* * * READ ME * * *
                       * * * InfoScale 8.0 * * *
                         * * * Patch 2500 * * *
                         Patch Date: 2023-04-17


This document provides the following information:

   * PATCH NAME
   * OPERATING SYSTEMS SUPPORTED BY THE PATCH
   * PACKAGES AFFECTED BY THE PATCH
   * BASE PRODUCT VERSIONS FOR THE PATCH
   * SUMMARY OF INCIDENTS FIXED BY THE PATCH
   * DETAILS OF INCIDENTS FIXED BY THE PATCH
   * INSTALLATION PRE-REQUISITES
   * INSTALLING THE PATCH
   * REMOVING THE PATCH


PATCH NAME
----------
InfoScale 8.0 Patch 2500


OPERATING SYSTEMS SUPPORTED BY THE PATCH
----------------------------------------
RHEL9 x86-64


PACKAGES AFFECTED BY THE PATCH
------------------------------
VRTSodm
VRTSpython
VRTSsfmh
VRTSvxfs


BASE PRODUCT VERSIONS FOR THE PATCH
-----------------------------------
   * InfoScale Availability 8.0
   * InfoScale Enterprise 8.0
   * InfoScale Foundation 8.0
   * InfoScale Storage 8.0


SUMMARY OF INCIDENTS FIXED BY THE PATCH
---------------------------------------
Patch ID: VRTSvxfs-8.0.0.2500
* 4112919 (4110764) Security Vulnerability observed in Zlib a third party component used by VxFS .
Patch ID: VRTSvxfs-8.0.0.2100
* 4095889 (4095888) Security vulnerabilities exist in the Sqlite third-party components used by VxFS.
Patch ID: -3.9.2.24
* 4114375 (4113851) For VRTSpython need to fix some open CVE's
Patch ID: VRTSsfmh-vom-HF0800411
* 4113012 (4113011) VIOM VRTSsfmh package on Linux to fix dclid/vxlist issue with InfoScale VRTSvxvm 8.0.0.2200
Patch ID: VRTSodm-8.0.0.2500
* 4114322 (4114321) VRTSodm driver will not load with VRTSvxfs 8.0.0.2500 patch.


DETAILS OF INCIDENTS FIXED BY THE PATCH
---------------------------------------
This patch fixes the following incidents:

Patch ID: VRTSvxfs-8.0.0.2500

* 4112919 (Tracking ID: 4110764)

SYMPTOM:
Security Vulnerability observed in Zlib a third party component VxFS uses.

DESCRIPTION:
In an internal security scans vulnerabilities in Zlib were found.

RESOLUTION:
Upgrading the third party component Zlib to address these vulnerabilities.

Patch ID: VRTSvxfs-8.0.0.2100

* 4095889 (Tracking ID: 4095888)

SYMPTOM:
Security vulnerabilities exist in the Sqlite third-party components used by VxFS.

DESCRIPTION:
VxFS uses the Sqlite third-party components in which some security vulnerability exist.

RESOLUTION:
VxFS is updated to use newer version of this third-party components in which the security vulnerabilities have been addressed.

Patch ID: -3.9.2.24

* 4114375 (Tracking ID: 4113851)

SYMPTOM:
Open CVE's detected for the python programming language and other python modules being used in VRTSpython

DESCRIPTION:
Some open CVE's are exploitable in VRTSpython for IS 8.0

RESOLUTION:
VRTSpython is patched with all the open CVE's which are impacting IS 8.0.

Patch ID: VRTSsfmh-vom-HF0800411

* 4113012 (Tracking ID: 4113011)

SYMPTOM:
vxlist output on InfoScale server shows volume name as "-" and status Unknown.

DESCRIPTION:
vxlist output on InfoScale server shows volume name as "-" and status Unknown.

RESOLUTION:
New vxdclid plugin for VxVM has been created.

Patch ID: VRTSodm-8.0.0.2500

* 4114322 (Tracking ID: 4114321)

SYMPTOM:
VRTSodm driver will not load with VRTSvxfs patch.

DESCRIPTION:
Need recompilation of VRTSodm with latest VRTSvxfs.

RESOLUTION:
Recompiled the VRTSodm with new VRTSvxfs .



INSTALLING THE PATCH
--------------------
Run the Installer script to automatically install the patch:
-----------------------------------------------------------
Please be noted that the installation of this P-Patch will cause downtime.

To install the patch perform the following steps on at least one node in the cluster:
1. Copy the patch infoscale-rhel9_x86_64-Patch-8.0.0.2500.tar.gz to /tmp
2. Untar infoscale-rhel9_x86_64-Patch-8.0.0.2500.tar.gz to /tmp/hf
    # mkdir /tmp/hf
    # cd /tmp/hf
    # gunzip /tmp/infoscale-rhel9_x86_64-Patch-8.0.0.2500.tar.gz
    # tar xf /tmp/infoscale-rhel9_x86_64-Patch-8.0.0.2500.tar
3. Install the hotfix(Please be noted that the installation of this P-Patch will cause downtime.)
    # pwd /tmp/hf
    # ./installVRTSinfoscale800P2500 [<host1> <host2>...]

You can also install this patch together with 8.0 base release using Install Bundles
1. Download this patch and extract it to a directory
2. Change to the Veritas InfoScale 8.0 directory and invoke the installer script
   with -patch_path option where -patch_path should point to the patch directory
    # ./installer -patch_path [<path to this patch>] [<host1> <host2>...]

Install the patch manually:
--------------------------
Manual installation is not recommended.


REMOVING THE PATCH
------------------
Manual uninstallation is not recommended.


SPECIAL INSTRUCTIONS
--------------------
Special Notes:
Vulnerabilities fixed:
Following vulnerabilities are fixed in this security SP –
CVE-2023-23931(BDSA-2023-0242), BDSA-2022-1295, CVE-2023-27538 (BDSA-2023-0608), CVE-2022-43552 (BDSA-2022-3660), CVE-2023-23916 (BDSA-2023-0316), CVE-2022-35260 (BDSA-2022-3051), CVE-2023-23915 (BDSA-2023-0312), BDSA-2023-0018, CVE-2022-43551 (BDSA-2022-3659), CVE-2022-42916 (BDSA-2022-3047), CVE-2023-27535 (BDSA-2023-0603), CVE-2023-27533 (BDSA-2023-0598), CVE-2023-27534 (BDSA-2023-0599), CVE-2023-23914 (BDSA-2023-0305), CVE-2023-27536 (BDSA-2023-0606), CVE-2022-32221 (BDSA-2022-3049), CVE-2022-42915 (BDSA-2022-3050), CVE-2023-24329(BDSA-2023-0348), CVE-2022-45061(BDSA-2022-3175), CVE-2022-23491(BDSA-2022-3717), CVE-2023-25577(BDSA-2023-0323), CVE-2022-37434(BDSA-2022-2183).


OTHERS
------
NONE