NetBackup CloudPoint 9.0.0.1 Patch - Fix for Apache logging vulnerability for common-objects and IDM

Translation Notice

Please note that this content includes text that has been machine-translated from English. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.

NetBackup CloudPoint 9.0.0.1 Patch - Fix for Apache logging vulnerability for common-objects and IDM

Patch Critical

Update ID: UPD275978

Version: 9.0.0.1

Platform: Linux

Release date: 2021-12-23

Abstract

Fix Apache logging vulnerability(CVE-2021-44228, CVE-2021-45046) for common-objects and IDM

Description

Bugfix: Veritas CloudPoint 9.0.0.1.9046

Patch Date: 2022-01-20

This document provides the following information:

* PATCH NAME
* OPERATING SYSTEMS SUPPORTED BY THE PATCH
* BASE PRODUCT VERSION FOR THE PATCH
* SUMMARY OF INCIDENTS FIXED BY THE PATCH
* DETAILS OF INCIDENTS FIXED BY THE PATCH
* INSTALLING THE PATCH
* IMPORTANT NOTES
* KNOWN ISSUES
* NOTE

PATCH NAME: Veritas CloudPoint 9.0.0.1.9046

OPERATING SYSTEMS SUPPORTED BY THE PATCH

Ubuntu 16.04 and 18.04 Server LTS
Red Hat Enterprise Linux (RHEL) 8.2 and 7.x

BASE PRODUCT VERSION FOR THE PATCH

Veritas CloudPoint 9.0.0.1.9032

SUMMARY OF INCIDENTS FIXED BY THE PATCH

Patch 9.0.0.1.9046
ET 4063372: Fix Apache logging vulnerability for common-objects and IDM

DETAILS OF INCIDENTS FIXED BY THE PATCH

Patch 9.0.0.1.9046
Etrack: ET 4063372

SYMPTOM:

Fix Apache logging vulnerability(CVE-2021-44228, CVE-2021-45046) for common-objects and IDM

DESCRIPTION:

IDM and common-objects contains vulnerable apache logging library (Log4j)

RESOLUTION:

Updated vulnerable apache logging library to recommended version 2.17.1

INSTALLING THE BUILD

I. Take backup of the complete data of /cloudpoint to a different location

II. Upload the new build:
# docker load -i VRTScloudpoint-docker-9.0.0.1.9046.img.gz

II. Run the following command as root.

# docker run --rm -it -v /cloudpoint:/cloudpoint -v /var/run/docker.sock:/var/run/docker.sock veritas/flexsnap-cloudpoint:<installed_cp_version> stop
# docker run --rm -it -v /cloudpoint:/cloudpoint -v /var/run/docker.sock:/var/run/docker.sock veritas/flexsnap-cloudpoint:9.0.0.1.9046 install

KNOWN ISSUES
None

NOTE

1. To roll back to the previous version (if needed).

a. Log in to CloudPoint host

b. Run the following commands as root.

# docker run --rm -it -v /cloudpoint:/cloudpoint -v /var/run/docker.sock:/var/run/docker.sock veritas/flexsnap-cloudpoint:9.0.0.1.9046 stop

Restore the data that we backed of /cloudpoint in the cloud point host in /cloudpoint
# docker run --rm -it -v /cloudpoint:/cloudpoint -v /var/run/docker.sock:/var/run/docker.sock veritas/flexsnap-cloudpoint:<previous_cp_version> install

2. The previous version(s) of Docker container images are not removed. You can remove them to save your CloudPoint instance disk space.

Applies to the following product releases

NetBackup 9.0.0.1

Release date: 2021-03-29

End of standard support: 2024-01-01

Sustaining support starts: 2026-01-01

End of support life: 2027-01-01

Update files

	File name	Description	Version	Platform	Size

Choose an account to download the files you selected.

Knowledge base

Impact of CVE-2021-44228 and CVE-2021-45046 Apache Log4j Vulnerability on NetBackup

2022-12-05

About Apache Log4j Vulnerabilities Apache Log4j is an open-source, Java-based logging utility widely used by enterprise applications and cloud services. Veritas is tracking the recently announced vulnerabilities in Apache’s Log4j. All Veritas Pro...