-06-05
End of support life: To be determined
InfoScale Foundation 8.0.2
Release date: 2023-06-05
End of standard support: 2027-06-05
Sustaining support starts: 2029-06-05
End of support life: To be determined
InfoScale Storage 8.0.2
Release date: 2023-06-05
End of standard support: 2027-06-05
Sustaining support starts: 2029-06-05
End of support life: To be determined

Update files

 File name Description Version Platform Size

Knowledge base

0
Addressing libcurl vulnerability CVE-2024-7264 in 8.0.2 VRTSfsadv package
2025-04-15

Problem The 8.0.2 was flagged for a libcurl vulnerability (CVE-2024-7264). This issue was identified by a third-party security scanner, which raised concerns about the security of the package due to the outdated version of libcurl being used. Err...