Fix Readme
Abstract
This readme is for IBM Business Automation Workflow 24.0.0 Machine Learning Server interim fixes released periodically to resolve security vulnerabilities, as well as other defects. It includes information about the download, installation, and other information about interim fixes for the 24.0.0 release.
Content
| Readme file for | IBM Business Automation Workflow Machine Learning Server |
|---|---|
| Product release | 24.0.0 |
| Publication date | 1 August 2024 |
Contents
Prerequisites and superseding fixes
Components impacted
Before installation
Installing the interim fix
Performing the necessary tasks after installation
Uninstalling
List of fixes
Document change history
Components impacted
Before installation
Installing the interim fix
Performing the necessary tasks after installation
Uninstalling
List of fixes
Document change history
Prerequisites and superseding fixes
- Each interim fix typically supersedes all other previous interim fixes shipped for 24.0.0
- Business Automation Workflow Machine Learning Server includes container images that include operating system level and other open source libraries. Vulnerabilities (CVEs) for these libraries are published regularly. These interim fixes include fixes for these libraries.
Business Automation Workflow Machine Learning Server interim fixes
| Interim fix name/ Download link | Superseded interim fix names | Complimentary Cloud Pak for Business Automation interim fix name | Released |
| 24.0.0 IF007 | See note (*) below | 24.0.0 IF007 | October 2025 |
| 24.0.0 IF006 | See note (*) below | 24.0.0 IF006 | July 2025 |
| 24.0.0 IF005 | See note (*) below | 24.0.0 IF005 | May 2025 |
| 24.0.0 IF004 | See note (*) below | 24.0.0 IF004 | February 2025 |
| 24.0.0 IF003 | * Note: All previous interim fixes listed in this table | 24.0.0 IF003 | October 2024 |
| 24.0.0 IF001 | None | 24.0.0 IF001 | July 2024 |
The previous table is chronologically listed in reverse order, with more recent fixes listed at the top.
Components impacted
Before installation
- Download the fix archive file from Fix Central corresponding to latest interim fix listed in the table above.
Using your preferred FTP tool, move the downloaded archive to the environment where the Machine Learning Server is installed. Place it in the same directory, as a sibling to where the Machine Learning Server directory resides. For example, if the Machine Learning Server directory is ba-ml-server, then the parent of that directory will now include ba-ml-server directory and the fix archive file, for example, BAMLS_24.0.0_LNX_ML-IF001.tar.gz .
# pwd /root # ls -l total 1100944 -rw-------. 1 root root 1226 Apr 29 2022 anaconda-ks.cfg -rw-r--r-- 1 root root 1085801736 Jan 26 13:11 BAMLS_24.0.0_LNX_ML-IF001.tar.gz drwxr-xr-x 7 root root 109 Jan 29 12:20 ba-ml-server
Installing the interim fix
On the environment that has the 24.0.0 Machine Learning Server installed:
- Connect to this host via terminal using SSH.
- Back up the current .env file located in the root directory where the Machine Learning Server is installed. By default, the root directory is typically named ba-ml-server, and subsequent instructions refer to it as such.
From inside the root directory ba-ml-server, stop the server by running:
./bin/ba-ml-server-stopNavigate to the parent directory where the archive was previously uploaded and extract its contents. Please be aware, this will over-write the current ba-ml-server directory and its contents. Here is an example of performing this operation using the tar command:
tar -xzvf BAMLS_24.0.0_LNX_ML-IF001.tar.gzBack inside the root of the Machine Learning Server (ba-ml-server), run:
sudo chmod a+x bin/ba-ml-server-startEdit .env, and use the values previously backed up for the Business Automation Insights credential values, for the values of these keys:
BAI_HOSTNAME= SEARCH_USERNAME= SEARCH_PASSWORD= SEARCH_PORT= BAW_TASK_ALIAS=Run:
./bin/ba-ml-server-start --init --acceptLicense- (Optional) Complete the next two steps two if you already have a Business Automation Workflow environment installed and configured with this Machine Learning Sever, otherwise, skip to the next part Performing the necessary tasks after installation.
