Sentinel Log Manager 1.1.0.x
At times there are known security vulnerabilities that may exist in third party products that ship with Sentinel Log Manager thus necessitating an update for your Security Identity Event Management, (SIEM), system. This documents is intended to guide you through the update of Sun's JRE on your existing Sentinel Log Manager system. While this has been officially tested for 220.127.116.11, it should apply to future releases as well. As always, its a good idea to test these steps in a lab environment before applying to your production system.
1. Rename the existing JRE folder in "/opt/novell/sentinel_log_mgr" to jre_old: => mv jre jre_old 2. Download the jre bundle based on the OS to this folder"/opt/novell/sentinel_log_mgr": => jre-6u26-linux-i586-rpm.bin 3. Change the permissions & ownership of the file: => chmod 777 jre-6u26-linux-i586-rpm.bin => chown novell:novell jre-6u26-linux-i586-rpm.bin 4. Switch to novell user: => su novell 5. Run the file: => ./jre-6u26-linux-x64.bin 6. Rename the folder "jre1.6.0_26" to JRE: => mv jre1.6.0_26 jre 7. Restart the Sentinel services. After the server is restarted, observed no issues with the application Web Launch & ESM Launch, and the Java version is displayed as below: # ./java -version java version "1.6.0_26" Java(TM) SE Runtime Environment (build 1.6.0_26-b03) Java HotSpot(TM) Server VM (build 20.1-b02, mixed mode) Going forward, downloaded the JRE 64bit bundle also and followed the same procedure to upgrade. No issues observed with the Web Launch & ESM Launch and the Java version is displayed as below: # ./java -version java version "1.6.0_26" Java(TM) SE Runtime Environment (build 1.6.0_26-b03) Java HotSpot(TM) 64-Bit Server VM (build 20.1-b02, mixed mode) Java version displayed before the upgrade: # ./java -version java version "1.6.0_12" Java(TM) SE Runtime Environment (build 1.6.0_12-b04) Java HotSpot(TM) 64-Bit Server VM (build 11.2-b01, mixed mode)