Flashes (Alerts)
Abstract
Information about the Java Double.parseDouble vulnerability .
Actions required to address the issue in TNPM Wireline (Proviso)
Content
A critical class library security vulnerability was blogged on the Internet and is now in the public domain.
Issue
| Java Runtime Environment hangs when converting "2.2250738585072012e-308" to a binary floating-point number. |
For TNPM Proviso 1.3
The following is an update to provide remediation.
Details around the vulnerability can be found here:
http://www.ibm.com/developerworks/java/jdk/alerts/cve-2010-4476.html
The eWAS iFix is available here:
http://www.ibm.com/support/docview.wss?uid=swg21462019#solution_dist
Download PM32184 and install the fix.
Instructions to apply the fix:
WAS Update Installer (WUI) must be installed, you must install WUI.
http://www.ibm.com/support/docview.wss?rs=180&uid=swg24020448
Once WUI is installed, download the eWAS iFix:
http://www.ibm.com/support/docview.wss?uid=swg24029112
Fix can install the iFix silently using a response file.
For TNPM 1.3.1, a package planned to be release Feburary 25th, will include:
The TIP iFix that can be applied to applied to TIP 2.1x.
DE/COU step to install WebSphere Update Installer (WUI) if not already installed
DE/COI step to install the WAS Java fix
Readme
[{"Product":{"code":"SSBNJ7","label":"IBM Netcool Performance Manager"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"IBM Tivoli Netcool Performance Manager (TNPM Wireline) Platform","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"}],"Version":"1.3;1.3.1","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Was this topic helpful?
Document Information
Modified date:
25 September 2022
UID
swg21468849