Translation Notice
Please note that this content includes text that has been machine-translated from English. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.
NetBackup Appliance 5.1.1 Maintenance Release 4
Abstract
Description
NetBackup Appliance 5.1.1 Maintenance Release 4 (MR4) is a full package that includes NetBackup Appliance 5.1.1, 5.1.1 SP1, 5.1.1 SP2, 5.1.1 MR1, 5.1.1 MR1 SP1, 5.1.1 MR1 SP2, 5.1.1 MR1 SP3, 5.1.1 MR2, 5.1.1 MR2 SP1, 5.1.1 MR3 and NetBackup 10.1.1 content. 5.1.1 MR4 obsoletes 5.1.1 MR3. MR4 also includes additional critical product and security fixes specific to NetBackup Appliance.
MR4 can be installed only on the following NetBackup Appliance releases:
• 5.1.1, 5.1.1 SP1, 5.1.1 SP2, 5.1.1 MR1, 5.1.1 MR1 SP1, 5.1.1 MR1 SP2, 5.1.1 MR1 SP3, 5.1.1 MR2, 5.1.1 MR2 SP1, 5.1.1MR3
• 5.0, 5.0.0.1 MR1, 5.0.0.1 MR1 SP1, 5.0.0.1 MR1 SP2, 5.0.0.1 MR2, 5.0.0.1 MR2 SP1, 5.0.0.1 MR3, 5.0.0.1 MR4, 5.0.0.1 MR5
• 4.1, 4.1.0.1 MR1, 4.1.0.1 MR2, 4.1.0.1 MR3, 4.1.0.1 MR4, 4.1.0.1 MR5
• 4.0, 4.0.0.1 MR1, 4.0.0.1 MR2, 4.0.0.1 MR3, 4.0.0.1 MR4
• 3.3.0.1, 3.3.0.1 MR1, 3.3.0.1 MR2, 3.3.0.1 MR3, 3.3.0.2 MR1, 3.3.0.2 MR2
Netbackup Appliance 5.1.1 MR 4 Release Notes
Overview
NetBackup Appliance 5.1.1 Maintenance Release 4; includes NetBackup Appliance 5.1.1, 5.1.1 SP1, 5.1.1 SP2, 5.1.1 MR1, 5.1.1 MR1 SP1, 5.1.1 MR1 SP2, 5.1.1 MR1 SP3, 5.1.1 MR2, 5.1.1 MR2 SP1, 5.1.1 MR3, NetBackup 10.1.1 and additional important product and security fixes.
MR Download Details
| File Name | VRTS_NBAPP_update-5.1.1-20240506120450.x86_64.rpm |
| Download Link | https://www.veritas.com/content/support/en_US/downloads/update.UPD488135 |
| Download Size | 8788740091 |
| sha256checksum | 9667cc8da079c6eba117257be89a67a9e7494afe21680fbbd2b45fa904fcc72c |
Compatibility Details
Supported Upgrade Paths
5.1.1 MR4 supports upgrades from the following appliance versions
| 5.1.1 | 5.1.1 SP1 | 5.1.1 SP2 | 5.1.1 MR1 | 5.1.1 MR1 SP1 | 5.1.1 MR1 SP2 | 5.1.1 MR1 SP3 | 5.1.1 MR2 | 5.1.1 MR2 SP1 | 5.1.1 MR3 |
| 5.0 | 5.0.0.1 MR1 | 5.0.0.1 MR1 SP1 | 5.0.0.1 MR1 SP2 | 5.0.0.1 MR2 | 5.0.0.1 MR2 SP1 | 5.0.0.1 MR3 | 5.0.0.1 MR4 | 5.0.0.1 MR5 | |
| 4.1 | 4.1.0.1 MR1 | 4.1.0.1 MR2 | 4.1.0.1 MR3 | 4.1.0.1 MR4 | 4.1.0.1 MR5 | ||||
| 3.3.0.1 | 3.3.0.1 MR1 | 3.3.0.1 MR2 | 3.3.0.1 MR3 | 3.3.0.2 MR1 | 3.3.0.2 MR2 |
NBA 5.1.1 MR4 supports direct upgrade from 3.3.0.1 and later versions. For versions earlier than 3.3.0.1, users first need to upgrade to a version that supports direct upgrade, then upgrade to 5.1.1 MR4.
Appliance Management Server (AMS) 2.2 support 5.1.1 MRs, including MR4.
Note : To initiate upgrade action from the System Health Insights dashboard, please install Appliance Connectivity Toolkit (ACT) add-on as ACT is not included by default in NetBackup Appliance versions lower than 5.3. For additional information, see the Appliance Upgrade section in the Veritas System Health Insights User Guide. For downloading ACT add-on, refer to the ACT add-on package article.
