- Community Home
- >
- Storage
- >
- Midrange and Enterprise Storage
- >
- HPE 3PAR StoreServ Storage
- >
- SSMC and log4j vulnerability
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-22-2021 06:36 PM
12-22-2021 06:36 PM
Re: SSMC and log4j vulnerability
@GregMoss Why are you upgrading to 2.6 or 2.7? Try from 3.8.x to 3.8.2.1
-Srinivas Bhat
I am an HPE Employee
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-22-2021 07:26 PM
12-22-2021 07:26 PM
Re: SSMC and log4j vulnerability
"3.6 to 3.812 Fails, 2.6 to 3.80 Fails, 2,6 to 2,7 Fails. " was a mistype. Should read "3.6 to 3.812 Fails, 2.6 to 3.80 Fails, 3.6 to 3.7 Fails. ADDING 3.6 to 3.8 Fails AND 3.6 to 3.8 Fails
SSH'ed in, pulled SSMC.log (2 days old, 22megs), filled with entries (simiar to) Below. I've attached logs to SR with HPE.
2021-12-23 13:36:03.476+1100 ERROR c.h.t.n.i.AlertsLocalizationUtil - Badly formatted introduced version: {"alertType":"EVT_FSVC_STATE_CHANGE","catalogKey":"archiving-event:archiving.cmd.failedvalidation-file-store","customerCorrectiveAction":"An event occurred that requires attention. Contact your authorized service provider for assistance.","forService":false,"introducedVersion":"3.3.1.MU1.P07","messageCode":7208961,"serviceCorrectiveAction":"An event occurred that requires attention. Contact your authorized service provider.","stateText":"FAILED","tier":"general","typeDescription":"File Services state change"}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-23-2021 12:40 PM
12-23-2021 12:40 PM
Re: SSMC and log4j vulnerability
I had no issues upgrading though I always keep fairly up to date and only had to go up one version.
For those having issues though - why not just spin up a fresh install of the latest version? Seems it would be way faster and less hassle. You can always keep the old one around (and offline so not vulnerable) and not delete till ready. Just a thought.
Happy holidays all
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-24-2021 07:41 AM
12-24-2021 07:41 AM
Re: SSMC and log4j vulnerability
Well, we definitely thought about that you can be sure
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-26-2021 07:12 AM
12-26-2021 07:12 AM
Re: SSMC and log4j vulnerability
Try: 3.3 -> 3.6 -> 3.8 -> 3.8.x.x (latest)
Or deploy a new SSMC, then shutdown the old SSMC when convenient
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-03-2022 11:39 PM - last edited on 06-29-2022 04:38 AM by Sunitha_Mod
01-03-2022 11:39 PM - last edited on 06-29-2022 04:38 AM by Sunitha_Mod
Re: SSMC and log4j vulnerability
Hello @BBARBAROS,
If you can check the SSMC upgrade activity logs, are you finding this error? '/var/lib/dpkg/lock was found to be acquired'
If yes, some other process may be running simultaneously that is stopping the SSMC new version to acquire lock to the directory /var/lib/dpkg/
You may wait for the other process to complete and then proceed with upgrading SSMC.
Or identify, terminate/stop the other process and then proceed.
Regards,
Srinivas Bhat
If you feel this was helpful please click the KUDOS! thumb below!
Note: All of my comments are my own and are not any official representation of HPE.
I am an HPE Employee
- « Previous
- Next »