This document will illustrate how to upgrade the Commvault agents to minimal code versions to support the Log4j hotfix.
The hotfix impacts the Commvault product features below:
• Cloud Apps package
• Oracle agent - Database archiving, data masking, and logical dump backup
• Microsoft SQL Server agent - Database archiving, data masking, and table-level restore
Informational
This remediation guide is written assuming wget as a standard method of fetching files, please adjust accordingly within the uniqueness of your environment.
Installing wget Example
[root@acm-lab-linux01 ~]# yum install wget
Loaded plugins: fastestmirror
base | 3.6 kB 00:00:00
http://mirror.mia.velocihost.net/centos/7.9.2009/extras/x86_64/repodata/repomd.xml: [Errno 14] HTTP Error 403 - Forbidden
Trying other mirror.
To address this issue please refer to the below knowledge base article
https://access.redhat.com/solutions/69319
If above article doesn't help to resolve this issue please create a bug on https://bugs.centos.org/
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
updates/7/x86_64/primary_db | 13 MB 00:00:00
Determining fastest mirrors
* base: mirror.grid.uchicago.edu
* extras: mirror.mia.velocihost.net
* updates: mirror.grid.uchicago.edu
Resolving Dependencies
--> Running transaction check
---> Package wget.x86_64 0:1.14-18.el7_6.1 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
========================================================================================================================================================
Package Arch Version Repository Size
========================================================================================================================================================
Installing:
wget x86_64 1.14-18.el7_6.1 base 547 k
Transaction Summary
========================================================================================================================================================
Install 1 Package
Total download size: 547 k
Installed size: 2.0 M
Is this ok [y/d/N]: y
Downloading packages:
wget-1.14-18.el7_6.1.x86_64.rpm | 547 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Warning: RPMDB altered outside of yum.
Installing : wget-1.14-18.el7_6.1.x86_64 1/1
Verifying : wget-1.14-18.el7_6.1.x86_64 1/1
Installed:
wget.x86_64 0:1.14-18.el7_6.1
Complete!Download Commvault Dependency Package
Using the following credentials, download the Commvault Maintenance package:
user: expedient
pass: publ1c
wget https://download.expedient.com/cv/log4j/Commvault_Maintenance_11_20_77_linux-x8664.tar --user=expedient --ask-password[root@acm-lab-linux01 ~]# wget https://download.expedient.com/cv/log4j/Commvault_Maintenance_11_20_77_linux-x8664.tar --user=expedient --ask-password
Password for user ‘expedient’:
--2021-12-16 18:40:59-- https://download.expedient.com/cv/log4j/Commvault_Maintenance_11_20_77_linux-x8664.tar
Resolving download.expedient.com (download.expedient.com)... 209.166.171.26
Connecting to download.expedient.com (download.expedient.com)|209.166.171.26|:443... connected.
HTTP request sent, awaiting response... 401 Unauthorized
Reusing existing connection to download.expedient.com:443.
HTTP request sent, awaiting response... 200 OK
Length: 1817609728 (1.7G) [application/x-tar]
Saving to: ‘Commvault_Maintenance_11_20_77_linux-x8664.tar’
100%[============================================================================================================>] 1,817,609,728 101MB/s in 18s
2021-12-16 18:41:17 (97.9 MB/s) - ‘Commvault_Maintenance_11_20_77_linux-x8664.tar’ saved [1817609728/1817609728]Download Log4j Specfic Patching
Using the following credentials, download the Log4j package:
user: expedient
pass: publ1c
wget https://download.expedient.com/cv/log4j/v11SP20_Available_HotFix4561_linux-x8664.tar --user=expedient --ask-password
[root@acm-lab-linux01 ~]# wget https://download.expedient.com/cv/log4j/v11SP20_Available_HotFix4561_linux-x8664.tar --user=expedient --ask-password
Password for user ‘expedient’:
--2021-12-16 18:17:27-- https://download.expedient.com/cv/log4j/v11SP20_Available_HotFix4561_linux-x8664.tar
Resolving download.expedient.com (download.expedient.com)... 209.166.171.26
Connecting to download.expedient.com (download.expedient.com)|209.166.171.26|:443... connected.
HTTP request sent, awaiting response... 401 Unauthorized
Reusing existing connection to download.expedient.com:443.
HTTP request sent, awaiting response... 200 OK
Length: 23875584 (23M) [application/x-tar]
Saving to: ‘v11SP20_Available_HotFix4561_linux-x8664.tar’
100%[==============================================================================================================>] 23,875,584 92.5MB/s in 0.2s
2021-12-16 18:17:27 (92.5 MB/s) - ‘v11SP20_Available_HotFix4561_linux-x8664.tar’ saved [23875584/23875584]Extract Remediation Packages
sudo mkdir Commvault_Maintenance_11_20_77_linux-x8664
tar -xf Commvault_Maintenance_11_20_77_linux-x8664.tar -C Commvault_Maintenance_11_20_77_linux-x8664
sudo mkdir v11SP20_Available_HotFix4561_linux-x8664
tar -xf v11SP20_Available_HotFix4561_linux-x8664.tar -C v11SP20_Available_HotFix4561_linux-x8664Update Commvault Agent Dependencies
sudo chmod +x ./Commvault_Maintenance_11_20_77_linux-x8664/InstallUpdates
./Commvault_Maintenance_11_20_77_linux-x8664/InstallUpdates
Update Commvault Agent with Log4j Patch
sudo chmod +x v11SP20_Available_HotFix4561_linux-x8664/InstallUpdates
./v11SP20_Available_HotFix4561_linux-x8664/InstallUpdates
This remediation will need to be applied to all Commvault protected systems within your environment.