Filr ShellShock and Mozilla NSS Secuirty Vulnerabilities for Filr Appliance

  • Document ID:7015743
  • Creation Date:03-Oct-2014
  • Modified Date:03-Oct-2014
    • Micro Focus Products:
      Filr

Environment

Novell Filr 1.0
Novell Filr 1.0.1
Novell Filr 1.0.2

Situation

ShellShock and Mozilla NSS security for Filr Appliance

Resolution

How To Apply:

Note: This patch should be applied to ALL Filr, Search and MySQL appliances in your Filr deployment
      including all individual nodes if clustered.
     
  1. Download the Filr-1.0.x-SU2.zip patch kit from https://download.novell.com/protected/Summary.jsp?buildid=HY2yans6TCk~~
  2. Stop the Filr service and FAMT service via the Appliance Configuration:
    • Log in to the Novell Filr appliance at https://filr_server_url:9443, then click the Appliance Configuration icon.
    • Click System Services.
    • Click Novell Filr > Action > Stop
    • Click Novell FAMT > Action > Stop

      ***** IMPORTANT *****
      Repeat steps (3)-(7) on each Filr, Search and MySQL appliance in your Filr deployment.
  3. Start the SSH service via the Appliance Configuration:
    • Log in to the Novell Filr/Search/MySQL appliance at https://appliance_url:9443, then click the Appliance Configuration icon.
    • Click System Services
    • Click SSH > Action > Start
  4. Using a SSH/SFTP client such as Bitvise SSH, WinSCP, etc. remote login to the appliance as user "root"
  5. Copy over the patch kit downloaded in step (1) to the appliance using the SSH/SFTP client to the folder:
       /root/
  6. Unzip the patch kit using command:
       unzip Filr-1.0.x-SU2.zip
      
       This should create a folder Filr-1.0.x-SU2
  7. The patch kit comes with a shell script to backup and copy the fixes to your appliance.
       Run the script from the SSH client as follows:
       cd /root/Filr-1.0.x-SU2
     sh apply-filr-1.0.x-su2.sh
      
       Note: Please check the file /opt/novell/patchlevel to see your current patchlevel
             For example, use the more command: more /opt/novell/patchlevel
             The /opt/novell/patchlevel will NOT exist if no patches have been applied before

    ***** IMPORTANT *****
    Repeat above steps (3)-(7) on each Filr, Search and MySQL appliance in your Filr deployment.
  8. Re-boot each appliance in your Filr deployment in the following order
    • MySQL appliance
    • Search appliance(s)
    • Filr appliance(s)

Additional Information

This is a single patch containing security fixes provided by SuSE for the ShellShock and Mozilla NSS security vulnerabilities running on SLES-11-SP2.   All the Filr, Search and MySQL appliance shipped for Filr 1.0.0 and 1.0.1 release run SLES-11-SP2 and are vulnerable without this security update.  Filr 1.1 was shipped with all patches including the recent ShellShock and Mozilla vulnerability patch.

Note this patch will NOT have any conflicts with any previously applied Filr patches (FTF-1, HP1, Java applets, FTF-2 or Security Update 1).   Also note that this patch does not contain any previously provided fixes.
 
Patch / FTF dependencies:

This patch has no dependencies on any previously released patches.
This patch does not contain any previously released patches.