IBM Support

Rational Change Interim Fix 1 for 5.3.2.4

Download


Release Date

4 March 2022

Abstract

IBM Rational Change 5.3.2.4_iFix001 has been made generally available and contains fix for CVE-2021-4104.

Download Description

Table of Contents
Sections Description

The Change history section provides an overview on what is new in this release with a description of any new functions or enhancements when applicable.

The How critical is this fix section provides information related to the impact of this release to allow you to assess how your environment may be affected.

The Prerequisites section provides important information to review prior to the installation of this release.

The Download package section provides the direct link to obtain the download package for installation in your environment.

The Installation instructions section provides the installation instructions necessary to apply this release into your environment.

The Known side effects section contains a link to the known problems (open defects) identified at the time of this release.
Supporting Documentation
Document Description

Click to review the detailed system requirements information for a complete list of hardware requirements, supported operating systems, prerequisites and optional supported software, with component-level details and operating system restrictions.

IBM Knowledge Center provides an entry point to product documentation. You can view, browse, and search online information related to the product.

Click to review a complete list of the defects (APARs) resolved in this release including a list of resolved defects for the entire version family.

Find technical developer content and resources.

Prerequisites

Prerequisites include:

Rational Change 5.3.2.4

Rational Synergy Fix Pack 4 (7.2.2.4) for 7.2.2

Back to top

Installation Instructions

Review the Installation page in the IBM Knowledge Center.

Review also the Upgrading page in the IBM Knowledge Center for additional details.
Procedure:
  1. Log in to the machine where Rational Change 5.3.2.4 is installed as the user who installed Rational Change.
  2. Unzip (Windows) or untar (UNIX) the patch file into <CHANGE_APP_HOME>/WEB-INF/packages. The resultant directory will have the name rc<patch version>.
    For example, on UNIX:
    $ cd <CHANGE_APP_HOME>/WEB-INF/packages
    $ tar xvf <file path>
  3. Install the iFix
            Login to the Rational Change Admin interface and click the System Administration link in the action panel.
            Click on the Package Installer tab, select the iFix rc5.3.2.4.01 from the Available Packages list box, and click the Install button.
  4. Copy the attached iFix file "log4j2.xml" (for the relevant platform) from "lo4j2.zip" into the path <CHANGE_APP_HOME>/WEB-INF/classes/
  5. After the patch installation is successful, stop Rational change.
  6. Backup and delete "log4j.jar" from <CHANGE_APP_HOME>/WEB-INF/lib/.
  7. Start Rational change.
        Note:
            If context path is other than "change" while installation of Rational Change then set the "event.log" and "velocity.log"
            path accordingly in "log4j2.xml".        
            For example: <Property name="eventfile">../webapps/<context path>/logs/event.log</Property>
REVERSING THE IFIX
If it is necessary to remove the iFix after it was installed, follow these steps.
  1. Login to Rational Change as Admin, and click the System Administration link in the action panel. Uninstall the iFix.
  2. Uninstall the iFix :
            Click on the Package Installer tab, select the iFix from the Installed Packages listbox and click the Uninstall button.
  3. After the patch uninstall is successful, stop Rational Change.
  4. Delete the log4j2 related jar files (log4j-1.2-api-2.17.1.jar, log4j-api-2.17.1.jar and log4j-core-2.17.1.jar), if persist in the path <CHANGE_APP_HOME>/WEB-INF/lib/.
            For example, on UNIX:
            $ cd <CHANGE_APP_HOME>/WEB-INF/lib
            $ rm -f log4j-1.2-api-2.17.1.jar log4j-api-2.17.1.jar log4j-core-2.17.1.jar
  5. Copy the backed up file "log4j.jar" into <CHANGE_APP_HOME>/WEB-INF/lib/.
  6. Start Rational Change.

Back to top

Download Package

The following sections provide detailed information related to this release.

Click the FC link below to obtain the release from Fix Central.

How critical is this fix?

Impact Assessment
Impact Description

Corrective

This is a maintenance release. It contains fixes for client-reported and internally found defects.

Test Results

Close [x]

Definitions

Regression: An error in the Maintenance Delivery Vehicle (MDV) that produces incorrect or unexpected behavior causing a supported feature to stop functioning as designed.
This includes:

  • Coding errors that cause a regression
  • Documentation or packaging problems that cause a regression
  • Errors reported in a new function delivered in a MDV that cause a regression

Incomplete: An error in the MDV has not regressed, but does not work as designed.
This includes:

  • Fixed APARs which did not solve the original problem but did not break anything new
  • APARs reporting documentation errors, such as readme errors, that cause problems applying an MDV but do not lead to a regression

Notes:
  • Regression and incomplete APARs are considered fix-in-error or MDV-in-error
  • Definitions above apply only to valid APARs that result in product fixes (APARs returned as working-as-designed are not assessed for being fix-in-error)
  • Issues in major releases due to new functionality do not apply in this definition

There are no known regressions to report.

Back to top

Problems Solved

Defects resolved

Click the Fix List link in the table of contents above to review a list of the problems solved in this release.

Known Side Effects

Review the following list of known issues and open defects:

No known issues.

Back to top

Change History

What's new

Provided remediation for the CVE-2021-4104. Log4j upgraded to log4j-2.17.1. in Rational Change.

Back to top

Click the link in the Download Options column:

On
[{"DNLabel":"Rational Change 5.3.2.4 downloads and fixes","DNDate":"04 Mar 2022","DNLang":"English","DNSize":"1 B","DNPlat":{"label":"Windows","code":"PF033"},"DNURL":"https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7ERational&product=ibm/Rational/Rational+Change&release=5.3.2.4&platform=All&function=all","DNURL_FTP":"","DDURL":null}]
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYQQ2","label":"Rational Change"},"ARM Category":[{"code":"a8m0z000000bm3qAAA","label":"Synergy"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"All Version(s)"}]

Document Information

Modified date:
03 March 2022

UID

ibm16560010

Page Feedback