FMS 5.9.4 hotfix for Tomcat vulnerability CVE-2019-0232
This hotfix addresses the issues listed in Resolved Issues. This hotfix may receive additional testing. If you are not severely affected by the issues that this hotfix addresses, it is recommended that you install the next full release of Foglight that includes this hotfix.
Defect ID Resolved Issue
FGL-20077 Fixed Tomcat upgrade for CVE-2019-0232 vulnerability
Resolution: Download this hotfix from Supportlink here.
Compatibility of this hotfix: Product Name Product Version Platform Foglight Management Server 5.9.4 All platforms
System Requirements: This hotfix can be applied to all platforms and systems that are supported by Foglight 5.9.4. For more information, see the 5.9.4 System Requirements and Platform Support Guide.
To install this hotfix: 1. Stop the Foglight Management Server. 2. If you have customized the Management Server configuration files (such as /config/server.config, /config/log.config, or /server/default/conf/jacorb.properties), back up these files so that you can verify the correct ports are configured after the upgrade is completed. If you have never customized these files, proceed to the next step. 3. Upgrade the Management Server using the appropriate installer. The installer detects the earlier version of the Management Server. 4. Follow the on-screen upgrade instructions. For step-by-step assistance, see the appropriate Foglight Installation and Setup Guide for the database and platform you are running. Note: During installing this hotfix, ensure the database is running if you are using the external database. 5. If you backed up the configuration files mentioned in step 2, compare the customizations in these files to determine if they are still necessary. If required, reapply these files before starting the Management Server. Otherwise, skip to the nexst step. 6. Start the Foglight Management Server.
Verifying successful completion:
To determine if this hotfix is installed: 1. Start the Foglight Management Server. 2. Locate and open your Management Server log file, for example, ManagementServer_2016-07-04_120931_001.log. You can find it in the /logs directory. 3. In the log file, look for the platform version information. You should find the platform information as follows: Platform information: Forge Server 5.9.4 (build 5.9.4-201904220830-39caa158).
Removing this hotfix: Once installed this hotfix cannot be removed.