OpenSSL Heartbleed Vulnerability Fix Procedure for Aster Database Versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x



Similar documents
Aster Express Getting Started Guide

Teradata Open Distribution for Hadoop Release Definition

Teradata Business Intelligence Optimizer. Release Definition

Teradata Business Intelligence Optimizer. Release Definition

Teradata Query Scheduler. User Guide

Teradata Alerts Installation, Configuration, and Upgrade Guide Release B K May 2013

Teradata Tools and Utilities. Installation Guide for Microsoft Windows

Teradata SQL Assistant for Microsoft Windows. User Guide

Teradata AWS. User Guide

Teradata Database. Security Administration

Teradata SQL Assistant for Microsoft Windows. User Guide

Teradata Manager. User Guide

Teradata Extension for Tivoli Storage Manager. Administrator Guide

Teradata Tools and Utilities for Microsoft Windows Installation Guide Release B K March 2013

Teradata SQL Assistant/Web Edition. User Guide

Appliance Backup Utility Installation and User Guide Release B A December 2011

Teradata SQL Assistant for Microsoft Windows. User Guide

Teradata Database. SQL Reference. Stored Procedures and Embedded SQL

Teradata Workload Analyzer. User Guide

Teradata Preprocessor2 for Embedded SQL. Programmer Guide

Teradata Database. Introduction to Teradata

Aster Client Guide. Release Number AC 5.10

Teradata Database. Introduction to Teradata

HP Business Service Management

Teradata Data Warehouse Appliance Platform. Customer Guide for Hardware Replacement

User's Guide c-treeace Status Log Analyzer

An Oracle White Paper July Introducing the Oracle Home User in Oracle Database 12c for Microsoft Windows

Oracle Business Intelligence Publisher. 1 Oracle Business Intelligence Publisher Certification. Certification Information 10g Release 3 (

Teradata Database. Introduction to Teradata Warehouse

November Ex Libris Certified Third-Party Software and Security Patch Release Notes

Teradata Database. SQL Reference. Data Types and Literals

Teradata Database. SQL Fundamentals

Hitachi Backup Services Manager Certified Configurations Guide 6.5

HP OpenView Patch Manager Using Radia

Symantec Enterprise Security Manager Patch Policy Release Notes

Teradata Viewpoint. Configuration Guide

Installing idrac Certificate Using RACADM Commands

HP SiteScope. HP Vertica Solution Template Best Practices. For the Windows, Solaris, and Linux operating systems. Software Version: 11.

IBM Enterprise Content Management Software Requirements

Patch Management for Red Hat Enterprise Linux. User s Guide

System Requirements and Platform Support Guide

March Oracle Business Intelligence Discoverer Statement of Direction

Oracle Enterprise Manager

Contents. 2. cttctx Performance Test Utility Server Side Plug-In Index All Rights Reserved.

An Oracle White Paper February Oracle Data Integrator 12c Architecture Overview

G Cloud 7 Pricing Document

Linux. Managing security compliance

Patch Assessment Content Update Release Notes for CCS Version: Update

An Oracle Technical Article October Certification with Oracle Linux 5

HP Business Service Management

ORACLE OPS CENTER: PROVISIONING AND PATCH AUTOMATION PACK

Oracle Fusion Middleware

Object Level Authentication

Oracle Virtual Desktop Client. Release Notes for Release 3.2

Installing on Windows

Dell One Identity Manager 7.0. Help Desk Module Administration Guide

Parallels Mobile. Usage Guidelines. Copyright Parallels Holdings, Ltd.

Nimsoft Monitor Compatibility Matrix October 17, 2013

An Oracle Technical Article November Certification with Oracle Linux 6

Release Notes for Version

HP WBEM Services Software Developer's Kit Version A Release Notes. HP-UX 11i v3

Tivoli Endpoint Manager for Security and Compliance Analytics. Setup Guide

Release Notes. ZENworks Patch Management Server v6.4

IBM Lotus Enterprise Integrator (LEI) for Domino. Version August 17, 2010

Teradata Tools and Utilities for SUSE Linux Installation Guide Release B A November 2011

Foglight. Managing Java EE Systems Supported Platforms and Servers Guide

Version 8.2. Tivoli Endpoint Manager for Asset Discovery User's Guide

Control-M for Hadoop. Technical Bulletin.

