Readme file for IBM(R) TRIRIGA(R) Application Platform 3.4.1.2 fix pack. Date: May 21, 2015 IBM Corporation Copyright(C) International Business Machines Corporation 2015. All rights reserved. US Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. =============================================================================================== Table of Contents =============================================================================================== 1. Introduction 2. Information resources 3. Installation instructions 4. Resolved issues 5. Notices =============================================================================================== 1. Introduction =============================================================================================== This fix pack updates the TRIRIGA Application Platform product. ----------------------------------------------------------------------------------------------- Prerequisites and supported products ----------------------------------------------------------------------------------------------- To install this fix pack, you must already have IBM TRIRIGA Application Platform 3.4.1 installed. =============================================================================================== 2. Information resources =============================================================================================== Knowledge center URL: http://www-01.ibm.com/support/knowledgecenter/SSHEB3_3.4.1/com.ibm.tap.doc_3.4.1/product_landing.html Description: Access the information center to view the product documentation. Topics include product overviews; installation and configuration tasks; instructions for using, administering, and troubleshooting the product; and security information. Real Estate and Facilities Management community on Service Management Connect URL: https://www.ibm.com/developerworks/servicemanagement/rfm/ Description: Use Service Management Connect to access blogs, wikis, forums, and communities. In Service Management Connect you can review information such as best practices, performance and tuning, and product integrations. You can also collaborate with IBM experts and the broader user community. IBM TRIRIGA Application Platform support resources portal URL: http://www.ibm.com/support/entry/portal/overview/software/tivoli/ibm_tririga_application_platform Description: The IBM support resources portal provides access to tools and resources to keep your systems, software, and applications running smoothly. From the support resources portal you can find fixes, service requests, useful links and an enhanced search to help you find information quickly. =============================================================================================== 3. Installation instructions =============================================================================================== The fix pack file can be extracted into any directory. Before extracting and running the fix pack, back up the existing TRIRIGA files and make a backup copy of the database. NOTE: Uninstall Information This fix pack is provided to you as a zip file. It overwrites your existing TRIRIGA EAR file and may contain database scripts that modify your database. If you want to reverse your changes, you must restore your backed-up version of the TRIRIGA directory, redeploy the old EAR file, and restore the database. Follow these steps to apply this fix pack: 1 Ensure that no database configuration changes are pending. 2 Shut down all of your application and process servers. 3 Take a backup of the database and of the TRIRIGA install directory. 4 After the backup has been completed, restart WebSphere Application Server. For JBoss and Oracle WebLogic Application Servers, make sure they remain shut down. 5 Download the 3.4.1-TIV-TAP-FP002 file. 6 Unzip the file and run the patch executable file (fixpack_tririga_v3.4.1.2.exe or fixpack_tririga_v3.4.1.2.bin). 7 In the Introduction panel, click Next. 8 In license agreement, accept the terms and click Next. (if you do not accept the terms, the patch will exit) 9 Choose the directory where TRIRIGA is installed. For example: c:\ibm\tririga\ Or /opt/ibm/tririga/ 10 Review the information, and click Next. 11 The fix pack process will patch the EAR file, run any platform database fix pack scripts, and redeploy the EAR file in JBoss. 12 For Oracle WebLogic Application Server, delete all the cache, tmp, and .wlnotdelete directories thay may contain files left over from the previous application/ear installation For example: C:\oracle\weblogic10\user_projects\domains\tririga10domain\servers\AdminServer\cache C:\oracle\weblogic10\user_projects\domains\tririga10domain\servers\AdminServer\tmp Or /opt/oracle/weblogic10/user_projects/domains/tririga10domain/servers/AdminServer/cache /opt/oracle/weblogic10/user_projects/domains/tririga10domain/servers/AdminServer/tmp 13 For Oracle WebLogic Application Server, redeploy the EAR file, and then restart the application server. The EAR file is located in the root TRIRIGA install directory: For example: c:\ibm\tririga\tririga-ibs.ear /opt/ibm/tririga/tririga-ibs.ear 14 For JBoss, the EAR file should be deployed and the cache directories will be automatically removed. All that is required is to restart JBoss 15 For WebSphere Application Server, the EAR file will be redeployed and started automatically. If it fails to deploy, you can try to manually. The EAR file is located in the root TRIRIGA install directory: For example: c:\ibm\tririga\tririga-ibs.ear /opt/ibm/tririga/tririga-ibs.ear ==================================================================================================== 4. Resolved issues ==================================================================================================== ---------------------------------------------------------------------------------------------------- The following issues were resolved in this fix pack. ---------------------------------------------------------------------------------------------------- ---------------- Security Issues: ---------------- IBM does not intend to provide vulnerability details that could enable someone to craft an exploit. IBM uses the Common Vulnerability Scoring System (CVSS) as a standard for communicating the impact of security vulnerabilities in IBM products and solutions. CVSS is an industry open standard for assessing the severity or impact of computer system security vulnerabilities. This standard attempts to establish a numeric measure that represents how much concern or attention the vulnerability warrants. The resulting CVSS score is based on an assessment of a series of metrics. The CVSS Base Score represents the