Note the following limitations regarding ACT and upgrade automation feature support for Security Patches (SPs):
- Upgrade from 5.1.1 GA/MR to any 5.1.1 SP is not supported.
- Upgrade from any older SP to any 5.1.1 MR is not supported.
Supported Appliance Models
|
Appliance model name |
5240 |
5250 |
5330 |
5340 |
5330HA |
5340HA |
5350HA |
5350 |
NBVA |
5240 Cloud Catalyst appliances |
|
5.1.1 MR4 Support |
|
|
|
|
|
|
|
|
|
|
Supported NetBackup versions
- MR4 is compatible with a primary server running NetBackup 10.1.1 and above (Primary server must be same or higher version compared to Media server).
- NetBackup 10.1.1 administrative console is required for accessing NetBackup Appliances running MR4.
Installation and Additional instructions
Appliance Upgrade Readiness Analyzer
The Appliance Upgrade Readiness Analyzer can be downloaded from here.
See here for more information about the Appliance Upgrade Readiness Analyzer.
Installation Time
Upgrading to 5.1.1 MR4 takes about two hours including rebooting.
Pre-Installation steps
- Confirm that no backup jobs are scheduled during the upgrade period.
- Deactivate all policies to ensure that no backups target the appliance you are upgrading.
- Cancel all active jobs from the NetBackup Java Administration Console or log in to the appliance as a NetBackup CLI user and run the following command: bpdbjobs – cancel
- For Primary server appliances, stop data collection on Ops Center, NetBackup IT Analytics.
- For Media Server appliances, stop data collection on NetBackup IT Analytics if installed on the media server to be upgraded.
- Disable all Storage Life Cycle Policies that duplicate to/from the Media Appliances that are to be upgraded.
- The reboot that happens as part the upgrade can take a very long time if there are many LUNs. Hence, during the upgrade if the appliance can see VMWare datastores via SAN, disable the port in the SAN (on all nodes if HA appliance is involved). Once the upgrade is completed, enable the SAN port and initiate a scan of the FC.
- Veritas requires that you run the upgrade readiness analyzer on each appliance before you upgrade.
- For AMS, you must run the analyzer tool from the shell menu
- For AMS, If inventory is not collected on the Cortex portal after an upgrade, you can collect inventory from the Clish by navigating to Support > Collect Inventory.
- Refer to the 5.1.1 Upgrade Checklist
If upgrading from version 3.3.0.1, refer to NetBackupAppliance_Pre_Upgrade_Checklist_3301_V2
Note that any references to the upgrade readiness analyzer version in the checklist are superseded by the upgrade readiness analyzer available here.
- If a traditional NetBackup primary server is used with an appliance media server, the primary server must have the same NetBackup version or later as the media server appliance. For example, before you upgrade a media server appliance to version 5.1.1 MR4, first upgrade the NetBackup primary server to version 10.1.1.
- Refer to this article for installation instructions.
- If the MR4 installer detects the Firmware update tool, it uninstalls it automatically. However, all previous firmware updates remain installed.
- It is normal for the appliance to reboot automatically about midway through the MR4 installation.
- Clish option Manage > Software > List AvailablePatch lists GA and MR patches. Before downloading one of the listed patch, verify the information regarding patch on DC and verify if you already have the patch installed on system from Clish > Manage > Software >List Version.
Additional installation instructions for NetBackup Appliance 5340 High Availability (HA) setup
- Before installing MR4 on both nodes, ensure that the two-node HA setup is fully configured.
- Start the upgrade process on the node where the MSDP service and the virtual IP service are offline, typically, the partner node.
- After the partner node has been upgraded, run the Manage > High Availability > Switchover command to bring the Virtual IP online on the node installed with MR4.
- The HA status can be checked by using the following command: Manage > HighAvailability > Status
If the HA services status is not as described in the following table, contact Veritas Support for assistance.
| HA Services | Status on primary node | Status on partner node |
| Advance Disk | Online | Online |
| Fingerprint calculation | Online | Online |
| MSDP | Online | Offline |
| Virtual IP | Online | Offline |
- For information on configuring a two-node HA setup, see the Veritas NetBackup Appliance High Availability Reference Guide.
- Switchover to the original node to ensure correct functionality.
Post-Installation Instructions
- The newly installed version can be checked using either of the following commands. The expected output of each command is also included.
Manage > Software > UpgradeStatus
The appliance version is 5.1.1 Maintenance Release 4 and not in upgrade state.
Manage > Software > List Version
Appliance Version: 5.1.1
NetBackup Version: 10.1.1
Build Date: 5.1.1-20240506120450
Maintenance Release Version: 4
Appliance > Status
Appliance Model is NetBackup Appliance 5xxx.
Appliance Version is 5.1.1 Maintenance Release 4.
Product Fixes in MR4
MR4 includes all important product fixes in 5.1.1, 5.1.1 MR1, 5.1.1 MR2, 5.1.1 MR3 and additional product fixes listed below.
