Newsletters
Abstract
Hello and welcome to the IBM Monitoring Academy Newsletter for September / October 2021
In these bi-monthly newsletters we are sharing a selection of our high value content and recent updates.
It is hosted here with external links within the blog.
Content
IBM Monitoring Academy Newsletter |
|
|
Link to IBM Tivoli Monitoring Updates Section Link to ITCAM For Transactions Updates Section Link to ICP/ICAM/CP4MCM Updates Section Link to End of Support Section Link to Java Expired Certificates |
Hello and Welcome to the September / October 2021 NewsletterHere are the updates we have for you for the months of September and October 2021... Archived Newsletters |
IBM Tivoli Monitoring v6
IJ34945: THE TIME FOR AN RTEMS TO COMPLETE A STAGE2 OPERATION IS EXCESSIVELY LONG.
Abstract: In ITM v630 FP7 SP2, APAR IJ16040 (OA57107) optimized the utilization of memory when the RTEMS performs a Stage2 operation.
https://www.ibm.com/support/pages/apar/IJ34945
Troubleshooting (IBM Tivoli Monitoring v6)
Downloads - New Releases - Technotes (IBM Tivoli Monitoring v6)
IBM Tivoli Monitoring 6.3.0 Fix Pack 7 Service Pack 8 (6.3.0.7-TIV-ITM-SP0008) was released in August 2021.
Abstract: It is a cumulative service pack for IBM Tivoli Monitoring v6 version 6.3.0 Fix Pack 8.
https://www.ibm.com/support/pages/node/6472879
IBM Tivoli Monitoring for Virtual Environment agents: 7.2.0.8.
Abstract: This release contains new features and enhancements for VMware VI agent, NetApp Storage agent, and Linux Kernel-based Virtual Machines agent.
https://www.ibm.com/support/pages/node/6474485
IBM Tivoli Monitoring Version 6.X.X TEPS WAS/IHS Update 8.55.20.01.
Abstract: This is an interim fix for IBM Tivoli Monitoring Version 6.3.0.
http://www.ibm.com/support/fixcentral/quickorder?product=ibm%2FTivoli%2FIBM+Tivoli+Monitoring&fixids=6.X.X-TIV-ITM_TEPS_WAS-IHS_ALL_8.55.20.01&source=myna&myns=swgtiv&mynp=OCSSTFXA&mync=E&cm_sp=swgtiv-_-OCSSTFXA-_-E
How to add the hostname to the subnodes in the TEP?
Abstract: If you install a custom Agent Builder agent on multiple systems, and this agent has subnodes, how can you prevent that the agent has the same Managed System Name (MSN) across multiple nodes?
https://www.ibm.com/support/pages/node/6355963
IBM Tivoli Monitoring (ITM) 6.X Product Codes and Latest Version
Abstract: IBM Tivoli Monitoring: IBM Tivoli Monitoring 6.X Product Codes. This technote contains a list of most of the product codes and their descriptors. This list is not applicable to all customer environments.
https://www.ibm.com/support/pages/node/348889
When using remote log file monitoring, do not upgrade Log File Agent components to 6.30 FP7 SP6 (or later).
Abstract: There is a compatibility issue with the Tivoli Log File Agent running on GSKit 8.0.55.17 (and later) when using the remote log file monitoring function.
https://www.ibm.com/support/pages/node/6483373
Clarify Sending Log File Agent Events using SSL with Event Integration Facilty (EIF).
Abstract: When configuring the Log File Agent to send events with the Event Integration Facility (EIF) using SSL, the ConnectionMode is required to be connection_oriented (or co) in the configuration file (.conf file).
https://www.ibm.com/support/pages/node/6471213
IBM Tivoli Monitoring 6.3 Instana Integration Technology Preview Readme.
Abstract: IBM Tivoli Monitoring, Version 6.3.0.7 Instana Integration technology preview readme file.
https://www.ibm.com/support/pages/node/6480417
ITM v6 : how to uninstall ITM agents and check the results on Windows?
Abstract: ITM v6 : How to uninstall ITM agents and check the results on Windows?
https://www.ibm.com/support/pages/node/6497999
The Impact of the vulnerability of CVE-2021-41773 for IBM HTTP Server in Tivoli Enterprise Portal Server of IBM Tivoli Monitoring 6.3
Abstract: Does the vulnerability of CVE-2021-41773 affect the IBM HTTP Server in Tivoli Enterprise Portal Server of IBM Tivoli Monitoring 6.3?
https://www.ibm.com/support/pages/node/6497281
Vulnerability port scans no longer compromise ITM environments at 6.3.0.7 Service Pack 3 (or higher)
Problem: A port vulnerability scanner is an application designed to probe a server or host for open ports.
