May 1, 2005
Dear Sphera customer,
On March 28, 2005, Red Hat issued a mysql security update.
Sphera is currently addressing this exploit and vulnerability (noted below) in our ServerDirector V3.7 product running on RedHat Enterprise Linux (RHEL) ES/AS 2.1.
The solution requires two steps:
a. Download the Red Hat mySQL RPMs to the machine.
b. Install the patch using Sphera's RPM tool.
Before using the RPM tool, carefully read the instructions below as well as the 'RPM tool user guide' which is located in the Sphera Download manager: http://downloads.sphera.com under the ServerDirector V3.7 documents section.
Verify that the tool configuration file exists in: /etc/sphera.repository/conf/sd_rpm_manager.conf and includes the correct parameters as described in the manual. If not, create it and add the properties needed according to the RPM tool user manual.
Edit the RPM tool configuration file as follows: spec_url=ftp://ftp.sphera.com/ftp/pub/Products/HD/3.7/i201/rpmspec/ES2.1 -
rpm_url= <RPM directory> - directory where you store the RPM’s
Installing Red Hat MySQL RPMs:
Download the required RPMs from Red Hat Network (https://rhn.redhat.com/):
Store the RPMs under the <RPM directory> as defined in the RPM configuration file.
Installing mySQL patch using the RPM tool:
To view list of possible upgrades run:
cd <sd base>
The following upgrades should be displayed:
The installation of this RPM requires ServerDirector to stop:
Execute sphadmin and select option 11 from the menu.
To install this upgrade run:
bin/sd_rpm_manager -u --all
Execute sphadmin and select option 10 from the menu.
Should you have any questions, please contact us through your eService account at http://support.sphera.com