Highlighted
kavita.varadara Trusted Contributor.
Trusted Contributor.
2640 views

ESM 6.11 Patch 2 is now available!

We are happy to announce the release of ESM 6.11 Patch 2! This is one of the largest patches we have ever released, with many product and vulnerability fixes. A few critical fixes are listed below:

  • Support for RHEL and CentOS 7.4 (for a full view of supported OS's please review the support matrix)
  • Update the JRE to 1.8.0_161-b11
  • Provide updates for geographical information and vulnerability mapping
  • Critical fix for a bug in 6.11 P1 around network and zone modelling
  • Fixes for the Mark as Similar feature
  • Spectre Meltdown fixes for the appliances (included in the OS upgrade for appliances)

As always please be sure to review the release notes for details of what is in the patch, and to download the patch at the patch portal.  

Release notes can be found at: https://community.softwaregrp.com/t5/ESM-and-ESM-Express/ArcSight-ESM-Support-Matrix/ta-p/1587254

 

Tags (3)
11 Replies
Frequent Contributor.. NRIST Frequent Contributor..
Frequent Contributor..

Re: ESM 6.11 Patch 2 is now available!

Thanks for the update! The Support Matrix (page 10) says:

OS for software version
6.11.0 Patch 1: RHEL 6.9 or CentOS 6.9
6.11.0 Patch 2: RHEL 7.4 or CentOS 7.4

Does this mean 6.11.0 Patch 2 no longer supports CentOS 6.9 and we should only Patch 2 after upgrading to CentOS 7.4? Please advise.

kavita.varadara Trusted Contributor.
Trusted Contributor.

Re: ESM 6.11 Patch 2 is now available!

6.11 P2 actually supports both RHEL/CentOS 6.9 and RHEL/CentOS 7.4, the support matrix is unclear. I will make sure it is updated and reuploaded. Thanks for the good catch!

123
Frequent Visitor.

Re: ESM 6.11 Patch 2 is now available!

Where does one download patches from?

0 Likes
Knowledge Partner
Knowledge Partner

Re: ESM 6.11 Patch 2 is now available!

Hi,

ESM 6.11 - Patch 2 - https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/-/facetsearch/document/KM03162355

 

if you have an 7600 appliance then i am recomanding you to appy this OS patch first (

(RedHat7.3 RedHat7.4 - Spectre & Meltdown kernel patch)

https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/-/facetsearch/document/KM03162380

 

Best Regards,

 

Daniel

0 Likes
Contributor.. joe.ngo@hpe.com Contributor..
Contributor..

Re: ESM 6.11 Patch 2 is now available!

I have following environment:

B7500 appliance Exress, on OS: RHEL  2.6.32-696 (RHEL 6.9) (- this is supported based on matrix)., running ESM 6.11 Patch 1:

and

Software ESM 6.11 patch 1, Software ESM, OS: 2.6.32-696 (RHEL 6.9)

 

Would i to wait on this mircrocode on both software and appliance upgrade or go ahead an apply these patches before upgrading to 6.11 patch 2? as in 

https://community.softwaregrp.com/t5/ArcSight-User-Discussions/Spectre-Meltdown-Update/m-p/1632424

Would I have to consider to buy  a new appliance like B7600 G9 with OS Redhat 7.4  to take care of this the Spectre and

Meltdown vulnerabilities applied?

-Joe Ngo

0 Likes
Knowledge Partner
Knowledge Partner

Re: ESM 6.11 Patch 2 is now available!

Hi Joe, 

 

According to the ESM 6.11 Patch 2 documentation the microcode for the Spectre and Meltdown (which is on OS level) it is only on RHEL 7.4 (which as you know are the OS for B7600).

Due to long collaboration between T3 (Darren) and Dev. team we discovered indeed  we released the microcode / OS kernel that address the Spectre and Meltdown issue but this can be found in the update OS on ESM 7.0 for RHEL 6.9.

So if you want to fix the Spectre and Meltdown issue on B7500 you need to install the last update of RHEL 6.9 (esm_osupgrade_rhel69_20180309171845.tar.gz that can be download by any customer who as valid contract from https://h22255.www2.hpe.com/mysoftware/index , on  ESM 7.0 download section).

The archive contains kernel-2.6.32-696.20.1.el6.x86_64  ( where the bugs are fixed according to this link https://access.redhat.com/errata/RHSA-2018:0169) and firmware-system-p70-2018.01.22-1.1.i386.rpm - System ROM upgrade which fix the same issue on BIOS server. For more information please read https://support.hpe.com/hpsc/swd/public/detail?swItemId=MTX_6d17d71d391d43a1b9482e51ed#tab3

I hope that it is much clearer now.

 

Best Regards,

 

Ionut Daniel Mosoiu

0 Likes
Contributor.. joe.ngo@hpe.com Contributor..
Contributor..

Re: ESM 6.11 Patch 2 is now available!

Thanks IIonut Daniel Mosoiu on appliance ugprade to patch 2..  So with customers with software  ESM 6.11 patch 1 on RHEL 7.3 , they would need to apply esm_osupgrade_rhel73_20180306104731.tar.gz first before upgrading to patch 2?

-JN

0 Likes
Knowledge Partner
Knowledge Partner

Re: ESM 6.11 Patch 2 is now available!

Hi Joe,

Normally installing the Patch 2 of ESM should not be affected by the upgrade of OS and how it is going first. But in general it is recommended to apply the OS upgrade first and then the Patch for ESM.

Once again.

Patch 2 – fixing the ESM part;

OS upgrade and firmware-system-p70-2018.01.22-1.1.i386.rpm – fixing the Spectre and Meltdown issue since those are fixed on OS and BIOS server level.

For clarifications please read the document “ESM_ReleaseNotes6_11_0P2.pdf” .If you don’t have the document then you can download it from the following link: https://community.softwaregrp.com/t5/ESM-and-ESM-Express/ArcSight-ESM-Release-Notes-6-11-0-P2/ta-p/1647165

Best Regards,

 

Daniel

0 Likes
Contributor.. joe.ngo@hpe.com Contributor..
Contributor..

Re: ESM 6.11 Patch 2 is now available!

Thank you so much Daniel.

Joe

0 Likes
Valued Contributor.. Heiha9 Valued Contributor..
Valued Contributor..

Re: ESM 6.11 Patch 2 is now available!

The release notes for ESM 6.11 Patch 2 contain the following section:

"Important Prerequisite: Must Have Spectre and Meltdown Patches Applied
As a prerequisite to installing ESM 6.11.0 Patch 2, you must have the patches for the Spectre and
Meltdown vulnerabilities applied to your operating system."

 

Does this apply to appliances only to make sure the appliance as a whole is protected against Spectre and Meltdown? Or is there any functional impact on ESM if the underlying OS (customer-provided, not an appliance) is not patched yet?


 Regards,
Heiko

0 Likes
Knowledge Partner
Knowledge Partner

Re: ESM 6.11 Patch 2 is now available!

Hello Heiko,

 

we test the installation of ESM 6.11 Patch 2 in both situations with or without OS patching and to be honest we did not notice any discrepancy in ESM functionality. Let say that ESM 6.11 Patch 2 it is much more related to the ESM in self and fixing bugs that address the application.

If you what to not be affected by Specter and Meltdown that for sure you should update your OS even if we are spoking about RHEL 6.x or RHEL 7.x.  Now depend on what type of installation of ESM, you have appliance or software, you will upgrade your OS using Micro Focus OS patch or you will install the patch offered by OS producer with your OS administrator help.

I hope that now it is much more clear for you.

all the best,

Daniel

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.