Most scanners run for a period of time, assessing open ports on a host and then producing a report to identify potential security compromises on the enterprise systems scanned to the end user.
Scanners were previously known to cause issues for all ITM applications; specifically, the component would stall.
https://www.ibm.com/support/pages/node/6495891
Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring installed WebSphere Application Server
Abstract: The following security issues have been identified in the WebSphere Application Server included as part of IBM Tivoli Monitoring (ITM) portal server.
https://www.ibm.com/support/pages/node/6485593
ITCAM For Transactions v7.4
Download - New releases - Technotes (ITCAM4Tx)IBM Tivoli Composite Application Manager for Transactions Internet Service Monitoring 7.4 Fix Pack 3 readme file.
Abstract: It is a cumulative fix pack for IBM Tivoli Composite Application Manager for Transactions Internet Service Monitoring (ISM) version 7.4
https://www.ibm.com/support/pages/node/6450747
IBM Tivoli Composite Application Manager for Transactions Response Time 7.4.0.1 Interim Fix 55 Readme File.
Abstract: Readme file for 7.4.0.1-TIV-CAMRT-IF0055
https://www.ibm.com/support/pages/node/6483321
IBM Tivoli Composite Application Manager for Transactions Response Time 7.4.0.1 Interim Fix 52 Readme.
Abstract: Readme file for 7.4.0.1-TIV-CAMRT-IF0052 - This IFIX contains java update for IBM SDK, Java Technology Edition Quarterly CPU - Jan 2021 - Includes Oracle Jan 2021 CPU plus CVE-2020-27221.
https://www.ibm.com/support/pages/node/6437889
APAR IJ34807 - does ISM 7.4 CLI 'ismconfig' support TLS 1.2?
Abstract: Does ITCAM for Transactions Internet Services Monitoring agent 7.4 (ISM, product code 'IS') CLI command ismconfig support TLS 1.2?
https://www.ibm.com/support/pages/node/6501919
Security Bulletins (ITCAM4Tx)
Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2021 - Includes Oracle Apr 2021 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time
Abstract: There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in Apr 2021.
https://www.ibm.com/support/pages/security-bulletin-ibm-sdk-java-technology-edition-quarterly-cpu-apr-2021-includes-oracle-apr-2021-cpu-affects-ibm-tivoli-composite-application-manager-transactions-robotic-response-time
APM v8
Troubleshooting (APM)Download - New releases - Technotes (APM)
IBM Application Performance Management 8.1.4.0 8.1.4.0-IBM-APM-SYNTHETIC-PLAYBACK-AGENT-IF0015 readme
Abstract: readme file for: Synthetic Playback Agent for IBM Cloud Application Performance Management 8.1.4.0 interim fix 15.
https://www.ibm.com/support/pages/node/6487543
Security Bulletins (APM)
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.14.0 ESR + CVE-2021-29967) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF14.
Abstract: Synthetic Playback Agent has addressed the following vulnerabilities:
CVEID: CVE-2021-29967
CVEID: CVE-2021-29964
CVEID: CVE-2021-29985
CVEID: CVE-2021-29970
CVEID: CVE-2021-29984
CVEID: CVE-2021-24002
CVEID: CVE-2021-29946
CVEID: CVE-2021-23995
CVEID: CVE-2021-23994
CVEID: CVE-2021-23998
CVEID: CVE-2021-23999
CVEID: CVE-2021-29988
CVEID: CVE-2021-29951
CVEID: CVE-2021-29989
CVEID: CVE-2021-29986
CVEID: CVE-2021-29477
CVEID: CVE-2021-29478
CVEID: CVE-2021-29469
CVEID: CVE-2021-29976
CVEID: CVE-2021-29980
https://www.ibm.com/support/pages/node/6493377
APAR IJ35109 - Is APM 8.1.4 synthetic agent supporting Mozilla Firefox custom profile?
Question : Is Application Performance Management 8.1.4 synthetic agent (SN) supporting Mozilla Firefox custom profile?
https://www.ibm.com/support/pages/node/6497445
ICP - ICAM - CP4MCM
Troubleshooting (ICP - ICAM - CP4MCM)Download - New releases - Technotes (ICP - ITCAM for xx - ICAM - CP4MCM)
How can we add a new subject alternate name (SAN) address to the IBM Cloud Private CA self signed certificate for the Kubernetes API server?.
Abstract: We are having an issue for a particular use case with helm and it is complaining about the apiserver certificate. It looks like this cert is generated by inception.
