=============================================================================== Readme file for: IBM Platform LSF for SAS Product/Component Release: LSF 10.1.0.6 and 10.1.0.9 Update name: Fix 600947 APAR: P104531 Publication date: 6 Jan 2022 Last modified: 6 Jan 2022 This update fixes the following problem: Upgrade log4j to address the CVE-2021-44228 issue in the log4j utility that is used by IBM Spectrum LSF. NOTE: The CVE-2021-44228 issue affects LSF only if LSF resource connector is enabled. =============================================================================== ========================= CONTENTS ========================= 1. Abbreviations 2. About IBM Platform LSF for SAS 3. Supported operating systems 4. Products or components affected 5. Installation and Configuration 6. Copyright ========================= 1. Abbreviations ========================= N/A ========================= 2. About IBM Platform LSF for SAS ========================= The IBM Platform LSF ("LSF", short for load sharing facility) software is industry-leading enterprise-class software that distributes work across existing heterogeneous IT resources creating a shared, scalable, and fault-tolerant infrastructure, delivering faster, more reliable workload performance while reducing cost. LSF balances load and allocates resources, while providing access to those resources. ========================= 3. Supported operating systems ========================= RHEL 5/6/7 64-bit SLES 10/11 64-bit ========================= 4. Products or components affected ========================= Affected components include: resource_connector/aws/lib/AwsTool.jar resource_connector/aws/lib/aspectjrt-1.7.2.jar resource_connector/aws/lib/aspectjweaver-1.7.2.jar resource_connector/aws/lib/aws-java-sdk-1.11.323.jar resource_connector/aws/lib/commons-beanutils-1.9.4.jar resource_connector/aws/lib/commons-codec-1.10.jar resource_connector/aws/lib/commons-collections-3.2.2.jar resource_connector/aws/lib/commons-lang-2.6.jar resource_connector/aws/lib/commons-logging-1.2.jar resource_connector/aws/lib/ezmorph-1.0.6.jar resource_connector/aws/lib/freemarker-2.3.10.jar resource_connector/aws/lib/httpclient-4.5.jar resource_connector/aws/lib/httpcore-4.4.1.jar resource_connector/aws/lib/jackson-annotations-2.10.0.jar resource_connector/aws/lib/jackson-core-2.10.0.jar resource_connector/aws/lib/jackson-databind-2.10.0.jar resource_connector/aws/lib/joda-time-2.9.9.jar resource_connector/aws/lib/json-lib-2.2.3-jdk15.jar resource_connector/aws/lib/log4j-api-2.17.1.jar resource_connector/aws/lib/log4j-core-2.17.1.jar resource_connector/azure/lib/AzureTool.jar resource_connector/azure/lib/activation-1.1.jar resource_connector/azure/lib/adal4j-1.1.2.jar resource_connector/azure/lib/adapter-rxjava-2.1.0.jar resource_connector/azure/lib/azure-1.0.0.jar resource_connector/azure/lib/azure-annotations-1.0.0.jar resource_connector/azure/lib/azure-client-authentication-1.0.2.jar resource_connector/azure/lib/azure-client-runtime-1.0.2.jar resource_connector/azure/lib/azure-mgmt-appservice-1.0.0.jar resource_connector/azure/lib/azure-mgmt-batch-1.0.0.jar resource_connector/azure/lib/azure-mgmt-cdn-1.0.0.jar resource_connector/azure/lib/azure-mgmt-compute-1.0.0.jar resource_connector/azure/lib/azure-mgmt-dns-1.0.0.jar resource_connector/azure/lib/azure-mgmt-graph-rbac-1.0.0.jar resource_connector/azure/lib/azure-mgmt-keyvault-1.0.0.jar resource_connector/azure/lib/azure-mgmt-network-1.0.0.jar resource_connector/azure/lib/azure-mgmt-redis-1.0.0.jar resource_connector/azure/lib/azure-mgmt-resources-1.0.0.jar resource_connector/azure/lib/azure-mgmt-servicebus-1.0.0.jar resource_connector/azure/lib/azure-mgmt-sql-1.0.0.jar resource_connector/azure/lib/azure-mgmt-storage-1.0.0.jar resource_connector/azure/lib/azure-mgmt-trafficmanager-1.0.0.jar