intrinsic and fundamental characteristics of the vulnerability that are typically constant over time and across user environments.For more information, see http://www-03.ibm.com/security/secure-engineering/bulletins.html --------------------------------------------------------------------------------------------------- The following security issues were resolved in the TRIRIGA Application Platform 3.4.1.2 fix pack --------------------------------------------------------------------------------------------------- CVE ID: Title: Privilege Escalation Vulnerability CVSS Base Score: CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/ for the current score. --- CVE ID: Title: Cross Site Scripting Vulnerability CVSS Base Score: CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/ for the current score. ---------------------------------------------------------------------------------------------------- General Issues: ---------------------------------------------------------------------------------------------------- APAR #: IV67243 Defect: 158677 Description: When you publish a workflow, invisible mappings will now be removed from formula fields that are found in the create and modify tasks. --- APAR #: IV67962 Defect: 158736 Description: Events with the end dates that are set to 0 AM now display correctly and the additional More link no longer appears for the day after an event. --- APAR #: IV68361 Defect: 159054 Description: In Chart Type reports, an issue was resolved that occurred when the drill through functionality was not handling special characters correctly. --- APAR #: IV68911 Defect: 166082 Description: The BIRT report can now retrieve the correct data in multiple languages. --- APAR #: IV69871 Defect: 165225 Description: An issue was resolved where the This Month filter would not find dates that were set to relative on the first day of the month. An issue was resolved where the This Month filter would pull too many records from the last day of the previous month. --- APAR #: IV70831 Defect: 168124 Description: When you export text from a workflow, an invalid Map ID will no longer cause an error. --- APAR #: IV71104 Defect: 166625 Description: The Microsoft Internet Explorer security updates no longer cause tasks to not load their properties in the Workflow builder. --- APAR #: IV72394 Defect: 171018 Description: When the Platform Maintenance Agent is complete, server caches are cleared. --- APAR #: Defect: 158637 Description: In an editable query of a parent object, you can now configure Single Smart Section fields to wrap. --- APAR #: Defect: 163196 Description: When you load a CI application definition, if there is an invalid configuration for a special field on a mapping, that field is skipped and the mapping will still load. --- APAR #: Defect: 164913 Description: In the administration console, when you debug out-bound mail configurations, platform logging now has an Outgoing Mail category. --- APAR #: Defect: 168215 Description: The Code Signing certificate for applets was updated. The new certificate expires in June 2017. --- APAR #: Defect: 175168 Description: Resolved an application custom class loader issue when the class loader delegation was set to Parent-Last. Class loading functionality is no longer pushed to the parent class loader when the custom class loader attempts to load certain java classes from packages. For example, javax.*. ==================================================================================================== 5. Notices ==================================================================================================== This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the users responsibility to evaluate and verify the operation of any non-IBM product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not grant you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing IBM Corporation North Castle Drive Armonk, NY 10504-1785 U.S.A. For license inquiries regarding double-byte (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to: Intellectual Property Licensing Legal and Intellectual Property Law IBM Japan, Ltd. 19-21, Nihonbashi-Hakozakicho, Chuo-ku Tokyo 103-8510, Japan The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk. IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact: IBM Corporation 2Z4A/101 11400 Burnet Road Austin, TX 78758 U.S.A. Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee. The licensed program described in this document and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement or any equivalent agreement between us. Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. All statements regarding IBMs future direction or intent are subject to change or withdrawal without notice, and represent goals and objectives only. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. If you are viewing this information softcopy, the photographs and color illustrations may not appear. Trademarks IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at www.ibm.com/legal/copytrade.shtml. Java and all Java-based trademarks and logos are trademarks of Oracle and/or its affiliates. Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. Privacy Policy Considerations IBM Software products, including software as service solutions, (Software Offerings) may use cookies or other technologies to collect product usage information, to help improve the end user experience, to tailor interactions with the end user or for other purposes. In many cases no personally identifiable information is collected by the Software Offerings. Some of our Software Offerings can help enable you to collect personally identifiable information. If this Software Offering uses cookies to collect personally identifiable information, specific information about this offerings use of cookies is set forth below. This Software Offering does not use cookies or other technologies to collect personally identifiable information. If the configurations deployed for this Software Offering provide you as customer the ability to collect personally identifiable information from end users via cookies and other technologies, you should seek your own legal advice about any laws applicable to such data collection, including any requirements for notice and consent. For more information about the use of various technologies, including cookies, for these purposes, see IBMs Privacy Policy at www.ibm.com/privacy and IBMs Online Privacy Statement at www.ibm.com/privacy/details in the section entitled Cookies, Web Beacons and Other Technologies and the IBM Software Products and Software-as-a-Service Privacy Statement at www.ibm.com/software/info/product-privacy/.