Are there instructions on how to update the SAN for the Kubernetes apiserver certificate?
https://www.ibm.com/support/pages/node/6488467
Readme for 7.1.5-TIV-ITM_DB2-FP0000.
Abstract: Readme file for 7.1.5-TIV-ITM_DB2-FP0000 release
https://www.ibm.com/support/pages/node/6491475
IBM® Tivoli® Composite Application Manager for Microsoft® Applications: 6.3.1.18.
Abstract: This release contains new features and enhancements for Microsoft Applications agent.
https://www.ibm.com/support/pages/node/6496477
IBM Tivoli Composite Application Manager Agent for PostgreSQL V7.2.1 (7.2.1-TIV-ITM_PostgreSQL-FP0000).
Abstract: Readme document for IBM Tivoli Composite Application Manager Agent for PostgreSQL V7.2.1 (7.2.1-TIV-ITM_PostgreSQL-FP0000).
https://www.ibm.com/support/pages/node/6467987
Security Bulletins (ICP - ICAM - CP4MCM)
Security Bulletin: IBM Cloud Private is vulnerable to Elastic Kibana vulnerabilities (CVE-2020-7016,CVE-2020-7017).
Abstract: IBM Cloud Private is vulnerable to Elastic Kibana vulnerabilities.
https://www.ibm.com/support/pages/node/6486033
Security Bulletin: IBM Cloud Private is vulnerable to Elastic vulnerabilities (CVE-2020-7018,CVE-2020-7019).
Abstract: IBM Cloud Private is vulnerable to Elastic vulnerabilities.
https://www.ibm.com/support/pages/node/6486037
Security Bulletin: IBM Cloud Private is vulnerable to Elastic vulnerabilities (CVE-2020-7020).
Abstract: IBM Cloud Private is vulnerable to Elastic vulnerabilities.
https://www.ibm.com/support/pages/node/6486045
Security Bulletin: IBM Cloud Private is vulnerable to FasterXML jackson-databind vulnerabilities (CVE-2020-25649).
Abstract: IBM Cloud Private is vulnerable to FasterXML jackson-databind vulnerabilities.
https://www.ibm.com/support/pages/node/6486051
Security Bulletin: IBM Cloud Private is vulnerable to OpenSSL vulnerabilities (CVE-2020-1971).
Abstract: IBM Cloud Private is vulnerable to OpenSSL vulnerabilities.
https://www.ibm.com/support/pages/node/6486087
Security Bulletin: IBM Cloud Private is vulnerable to OpenSSL vulnerabilities (CVE-2020-1968).
Abstract: IBM Cloud Private is vulnerable to OpenSSL vulnerabilities.
https://www.ibm.com/support/pages/node/6486041
Security Bulletin: IBM Cloud Private is vulnerable to Kubernetes vulnerabilities (CVE-2020-8554).
Abstract: IBM Cloud Private is vulnerable to Kubernetes vulnerabilities.
https://www.ibm.com/support/pages/node/6486063
Security Bulletin: IBM Cloud Private is vulnerable to a Go vulnerability (CVE-2021-3121).
Abstract: IBM Cloud Private is vulnerable to a Go vulnerability.
https://www.ibm.com/support/pages/node/6486119
Security Bulletin: IBM Cloud Private is vulnerable to Java vulnerabilities (CVE-2020-14781).
Abstract: IBM Cloud Private is vulnerable to Java vulnerabilities.
https://www.ibm.com/support/pages/node/6486151
Security Bulletin: IBM Cloud Private is vulnerable to OpenSSL and Node.js vulnerabilities (CVE-2020-1971, CVE-2020-8287, CVE-2020-8265).
Abstract: IBM Cloud Private is vulnerable to OpenSSL and Node.js vulnerabilities.
https://www.ibm.com/support/pages/node/6486165
Security Bulletin: IBM Cloud Private is vulnerable to Kubernetes vulnerabilities (CVE-2020-8569).
Abstract: IBM Cloud Private is vulnerable to Kubernetes vulnerabilities.
https://www.ibm.com/support/pages/node/6486143
Security Bulletin: IBM Cloud Private is vulnerable to Node.js loadash vulnerabilities (CVE-2021-23337).
Abstract: IBM Cloud Private is vulnerable to Node.js lodash vulnerabilities.
https://www.ibm.com/support/pages/node/6486333
Security Bulletin: IBM Cloud Private is vulnerable to Java vulnerabilities (CVE-2020-2773).
Abstract: IBM Cloud Private is vulnerable to Java vulnerabilities.
https://www.ibm.com/support/pages/node/6486331
Security Bulletin: IBM Cloud Private is vulnerable to Elastic vulnerabilities (CVE-2020-7021).
