Trying the smitty. We do zero development in AIX. Basically it's there solely to run IBM Storage Protect. Only. I'm guessing I don't need
- docs
- jclsource
- samples
I do need
- Java8_64.jre
- Java8_64.sdk
smitty install_all
Input device / directory for software: ./
SOFTWARE to install: Esc+4 to list
Use Esc+7 to pick: Java8_64.jre, Java8_64.sdk
PREVIEW only? You might want to say yes the first time.
...
ACCEPT new license agreements? yes
...
Enter
lslpp -L | grep -i java
> lslpp -L | grep -i java
Java6.sdk 6.0.0.655 C F Java SDK 32-bit
Java7_64.jre 7.0.0.715 C F Java SDK 64-bit Java Runtime
Java7_64.sdk 7.0.0.715 C F Java SDK 64-bit Development
Java8_64.jre 8.0.0.825 C F Java SDK 64-bit Java Runtime
Java8_64.sdk 8.0.0.825 C F Java SDK 64-bit Development
3.3.2.0 C F RSCT GUI JAVA Msgs - U.S.
3.3.2.0 C F RSCT RMC JAVA Msgs - U.S.
------------------------------
Robert Berendt IBMChampion
------------------------------
Original Message:
Sent: Wed June 26, 2024 02:34 PM
From: Alexander Pettitt
Subject: Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX
Yes you will need to gunzip and untar each file as per the instructions.
# gunzip -c < TAR_GZ_FILE | tar -xvf -
------------------------------
Alexander Pettitt
Original Message:
Sent: Wed June 26, 2024 09:18 AM
From: Robert Berendt
Subject: Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX
So I looked at both your example, and the IBM support page.
I'm now at the following:
lslpp -L | grep -i java
cd /tmp
mkdir -p /tmp/java_install
cd /tmp/java_install
sftp redacted@delivery04-bld.dhe.ibm.com
ls
mget *
quit
ls *.gz
IJ50978.tar.gz
pap6480sr8fp25-20240328_01-sdk.tar.gz
java8_64_installp_8.0.0.825.tar.gz
Do I expand all three of those tar files and install all the resulting files?
------------------------------
Robert Berendt IBMChampion
Original Message:
Sent: Tue June 25, 2024 04:36 PM
From: Alexander Pettitt
Subject: Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX
I agree that it is a miss that JAVA updates don't have the install commands.
smit install is your friend :)
Try it as a preview first and then actually install. Note ACCEPT license does not default to yes.
Update Installed Software to Latest Level (Update All)
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[TOP] [Entry Fields]
* INPUT device / directory for software /images/java8.825
* SOFTWARE to update _update_all
PREVIEW only? (update operation will NOT occur) yes +
COMMIT software updates? yes +
SAVE replaced files? no +
AUTOMATICALLY install requisite software? yes +
EXTEND file systems if space needed? yes +
VERIFY install and check file sizes? no +
DETAILED output? no +
Process multiple volumes? yes +
ACCEPT new license agreements? yes +
PREVIEW new LICENSE agreements? no +
------------------------------
Alexander Pettitt
Original Message:
Sent: Tue June 25, 2024 02:45 PM
From: Robert Berendt
Subject: Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX
Most AIX patches are somewhat straightforward. Check to see if you're vulnerable. If so, download it, unzip it, and apply the patch (and they give the whole installp command).
Java is different. Check to see if you're vulnerable. If so, download it but they give no instructions on how to install it. Sure the readme has an IBM link but that link is not direct. So, how do I install the fix outlined at: https://www.ibm.com/support/pages/node/7158591
Yes, the lslpp shows that I am running a 64bit so I clicked on that. I got to Fix Central and downloaded the series of files.
Now what?
------------------------------
Robert Berendt IBMChampion
------------------------------