User's Guide FairCom Performance Monitor

TIBCO ActiveMatrix BusinessWorks Plug-in for Microsoft SharePoint Release Notes

Sonus Session Manager Release Notes

Heroix Longitude Quick Start Guide V7.1

HP Real User Monitor. Release Notes. For the Windows and Linux operating systems Software Version: Document Release Date: November 2012

Oracle SQL Developer Migration

StorageTek Library Attach for Window Servers

HP SiteScope. Hadoop Cluster Monitoring Solution Template Best Practices. For the Windows, Solaris, and Linux operating systems

Supported Platforms. HP Vertica Analytic Database. Software Version: 7.0.x

IBM WebSphere Portal Reference Guide Release 9.2

How To Create A Web Server On A Zen Nlb (Networking) With A Web Browser On A Linux Server On An Ipad Or Ipad On A Raspberry Web 2.4 (

Release Notes. IBM Tivoli Identity Manager Oracle Database Adapter. Version First Edition (December 7, 2007)

IBM Security QRadar Version (MR1) Replacing the SSL Certificate Technical Note

Dell Solutions Configurator Guide for the Dell Blueprint for Big Data & Analytics

An Oracle Technical Article March Certification with Oracle Linux 7

An Oracle White Paper May Distributed Development Using Oracle Secure Global Desktop

Teradata Tools and Utilities for IBM AIX Installation Guide Release B A November 2011

Parallels Transporter Agent

IBM Endpoint Manager Version 9.0. Patch Management for Red Hat Enterprise Linux User's Guide

Dell Wyse Datacenter for View RDS Desktops and Remote Applications

NetFlow Collection and Processing Cartridge Pack User Guide Release 6.0

ORACLE OPS CENTER: VIRTUALIZATION MANAGEMENT PACK

Platform LSF Version 9 Release 1.2. Migrating on Windows SC

Foglight for SQL Server Getting Started Guide

Unbreakable Linux Network An Overview

IBM TRIRIGA Anywhere Version 10 Release 4. Installing a development environment

Oracle Financial Management Analytics

Universal File Mover Status Monitor Installation and Operation Manual

IBM Lotus Protector for Mail Encryption. User's Guide

Unified Infrastructure Management Compatibility Matrix April 4, 2016

Oracle Enterprise Manager

Transcription:

OpenSSL Heartbleed Vulnerability Fix Procedure for Aster Database Versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x Product ID: B700-6070-502K Aster Database version: 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x Summary This document provides instructions on how to patch the Aster Database, versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x, in order to avoid the "Heartbleed" security hole in OpenSSL. Who Should Install This Patch? Teradata recommends that customers currently running versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x of the Aster Database install this patch. Contents Summary..................................................................... 1 Who Should Install This Patch?............................................... 1 Contents...................................................................... 1 Addressing the OpenSSL Heartbleed Bug........................................... 2 Aster Database Versions......................................................... 2 What The Patch Does........................................................... 2 Obtaining the Required Patch File................................................ 3 Installing the Patch............................................................. 3 Testing After Installing the Patch................................................. 4 Troubleshooting............................................................... 4 OpenSSL Heartbleed Vulnerability Fix Procedure for Aster Database Versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x 1

Addressing the OpenSSL Heartbleed Bug Contacting Teradata Global Technical Support (GTS)................................ 4 Third Party Licenses............................................................ 5 About This Document.......................................................... 5 Copyright and Legal Statements............................................... 5 Addressing the OpenSSL Heartbleed Bug Teradata Aster released Aster Release httpd-2.2.15-patch-rc1, version number r38013, which provides the fix for the Heartbleed Bug on versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x of the Aster Database. For more information about this bug, see heartbleed.com. Teradata recommends that you install this patch to take advantage of the OpenSSL fix. If you do not install this patch on systems running versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x of the Aster Database, your server could be compromised through security vulnerability caused by the Heartbleed vulnerability. Aster Database Versions The instructions apply to these supported versions of the Aster Database: 5.0.2GA 5.0.2HP0A 5.0.2HP0B 5.0.2HP0C 5.0.1GA 5.0.0GA 4.6.3GA 4.6.3HP0A If you have a newer version of the Aster Database, you must obtain and follow the instructions for the specific version of the Aster database installed on your system. If you have an older version of the Aster Database, you should not be impacted by the Heartbleed security hole because older versions of the Aster Database do not use the SSL library versions impacted by the bug. What The Patch Does The patch replaces the existing mod_ssl.so file in the Aster toolchain with an updated mod_ssl.so file. The updated module uses a version of the SSL library that does not have the Heartbleed vulnerability. OpenSSL Heartbleed Vulnerability Fix Procedure for Aster Database Versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x 2