Note: APPCPE numbers are for Veritas Support reference only.
| JIRA Number | Description |
| APPCPE-17238 | [5240] To fix 'vi' / 'vim' vulnerability for minor upgrade. |
| APPCPE-17004 | RealStor alerts are resolved by Daily Summary, while the alert is active and unresolved |
| APPCPE-15440 | Fixed issue - Ushare copilot backup failed on HA with error “254: server name not found in the NetBackup configuration” |
| APPCPE-16854 | Update grubby commands to Move away from index based grub handling to kernel based handling for correct newroot mount |
| APPCPE-16815 | Fixed issue - With STIG enabled, if we had no banner prior to upgrade, then after upgrade we incorrectly get the USG banner again. |
| APPCPE-16754 | Fix incorrect vxos-buildtag in file /etc/vxos-release |
| APPCPE-16216 | Address checksec errors and modify compiler flags if required |
| APPCPE-15490 | Fix issue - "CLISH > Manage > OpenStorage > Share Open" throws "Unknown option: share" |
| APPCPE-13394 | Fix issue - The residual upgrade status files are not cleared after rollback when upgrade is failed pre-upgrade self-test |
| APPCPE-13392 | Remove multiple exceptions printed in collector.log for sense_code field in SMARTDataCollector |
| APPCPE-13391 | Remove the DBPurge service now that TTL is set on Mongo docs. |
| APPCPE-17003 | Upgraded repackaged rabbitmq to 10.12.13 |
| APPCPE-16222 | To refine version assign logic and remove useless version existing in AURA support version list. |
| APPCPE-16218 | Remove insecure functions which may cause stack based buffer overflow |
| APPCPE-15444 | Tracking errors and warning of Autosupport |
| APPCPE-17300 | Redirect to ADFS server using SSO fails on second login attempt |
Vulnerabilities Fixed in MR4
MR4 includes all vulnerabilities fixed in 5.1.1, 5.1.1 MR1, 5.1.1 MR2, 5.1.1 MR3 and 5.1.1 Security Patches (5.1.1 SP1, 5.1.1 SP2, 5.1.1 MR1 SP1, 5.1.1 MR1 SP2, 5.1.1 MR1 SP3 and 5.1.1 MR2 SP1) and the additional vulnerabilities listed below.
| Security Risk | Vulnerability ID |
| High | CVE-2023-6378(BDSA-2023-3307), CVE-2023-6481(BDSA-2023-3341), BDSA-2024-0402(CVE-2024-22243), CVE-2022-20368, CVE-2022-3239, CVE-2023-6546, CVE-2023-6931, CVE-2024-1086, CVE-2022-29581, CVE-2022-3625, CVE-2023-51042, CVE-2023-42465, CVE-2021-4204, CVE-2022-0500, CVE-2022-28390, CVE-2022-39189, CVE-2023-1252, CVE-2023-1989, CVE-2023-46813, CVE-2023-6932, CVE-2024-0646, CVE-2022-25265, CVE-2022-3545, CVE-2023-2176, CVE-2023-40283, CVE-2023-4921, CVE-2023-5717, CVE-2023-6817, CVE-2023-6610, CVE-2019-14560 |
| Medium | CVE-2024-25710(BDSA-2024-0363), CVE-2024-26308, CVE-2023-48795, BDSA-2024-0358, BDSA-2024-0367, BDSA-2024-0625(CVE-2024-22259), BDSA-2024-0396, BDSA-2024-0622(CVE-2024-23672), BDSA-2024-0623(CVE-2024-24549), CVE-2021-33655, CVE-2022-2196, CVE-2022-23960, CVE-2022-36402, CVE-2022-38096, CVE-2022-38457, CVE-2022-40133, CVE-2023-1074, CVE-2023-31084, CVE-2022-20368, CVE-2023-28486, CVE-2023-28487, CVE-2021-30002, CVE-2022-36946, CVE-2021-34866, CVE-2021-3640, CVE-2022-21499, CVE-2022-23222, CVE-2022-2586, CVE-2023-28772, CVE-2022-0168, CVE-2022-0617, CVE-2022-45887, CVE-2023-0458, CVE-2022-1462, CVE-2022-2078, CVE-2022-28388, CVE-2022-3524, CVE-2023-2166, CVE-2023-28328, CVE-2023-4132, CVE-2023-45862, CVE-2022-2663, CVE-2022-28893, CVE-2022-3566, CVE-2022-3594, CVE-2022-3619, CVE-2023-23455, CVE-2022-3623, CVE-2023-3141, CVE-2023-35825, CVE-2022-3707, CVE-2023-20569, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 |
| Low | CVE-2022-24448, CVE-2023-1075 |
Applies to the following product releases
Update files
|
|
File name | Description | Version | Platform | Size |
|---|