resource_connector/azure/lib/client-runtime-1.0.2.jar resource_connector/azure/lib/commons-beanutils-1.9.4.jar resource_connector/azure/lib/commons-codec-1.10.jar resource_connector/azure/lib/commons-collections-3.2.2.jar resource_connector/azure/lib/commons-lang-2.6.jar resource_connector/azure/lib/commons-lang3-3.4.jar resource_connector/azure/lib/commons-logging-1.2.jar resource_connector/azure/lib/converter-jackson-2.1.0.jar resource_connector/azure/lib/ezmorph-1.0.6.jar resource_connector/azure/lib/gson-2.2.4.jar resource_connector/azure/lib/guava-20.0.jar resource_connector/azure/lib/jackson-annotations-2.10.0.jar resource_connector/azure/lib/jackson-core-2.10.0.jar resource_connector/azure/lib/jackson-databind-2.10.0.jar resource_connector/azure/lib/jackson-datatype-joda-2.10.0.jar resource_connector/azure/lib/jcip-annotations-1.0.jar resource_connector/azure/lib/joda-time-2.9.9.jar resource_connector/azure/lib/json-lib-2.2.3-jdk15.jar resource_connector/azure/lib/json-smart-1.1.1.jar resource_connector/azure/lib/lang-tag-1.4.jar resource_connector/azure/lib/log4j-api-2.17.1.jar resource_connector/azure/lib/log4j-core-2.17.1.jar resource_connector/azure/lib/logging-interceptor-3.3.1.jar resource_connector/azure/lib/mail-1.4.7.jar resource_connector/azure/lib/nimbus-jose-jwt-6.5.1.jar resource_connector/azure/lib/oauth2-oidc-sdk-4.5.jar resource_connector/azure/lib/okhttp-3.3.1.jar resource_connector/azure/lib/okhttp-urlconnection-3.3.1.jar resource_connector/azure/lib/okio-1.8.0.jar resource_connector/azure/lib/retrofit-2.1.0.jar resource_connector/azure/lib/rxjava-1.2.4.jar resource_connector/azure/lib/slf4j-api-1.7.22.jar resource_connector/azure/lib/slf4j-simple-1.7.5.jar resource_connector/cyclecloud/lib/CycleCloudTool.jar resource_connector/cyclecloud/lib/commons-collections-3.2.2.jar resource_connector/cyclecloud/lib/commons-io-2.5.jar resource_connector/cyclecloud/lib/commons-lang-2.6.jar resource_connector/cyclecloud/lib/jackson-annotations-2.10.0.jar resource_connector/cyclecloud/lib/jackson-core-2.10.0.jar resource_connector/cyclecloud/lib/jackson-databind-2.10.0.jar resource_connector/cyclecloud/lib/log4j-api-2.17.1.jar resource_connector/cyclecloud/lib/log4j-core-2.17.1.jar resource_connector/cyclecloud/lib/okhttp-3.14.1.jar resource_connector/cyclecloud/lib/okio-1.17.2.jar ========================= 5. Installation and Configuration ========================= 5.1 Before installation (LSF_TOP=Full path to the top-level installation directory of LSF.) 1) Log on to the LSF master host as root. 2) Set your environment: - For csh or tcsh: % source LSF_TOP/conf/cshrc.lsf - For sh, ksh, or bash: $ . LSF_TOP/conf/profile.lsf 5.2 Installation steps 1) Optional: Remove LSF_TOP/10.1/resource_connector/softlayer, LSF_TOP/10.1/resource_connector/google, and LSF_TOP/10.1/resource_connector/openshift directory if they exist. 2) Move/backup existing files # mv LSF_TOP/10.1/resource_connector/aws/lib your_backup_dir/aws/lib # mv LSF_TOP/10.1/resource_connector/azure/lib your_backup_dir/azure/lib # mv LSF_TOP/10.1/resource_connector/cyclecloud/lib your_backup_dir/cyclecloud/lib 3) Copy the patch files to LSF_TOP/10.1 # cd LSF_TOP/10.1 # tar -xzvf lsf10.1_linux2.6-glibc2.3-x86_64-600947.tar.Z # chown -R root resource_connector 4) Restart mbatchd # badmin mbdrestart 5.3 Uninstallation 1) Log on to the LSF master host as root. 2) Go to the backup directory: # cd your_backup_dir 3) Restore your original files to the orignal directories under LSF_TOP/10.1/resource_connector ========================= 6. Copyright ========================= ©Copyright IBM Corporation 2022 U.S. Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. IBM®, the IBM logo and ibm.com®, are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.