×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC TrueSight Operations Management 11.3.04 FAQs and additional resources

Frequently Asked Questions about 11.3.05.001 release and RHEL support

This topic presents some of the Frequently Asked Questions (FAQ) about RHEL support and Log4j Vulnerabilities.

Related topics
  • 11.3.05: Service Pack Open link
  • 11.3.05.001: Patch Open link
  • Technical bulletin — Announcing the availability of TrueSight Operations Management 11.3.04 to support RHEL 8.x Open link

FAQs about RHEL support

This section presents some of the FAQs about RHEL support.


You should first install 11.3.04 using the new image available on the EPD site Open link and then upgrade to 11.3.05.001.

TrueSight Operations Management 11.3.05 is not supported on RHEL 8.4 and later. You must use 11.3.05.001.

You should first upgrade Infrastructure Management server to Infrastructure Management 11.3.05.001 and then perform the OS upgrade to RHEL 8.4 or later.

Fresh install for Remote ISN and Remote cell is available. You can use new 11.3.04 image or 11.3.05.001 image based on the version you are targeting.

Existing TrueSight Presentation Server image is supported on all RHEL versions, so there is no release needed for TrueSight Presentation Server.

FAQs about Log4j Vulnerability fixes

This section presents some of the FAQs about Log4j Vulnerability fixes.


From Log4j point of view, TrueSight Presentation Server 11.3.05.001 is equivalent to the latest Log4j hotfixes provided in 11.3.05.

In TrueSight Infrastructure Management 11.3.05.001,the usage of Log4j 1.x version that was vulnerable is removed. This was not provided in 11.3.05 version, so use 11.3.05.001 to solve Log4j issues.

Log4j 2.x is upgraded to 2.17.1 in TrueSight Presentation Server.

The usage of Log4j 1.x version that was vulnerable is removed and now using reload4j 1.2.17 in TrueSight Infrastructure Management server, Remote ISN, and Remote Admin.

Following are the list of TPS, their versions, and CVE’s addressed in TrueSight Operations Management 11.3.05.001 release:

Component

TPS version in 11.3.05.001

CVE Fixed

Reference

TrueSight Presentation Server/TrueSight Infrastructure Management

Tomcat 9.0.58

CVE-2022-23181

https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.58

TrueSight Infrastructure Management

Apache 2.4.52 

CVE-2021-44224 and CVE-2021-44790

https://httpd.apache.org/security/vulnerabilities_24.html

TrueSight Infrastructure Management

reload4j 1.2.17

CVE-2021-4104 , CVE-2022-23302 , CVE-2019-17571 , CVE-2020-9493, CVE-2022-23305, CVE-2020-9488

https://reload4j.qos.ch/

TrueSight Presentation Server

Log4j-2.17.1

CVE-2021-44832 , CVE-2021-45105 , CVE-2021-45046 , CVE-2021-44228

https://logging.apache.org/log4j/2.x/security.html

TrueSight Infrastructure Management

Active MQ-5.16.4

Removal of Log4j

https://activemq.apache.org/activemq-5016004-release

TrueSight Infrastructure Management

log4j2-jboss-logmanager-1.1.1.Final

CVE-2022-23305, CVE-2022-23307,CVE-2022-23302,CVE-2021-4104,SONATYPE-2010-0053

https://logging.apache.org/log4j/1.2/index.html

Was this page helpful? Yes No Submitting... Thank you
Last modified by Krutarth Mohakud on Mar 15, 2022
upgrading best_practices faq migration infra_management integration_service im_server

Comments

  1. Sistemas Securitas direct

    Is very important to note version 11.3.05 is not supported on RHEL6. We are working on migrating our truesight 11.3.04 to RHEL8 servers to be able to upgrade to version 11.3.05.

    Mar 15, 2022 09:20
    1. Sistemas Securitas direct

      Are there any procedure to perform truesight migration from existing servers to new servers?

      Mar 15, 2022 09:22
      1. Niyati Shah

        There is no documented migration procedure for TSOM.

        Mar 16, 2022 09:33
    1. Niyati Shah

      Yes 11.3.05 is not supported on RHEL 6 and our system requirements documents are updated to reflect the same.

      Mar 16, 2022 09:32

Log in or register to comment.

Frequently Asked Questions about Remedy SSO 1
Frequently Asked Questions about Remedy SSO
© Copyright 2013-2022 BMC Software, Inc. © Copyright 2013-2020 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.