Skip to Content
Information
This documentation supports the 9.0 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.Click here to view the documentation for a supported version of Remedy Single Sign-On.

Hot fix 2 for version 9.0.00.001:9.0.00.01.02

Error

You must log in or register to view this page

This topic contains information about fixes in BMC Atrium Single Sign-On 9.0.00 Patch 1 (9.0.00.002), and provides instructions for downloading and installing the fix.

The following topics are provided:

 

Installing the hot fix

Hot fix 2 for BMC Atrium Single Sign-On 9.0.00 (9.0.00.01.02) should be applied on the existing 9.0.00 Patch 1 (9.0.00.001) installation. You can download the 9.0.00.01.02 installation files from ftp://ftp.bmc.com/pub/ASSO/9.0/9.0.00.01.02.zip

Information
Recommendation

Back up BMC Atrium Single Sign-On before proceeding with the hot fix installation. 

  • To install BMC Atrium Single Sign-On 9.0.00.01.02, see the readme provided with the hot fix.

 

Fixed security vulnerabilities for BMC Atrium Single Sign-On

For a fresh installation of BMC Atrium Single Sign-On version 9.0, the hot fix 2 (9.0.00.01.02) fixes multiple security vulnerabilities discovered during penetration testing including the Logjam Attack (CVE-2015-4000) vulnerability. The third-party components were updated to the latest versions which have no discovered vulnerabilities. 

If you are upgrading to the hot fix 2 (9.0.00.01.02), to fix the Logjam Attack (CVE-2015-4000) vulnerability perform the steps described in the Resolving-weak-ephemeral-Diffie-Hellman-public-key-issue . The users impacted with this vulnerability encounter the weak ephemeral Diffie-Hellman public key error message in the latest Google Chrome and Mozzila Firefox browsers. 

 

 

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Atrium Single Sign-On 9.0