Abstract: IBM Cloud Private is vulnerable to Elastic vulnerabilities.
https://www.ibm.com/support/pages/node/6486339
Security Bulletin: IBM Cloud Private is vulnerable to Docker vulnerabilities (CVE-2021-21285, CVE-2021-21284).
Abstract: IBM Cloud Private is vulnerable to Docker vulnerabilities.
https://www.ibm.com/support/pages/node/6486327
Security Bulletin: IBM Cloud Private is vulnerable to OpenSSL vulnerabilities (CVE-2021-23839, CVE-2021-23840, CVE-2021-23841).
Abstract: IBM Cloud Private is vulnerable to OpenSSL vulnerabilities.
https://www.ibm.com/support/pages/node/6486335
Security Bulletin: IBM Cloud Private is vulnerable to Helm vulnerabilities (CVE-2021-21303).
Abstract: IBM Cloud Private is vulnerable to Helm vulnerabilities.
https://www.ibm.com/support/pages/node/6486329
Security Bulletin: IBM Cloud Private is vulnerable to Apache vulnerabilities (CVE-2021-26296).
Abstract: IBM Cloud Private is vulnerable to Apache vulnerabilities.
https://www.ibm.com/support/pages/node/6486349
Security Bulletin: IBM Cloud Private is vulnerable to Node.js loadash vulnerabilities (CVE-2020-28500).
Abstract: IBM Cloud Private is vulnerable to Node.js lodash vulnerabilities.
https://www.ibm.com/support/pages/node/6486341
Security Bulletin: IBM Cloud Private is vulnerable to OpenSSL and Node.js vulnerabilities (CVE-2021-23840, CVE-2021-22884, CVE-2021-22883).
Abstract: IBM Cloud Private is vulnerable to OpenSSL and Node.js vulnerabilities.
https://www.ibm.com/support/pages/node/6486343
Security Bulletin: IBM Cloud Private is vulnerable to a Go vulnerability (CVE-2021-27919, CVE-2021-27918).
Abstract: IBM Cloud Private is vulnerable to a Go vulnerability.
https://www.ibm.com/support/pages/node/6486345
Security Bulletin: IBM Cloud Private is vulnerable to Dojo vulnerabilities (CVE-2020-5258).
Abstract: IBM Cloud Private is vulnerable to Dojo vulnerabilities.
https://www.ibm.com/support/pages/node/6486351
Security Bulletin: IBM Cloud Private is vulnerable to MongoDB vulnerabilities (CVE-2020-7924).
Abstract: IBM Cloud Private is vulnerable to MongoDB vulnerabilities.
https://www.ibm.com/support/pages/node/6486359
Security Bulletin: IBM Cloud Private is vulnerable to OpenSSL vulnerabilities (CVE-2021-3449, CVE-2021-3450).
Abstract: IBM Cloud Private is vulnerable to OpenSSL vulnerabilities.
https://www.ibm.com/support/pages/node/6486347
[End of support (EOS) products and versions Content].
https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&htmlfid=897/ENUS919-196&appname=USN
[New IBM Tivoli Monitoring Related Section: Java Expired Certificates].
Java Expired Certificates.
As of 06 June 2021, you can find that you are no longer able to launch the Tivoli Enterprise Portal console.
It is a result of some expired certificates within the set of classes files used to launch the Tivoli Enterprise Portal console.
We have an automated process that can be used to resign the certificates for you; it requires only a zip/tar of the current set of classes files used. One caveat to note is that, if application supports are installed to the TEPS, you can experience this issue again; and we then need to resign all of the classes files again, by using the automated process. In order for us to resign your JAR file, we require a .zip or .tar of all of the *.jar AND .zip files in the classes directory on your Tivoli Enterprise Portal server host.
Follow these steps to create an archive named 'classes.tar' or 'classes.zip' and send it to support to process the resigning of the JAR file.
Go to the following location on your Tivoli Enterprise Portal Server
(1) UNIX/Linux
InstallDirectory/Architecture/cw/classes
Windows
%CANDLE_HOME%\CNB\classes
(2) Run the following command or use a GUI tool to create a tar or zip file containing all the *.jar and *.zip files only found in the classes directory...
tar cvf /tmp/classes.tar *.jar *.zip
(3) Open a new case to the IBM Tivoli Monitoring Support team requesting for a re-sign of your current files.
Upload the resulting archive file to Ecurep as-is (do not gzip or compress it further)
Was this topic helpful?
Document Information
Modified date:
21 January 2022
UID
ibm16507389