Filr 3.0 Security Update 3
This document (7022568) is provided subject to the disclaimer at the end of this document.
This update is intended to address the issues outlined in the following TID:
- TID 7022541 - Meltdown and Spectre vulnerabilities in Filr (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)
This update can be applied to a Filr site that is currently on any one of the following versions:
Micro Focus Filr Appliance version: 3.3
Micro Focus Filr Appliance version: 3.2.2
Micro Focus Filr Appliance version: 3.2.1
Micro Focus Filr Appliance version: 3.2
Micro Focus Filr Appliance version: 3.1.1
Micro Focus Filr Appliance version: 3.1
Micro Focus Filr Appliance version: 184.108.40.206 (equivalent of Filr 3.0 - Security Update 1)
Micro Focus Filr Appliance version: 220.127.116.11
Micro Focus Filr Search Appliance version: 3.3
Micro Focus Filr Search Appliance version: 3.2.1
Micro Focus Filr Search Appliance version: 18.104.22.168 (equivalent of Filr 3.0 - Security Update 1)
Micro Focus Filr Search Appliance version: 22.214.171.124
Micro Focus Filr MySQL Appliance version: 3.3
Micro Focus Filr MySQL Appliance version: 3.2.1
Micro Focus Filr MySQL Appliance version: 3.2
Micro Focus Filr MySQL Appliance version: 126.96.36.199 (equivalent of Filr 3.0 - Security Update 1)
Micro Focus Filr MySQL Appliance version: 188.8.131.52
- This update is provided via the Filr Online Update channel accessible via the Filr Appliance Configuration console (port 9443).
- This update is required on the Filr, Filr Search and Filr MySQL appliance(s) in your deployment.
- A reboot is required after applying this update.
- The updates may take up to 20 minutes to complete depending on the number of updates being applied. For example, if you are updating from Filr 3.0 all the way to Security Update 3, it may take up to 20 minutes for the update progress bar to complete. We recommend that you wait for the progress bar to complete and not disrupt the update process.
- Recommended: Stop Filr service and update the Filr MySQL and Filr Search appliances first before updating the Filr appliance(s).
- An equivlent patch for Filr 2.0 is available via the Micro Focus Patch Finder under Filr 2.0.
This update is provided via the Filr Online Update Channel. Please follow these steps on all Filr, Filr Search and Filr MySQL appliance(s) in your Filr deployment:
- Stop the Filr service on all Filr nodes and repeat Steps 2-7 in the following order: MySQL appliance first, then Search appliance(s) and Filr appliance(s) last.
- Login to the Filr Appliance Config (https://hostname:9443) as 'vaadmin' and select the Online Update icon.
to the 'Needed Patches' in the patches download until you see the 'Filr
3.0 Security Update 3' patch update and then click 'Update Now' button.
In the 'Update Now' pop-up, select:
All Needed Patches: If you want to install all available updates
Security patches only: If you want to install the Security Updates only
Also select both of the following options:
a. Automatically agree with all license agreements
b. Automatically install all interactive patches
- Hit OK to apply the update.
- Toggle to the 'Installed Patches' in the patches download and verify the 'Filr 3.0 Security Update 3' patch update is shown as Installed.
- Reboot the appliance.
- If SSH is not running, login to the Filr/Search/MySQL Appliance Config (https://hostname:9443) and Start SSH from System Services.
a SSH client such as putty, connect to the appliance and run this
command to verify that the kernel version matches 3.0.101-108.21.1:
rpm -qa kernel*
the patch is installed, the appliance version remains unchanged. For
example, if you applied this update on a Filr 3.3 system, it would
remain at 3.3 even after this update is applied.
This is a known issue and can be ignored as long as you can see 'Filr 3 Security Update 3' under 'Installed Patches'.
update progress bar shows progress but patch update never completes.
This usually happens if the two options (shown in Steps 4a/4b above) are
To fix this problem, please cancel out of the update page and try installing the update again with the two options selected.
- It's been 20 minutes and the update progress bar is still spinning. Is it stuck?
As noted in the Important Notes above, it may take up to 20 minutes for all updates to be applied depending on how many updates need to be applied. We recommend that you wait for the progress bar to complete and not disrupt the update process for at least 30 minutes before contacting Micro Focus Customer Care. If you have cancelled out of the browser, and updates are no longer showing under 'Needed patches', chances are that the updates are still being applied in the background and the activity should be logged in the /var/log/zypp/history file.
configuring a new Filr 3.0 system for Online Updates for the first time
using "SMT Server" or with a "Proxy Server", the registration may fail
if the Filr server is in a private network.
To fix this problem, please consult TID 7020906 for Proxy configuration and/or TID 7018759 for SMT configuration.
Technical Support Information:
If you need help or have questions about this patch, please contact Micro Focus Customer Care.
More information about Spectre and Meltdown vulnerabilities at:
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7022568
- Creation Date:18-JAN-18
- Modified Date:18-JAN-18
Did this document solve your problem? Provide Feedback