Obtaining the Required Patch File Obtaining the Required Patch File Teradata Aster Database software is distributed using the established Teradata software distribution process. To obtain the required patch file, Aster-httpd-2.2.15- patch001.bin, request Aster Release httpd-2.2.15-patch-rc1, version number r38013: From your local Teradata Aster Customer Support Representative By calling Teradata Aster Support at +1 650 273-5599 By sending electronic mail to Teradata Global Technical Support (GTS) at coresupport@asterdata.com Installing the Patch To install the patch: NOTE: You do NOT need to shut down the server before installing the patch. The patch primarily affects the AMC, and not client connections to the database server. 1 As user "root", copy the required file, Aster-httpd-2.2.15-patch001.bin, to the root ("/") directory of the queen. For neatness, Teradata recommends creating the subdirectory /heartbleed_fix and copying the file to that subdirectory, but doing so is not required. 2 Ensure user "root" has executable rights for Aster-httpd-2.2.15-patch001.bin. As user "root", run the following command: chmod u+x./aster-httpd-2.2.15-patch001.bin 3 As user "root", from the directory containing Aster-httpd-2.2.15-patch001.bin, run the file by executing this command:./aster-httpd-2.2.15-patch001.bin The program will run and then generate a few lines of output. The last three lines should be: *** Replacing: mod_ssl.so in httpd-2.2.15 *** Restarting Apache *** Apache restarted, patching complete 4 If there are no error messages, the patch was successfully installed. If error messages are returned, repeat the above steps. If repeating the above steps does not resolve the error messages, contact Teradata Global Technical Support. OpenSSL Heartbleed Vulnerability Fix Procedure for Aster Database Versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x 3

Testing After Installing the Patch Testing After Installing the Patch As a precaution, Teradata recommends: 1 Running a trivial query to verify that you can access the database. For example: SELECT COUNT(*) FROM <anysmalltable>; 2 Using a new or existing AMC session to check the Dashboard and Admin tabs in the AMC in order to make sure that you can access the AMC. Troubleshooting If you encounter any issues, perform these actions to troubleshoot the cause and resolve the issue: Verify that the required file was installed properly by executing this command: ls -lt /home/beehive/toolchain/x86_64-unknown-linux-gnu/httpd-2.2.15/ modules/mod_ssl.* These two files should be listed: mod_ssl.so (225902 bytes) mod_ssl.so.old (3077135 bytes) Note: The difference in file size is correct. mod_ssl.so.old is approximately 14 times larger than mod_ssl.so. If only the original file (mod_ssl.so, with a size of 3077135 bytes) is listed after verifying that the required file was installed properly, follow the procedure to install the patch again. Ensure that all steps are performed as the user "root". If performing the troubleshooting actions does not resolve the issue, or if a different issue is encountered, contact Teradata Global Technical Support. Contacting Teradata Global Technical Support (GTS) For assistance and updated documentation, contact Teradata Global Technical Support (GTS): Support Portal: http://tays.teradata.com/ International: 212-444-0443 US Customers: 877-698-3282 Toll Free Number: 877-MyT-Data OpenSSL Heartbleed Vulnerability Fix Procedure for Aster Database Versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x 4

