AIX

AIX

Connect with fellow AIX users and experts to gain knowledge, share insights, and solve problems.


#Power
 View Only
Back to discussions
Expand all | Collapse all

ptrace vulnerability fix CVE-2014-0930 not installing

  • 1.  ptrace vulnerability fix CVE-2014-0930 not installing

    Posted Thu May 22, 2014 01:43 PM

    Originally posted by: AjinPC


    Hi,

     

    I downloaded the fix as per the link mentioned in the advisory page: http://aix.software.ibm.com/aix/efixes/security/ptrace_advisory.asc

    But none of the fix seems to be installing for me. The prerequisite check is failing on all of them. From the advisory page, I gathered that the fix I should be installing is IV58861s4a.140422.epkg.Z , but I get the following error. Notice the Minimum and Maximum level, its both the same! And this is true for all the interim fixes.

     

    # emgr -e IV58861s4a.140422.epkg.Z -p
    *******************************************************************************
    EFIX MANAGER PREVIEW START
    *******************************************************************************
     
    +-----------------------------------------------------------------------------+
    Efix Manager Initialization
    +-----------------------------------------------------------------------------+
    Initializing log /var/adm/ras/emgr.log ...
    Efix package file is: /home/Ajin/CVE-2014-0930_oval_com.hp.temp.oval_def_201405051021_aix61/ptrace_ifix/IV58861s4a.140422.epkg.Z
    MD5 generating command is /usr/bin/csum
    MD5 checksum is cd7bdfd74154c0a8e153b06973c2cb0e
    Accessing efix metadata ...
    Processing efix label "IV58861s4a" ...
    Verifying efix control file ...
     
    +-----------------------------------------------------------------------------+
    Installp Prerequisite Verification
    +-----------------------------------------------------------------------------+
    Verifying prerequisite file ...
    Checking prerequisites ...
    /usr/sbin/rpm_share[470]: /usr/opt/freeware/bin/rpm:  not found
     
    Prerequisite Number: 1
       Fileset: bos.mp64
       Minimal Level: 7.1.2.17
       Maximum Level: 7.1.2.17
       Actual Level: 7.1.2.15
       Type: PREREQ
       Requisite Met: no
     
    emgr: 0645-050 Prerequisite number 1 did not pass all checks. Please see
    details above.
     
    emgr: 0645-035 Efix package did not pass all preview checks.
     
    *******************************************************************************
    EFIX MANAGER PREVIEW END
    *******************************************************************************
     
    +-----------------------------------------------------------------------------+
    Operation Summary
    +-----------------------------------------------------------------------------+
    Log file is /var/adm/ras/emgr.log
     
    EPKG NUMBER       LABEL               OPERATION              RESULT
    ===========       ==============      =================      ==============
    1                 IV58861s4a          INSTALL PREVIEW        FAILURE
     
    Return Status: FAILURE
     

    #AIX-Forum


  • 2.  Re: ptrace vulnerability fix CVE-2014-0930 not installing

    Posted Thu May 22, 2014 09:15 PM

    Originally posted by: YannickBergeron


    you seems to be on AIX 7.1 TL2 SP2

    The ifix seems to have been built only for AIX 7.1 TL2 SP4.

    You'll need to update to SP4 first I guess


    #AIX-Forum


Related Content