- From the WebSphere Application Server Admin Console of the environment that is running Business Automation Workflow:
- Navigate to SSL certificate and key management > Key stores and certificates > CellDefaultTrustStore > Signer certificates .
- Delete the current Machine Learning Server signer certificate.
- Add a new SSL certificate.
- Click retrieve from port.
- Add the hostname and secure port number, for example, 443, of the Machine Learning Server.
- Enter a name for the alias, for example, ml-server .
- Then, click retrieve signer information.
- Finally, click Apply then Save..., to commit the changes.
Note: If you don't fill in the credentials for the .env before running the ./bin/ba-ml-server-start --init --acceptLicense command, it will ask you during build to put in the credentials, but when doing so, OpenSearch might not work. If you find yourself running into this issue, redo steps 6 and 7 above.
Performing the necessary tasks after installation
On the environment that has Business Automation Workflow installed:
Note: For any changes in admin console, make sure to click Apply then Save... to ensure changes are committed and take affect.
Note: For any changes in admin console, make sure to click Apply then Save... to ensure changes are committed and take affect.
- For Next Best Task, enable Task Filter Service for Process Portal in admin console, via Mashups configuration
For more information refer to Prioritizing work in IBM documentation.Add the following properties:
Property Value Additional information com.ibm.bpm.portal.task.filter.service.name SYSRP@Task Filter Service Template com.ibm.bpm.portal.task.filter.service.alwaysRun false Set variable type to boolean com.ibm.bpm.portal.task.filter.service.showToggle true Set variable type to boolean
- Create authentication alias for Machine Learning Server in admin console
For more information refer to Managing Java 2 Connector Architecture authentication data entries for JAAS in IBM documentation- In admin console, navigate to Security > Global Security > Java Authentication and Authorization Service > J2C authenticaion data
- Create a new alias and give it a name, for example ml-server .
- Enter the HTTP Basic Authentication username and password used to access the Machine Learning Server.
- Import Machine Learning Server certificates
For more information refer to Accessing an Enterprise Content Management server using the Secure Socket Layer (SSL) in IBM documentation.- In admin console, enter the hostname and port number used to access the Machine Learning Sever.
- Enter a name for the alias, for example ml-server .
- Click Apply then Save... .
- Configure Business Automation Workflow via 100Custom.xml using information from previous steps
- In the file system, locate and edit <Dmgr_profile_root>/profiles/StandAloneProfile/config/cells/nodename1Node01Cell/nodes/nodename1/servers/server1/process-center/config/100custom.xml .
Add the following section inside the <properties> tag, and update the values for host, port, auth-alias, and ssl-config-alias, based on the results of the previous steps:
<server> <ml-server> <!-- ML-Server configurations. --> <host>ml-server-hostname-added-in-step-3</host> <port>ml-server-expose-port-added-in-step-3</port> <auth-alias>auth-alias-name-created-in-step-2</auth-alias> <ssl-config-alias>ssl-config-alias-created (leave blank if none)</ssl-config-alias> </ml-server> </server>
- Restart Business Automation Workflow server
Note: If you run into the following error when the Tasklist in the Process Portal is loaded, redo the Import Machine Learning Server certificates step, first deleting the current Machine Learning Server signer certificate, then recreating a new one.
Caused by: com.ibm.jsse2.util.j: PKIX path building failed: com.ibm.security.cert.IBMCertPathBuilderException: unable to find valid certification path to requested targetUninstalling
There is no procedure to uninstall the interim fix.
List of fixes
The following lists of resolved Known Issues are specific to Business Automation Workflow Machine Learning Server. Fixes that have been identified as correcting security vulnerabilities are indicated with an X mark.