Third Party Licenses Third Party Licenses Your Aster installation includes a number of open source products. The license text for these products is available on your Aster queen, as a set of text files in the /home/beehive/licenses directory. About This Document OpenSSL Heartbleed Vulnerability Fix Procedure for Aster Database Versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x, 1st edition, April 21, 2014. Copyright and Legal Statements The product or products described in this document are licensed products of Teradata Corporation or its affiliates. Teradata, Active Data Warehousing, Active Enterprise Intelligence, Applications-Within, Aprimo Marketing Studio, Aster, BYNET, Claraview, DecisionCast, Gridscale, MyCommerce, SQL-MapReduce, Teradata Decision Experts, "Teradata Labs" logo, Teradata ServiceConnect, Teradata Source Experts, WebAnalyst, and Xkoto are trademarks or registered trademarks of Teradata Corporation or its affiliates in the United States and other countries. Adaptec and SCSISelect are trademarks or registered trademarks of Adaptec, Inc. AMD Opteron and Opteron are trademarks of Advanced Micro Devices, Inc. Apache, Apache Hadoop, Hadoop, and the yellow elephant logo are either registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries. Apple, Mac, and OS X all are registered trademarks of Apple Inc. Axeda is a registered trademark of Axeda Corporation. Axeda Agents, Axeda Applications, Axeda Policy Manager, Axeda Enterprise, Axeda Access, Axeda Software Management, Axeda Service, Axeda ServiceLink, and Firewall-Friendly are trademarks and Maximum Results and Maximum Support are servicemarks of Axeda Corporation. Data Domain, EMC, PowerPath, SRDF, and Symmetrix are registered trademarks of EMC Corporation. GoldenGate is a trademark of Oracle. Hewlett-Packard and HP are registered trademarks of Hewlett-Packard Company. Hortonworks, the Hortonworks logo and other Hortonworks trademarks are trademarks of Hortonworks Inc. in the United States and other countries. Intel, Pentium, and XEON are registered trademarks of Intel Corporation. IBM, CICS, RACF, Tivoli, and z/os are registered trademarks of International Business Machines Corporation. OpenSSL Heartbleed Vulnerability Fix Procedure for Aster Database Versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x 5

About This Document Linux is a registered trademark of Linus Torvalds. LSI is a registered trademark of LSI Corporation. Microsoft, Active Directory, Windows, Windows NT, and Windows Server are registered trademarks of Microsoft Corporation in the United States and other countries. NetVault is a trademark or registered trademark of Dell Inc. in the United States and/or other countries. Novell and SUSE are registered trademarks of Novell, Inc., in the United States and other countries. Oracle, Java, and Solaris are registered trademarks of Oracle and/or its affiliates. QLogic and SANbox are trademarks or registered trademarks of QLogic Corporation. Quantum and the Quantum logo are trademarks of Quantum Corporation, registered in the U.S.A. and other countries. Red Hat is a trademark of Red Hat, Inc., registered in the U.S. and other countries. Used under license. SAS and SAS/C are trademarks or registered trademarks of SAS Institute Inc. SPARC is a registered trademark of SPARC International, Inc. Symantec, NetBackup, and VERITAS are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Unicode is a registered trademark of Unicode, Inc. in the United States and other countries. UNIX is a registered trademark of The Open Group in the United States and other countries. Other product and company names mentioned herein may be the trademarks of their respective owners. The information contained in this document is provided on an "as-is" basis, without warranty of any kind, either express or implied, including the implied warranties of merchantability, fitness for a particular purpose, or non-infringement. Some jurisdictions do not allow the exclusion of implied warranties, so the above exclusion may not apply to you. In no event will Teradata Corporation be liable for any indirect, direct, special, incidental, or consequential damages, including lost profits or lost savings, even if expressly advised of the possibility of such damages. The information contained in this document may contain references or cross-references to features, functions, products, or services that are not announced or available in your country. Such references do not imply that Teradata Corporation intends to announce such features, functions, products, or services in your country. Please consult your local Teradata Corporation representative for those features, functions, products, or services available in your country. Information contained in this document may contain technical inaccuracies or typographical errors. Information may be changed or updated without notice. Teradata Corporation may also make improvements or changes in the products or services described in this information at any time without notice. OpenSSL Heartbleed Vulnerability Fix Procedure for Aster Database Versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x 6

About This Document To maintain the quality of our products and services, we would like your comments on the accuracy, clarity, organization, and value of this document. Please email: teradatabooks@lists.teradata.com. Any comments or materials (collectively referred to as "Feedback") sent to Teradata Corporation will be deemed non-confidential. Teradata Corporation will have no obligation of any kind with respect to Feedback and will be free to use, reproduce, disclose, exhibit, display, transform, create derivative works of, and distribute the Feedback and derivative works thereof without limitation on a royalty-free basis. Further, Teradata Corporation will be free to use any ideas, concepts, know-how, or techniques contained in such Feedback for any purpose whatsoever, including developing, manufacturing, or marketing products or services incorporating Feedback. Copyright 2000-2014 by Teradata. All Rights Reserved. www.teradata.com www.asterdata.com OpenSSL Heartbleed Vulnerability Fix Procedure for Aster Database Versions 5.0.2x, 5.0.1, 5.0.0 and 4.6.3x 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information