Business Automation Workflow
24.0.0 IF007
| Known Issue | Security | Behavior change | Title |
|---|---|---|---|
| N/A | X | Business Automation Workflow Machine Learning Server is delivered with container images that include operating system level and other open source libraries. Vulnerabilities (CVEs) for these libraries are published regularly. This interim fix includes fixes for these libraries to address: CVE-2025-54121, CVE-2025-50181, CVE-2025-50182 |
24.0.0 IF006
| Known Issue | Security | Behavior change | Title |
|---|---|---|---|
| N/A | X | Business Automation Workflow Machine Learning Server is delivered with container images that include operating system level and other open source libraries. Vulnerabilities (CVEs) for these libraries are published regularly. This interim fix includes fixes for these libraries to address: CVE-2025-47273, CVE-2024-6827, CVE-2024-47081, CVE-2025-48379 |
24.0.0 IF005
| Known Issue | Security | Behavior change | Title |
|---|---|---|---|
| N/A | X | Business Automation Workflow Machine Learning Server is delivered with container images that include operating system level and other open source libraries. Vulnerabilities (CVEs) for these libraries are published regularly. This interim fix does not include any fixes specifically related to Machine Learning Server. |
24.0.0 IF004
| Known Issue | Security | Behavior change | Title |
|---|---|---|---|
| N/A | X | Business Automation Workflow Machine Learning Server is delivered with container images that include operating system level and other open source libraries. Vulnerabilities (CVEs) for these libraries are published regularly. This interim fix includes fixes for these libraries to address: CVE-2024-47874 |
24.0.0 IF003
| Known Issue | Security | Behavior change | Title |
|---|---|---|---|
| N/A | X | Business Automation Workflow Machine Learning Server is delivered with container images that include operating system level and other open source libraries. Vulnerabilities (CVEs) for these libraries are published regularly. This interim fix includes fixes for these libraries to address: CVE-2023-52615, CVE-2023-52626, CVE-2023-52667, CVE-2023-52669, CVE-2023-52675, CVE-2023-52686, CVE-2023-52700, CVE-2023-52703, CVE-2023-52781, CVE-2023-52813, CVE-2023-52835, CVE-2023-52877, CVE-2023-52878, CVE-2023-52881, CVE-2024-26583, CVE-2024-26584, CVE-2024-26585, CVE-2024-26656, CVE-2024-26675, CVE-2024-26735, CVE-2024-26759, CVE-2024-26801, CVE-2024-26804, CVE-2024-26826, CVE-2024-26859, CVE-2024-26906, CVE-2024-26907, CVE-2024-26974, CVE-2024-26982, CVE-2024-27397, CVE-2024-27410, CVE-2024-35789, CVE-2024-35835, CVE-2024-35838, CVE-2024-35845, CVE-2024-35852, CVE-2024-35853, CVE-2024-35854, CVE-2024-35855, CVE-2024-35888, CVE-2024-35890, CVE-2024-35958, CVE-2024-35959, CVE-2024-35960, CVE-2024-36004, CVE-2024-36007, CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38477, CVE-2024-39573 |
24.0.0 IF001
| Known Issue | Security | Behavior change | Title |
|---|---|---|---|
| N/A | X | Business Automation Workflow Machine Learning Server is delivered with container images that include operating system level and other open source libraries. Vulnerabilities (CVEs) for these libraries are published regularly. This interim fix includes fixes for these libraries to address: CVE-2024-37891, CVE-2024-5206, CVE-2024-39689, CVE-2024-6345 |
Document change history
- 31 October 2025: Updated with 24.0.0 IF007 details
- 31 July 2025: Updated with 24.0.0 IF006 details
- 1 May 2025: Updated with 24.0.0 IF005 details
- 7 February 2025: Updated with 24.0.0 IF004 details
- 30 October 2024: Updated with 24.0.0 IF003 details
- 1 August 2024: Initial publish.
[{"Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SS8JB4","label":"IBM Business Automation Workflow"},"ARM Category":[{"code":"a8m50000000CcWOAA0","label":"Security"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions","Type":"MASTER"}]
Was this topic helpful?
Document Information
Modified date:
04 November 2025
UID
ibm17159798