<> Trend Micro Incorporated August 21st, 2024 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) ServerProtect For Linux 3.0 - Service Pack 1_Patch9 English - Linux - 32-bit / 64-bit Critical Patch - Build 1706 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ================================================================ 1. Overview of This Critical Patch Release 1.1. Issues 1.2. Files Included in This Release 2. Documentation Set 3. System Requirements 4. Installation 4.1. Installing 4.2. Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement ================================================================ 1. Overview of This Critical Patch Release ======================================================================== 1.1. Issues ==================================================================== This Critical Patch resolves the following issue(s): Issue 1: The Apache module is affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix updates the Apache module to resolve the vulnerability. 1.2. Files Included in This Release ==================================================================== A. Files for Current Issues ------------------------------------------------------------------- Filename Build Number ---------------------------------------------------------------- For 32-bit ServerProtect: libapr-1.so.0.1.1 5.0.0.2614-RH9 libcares.so.2 5.0.0.2614-RH9 libcrypto.so.1.1 5.0.0.2614-RH9 libProductLibrary.so 5.0.0.2614-RH9 libssl.so.1.1 5.0.0.2614-RH9 libEn_Utility.so.1.0.0 5.0.0.2614-RH9 libSSO_PKIHelper.so.1.0.0 5.0.0.2614-RH9 libTrendAprWrapper.so.1.0.0 5.0.0.2614-RH9 libcurl.so.4.7.0 5.0.0.2614-RH9 cgiCmdNotify 5.0.0.2614-RH9 AuPatch 2.86.4043 cert5.db 2.86.4043 libpatch.so 2.86.4043 libtmactupdate.so 2.86.4043 x500.db 2.86.4043 expapply64.so 2.86.4043 libTMNotifymt.so.1 3.0.1706 splxhttpd 3.0.1706 libaprutil-1.so.0.6.3 1.6.3 libexpat.so.1.8.10 2.5.0 libapr-1.so.0.7.3 1.7.3 For 64-bit ServerProtect: libapr-1.so.0.6.5 5.0.0.2614 libcares.so.2 5.0.0.2614 libcrypto.so.3 5.0.0.2614 libProductLibrary.so 5.0.0.2614 libssl.so.3 5.0.0.2614 libEn_Utility.so.1.0.0 5.0.0.2614 libSSO_PKIHelper.so.1.0.0 5.0.0.2614 libTrendAprWrapper.so.1.0.0 5.0.0.2614 libcurl.so.4.8.0 5.0.0.2614 cgiCmdNotify 5.0.0.2614 AuPatch 2.86.4043 cert5.db 2.86.4043 libpatch.so 2.86.4043 libtmactupdate.so 2.86.4043 x500.db 2.86.4043 expapply64.so 2.86.4043 libTMNotifymt.so.1 3.0.1706 splxhttpd 3.0.1706 libaprutil-1.so.0.6.3 1.6.3 libexpat.so.1.8.10 2.5.0 libapr-1.so.0.7.3 1.7.3 B. Files for Previous Issues ------------------------------------------------------------------- Filename Build Number ---------------------------------------------------------------- For 32-bit ServerProtect: tmcm_sso.cgi 3.0.1706 srv_admin.cgi 3.0.1706 notification.cgi 3.0.1706 cmoption.cgi 3.0.1706 showpage.cgi 3.0.1706 viewlog.cgi 3.0.1706 summary.cgi 3.0.1706 login_and_register.cgi 3.0.1706 log_management.cgi 3.0.1706 scanoption_set.cgi 3.0.1706 proption.cgi 3.0.1706 scanoption.cgi 3.0.1706 libsplxcommon.so 3.0.1706 vsapiapp 3.0.1706 splx_manual_scan 3.0.1706 entity 3.0.1706 virus_type_finder 3.0.1706 SetTMDefaultExt 3.0.1706 splxmain 3.0.1706 splx_schedule_scan 3.0.1706 DiagnosticTool 3.0.1706 EncryptAgentPassword 3.0.1706 TMBIF 3.0.1706 CMconfig 3.0.1706 For 64-bit ServerProtect: splxcore cmoption.cgi 3.0.1706 login_and_register.cgi 3.0.1706 log_management.cgi 3.0.1706 notification.cgi 3.0.1706 proption.cgi 3.0.1706 scanoption.cgi 3.0.1706 showpage.cgi 3.0.1706 srv_admin.cgi 3.0.1706 summary.cgi 3.0.1706 tmcm_sso.cgi 3.0.1706 viewlog.cgi 3.0.1706 scanoption_set.cgi 3.0.1706 libsplxcommon.so 3.0.1706 CMconfig 3.0.1706 DiagnosticTool 3.0.1706 EncryptAgentPassword 3.0.1706 TMBIF 3.0.1706 entity 3.0.1706 SetTMDefaultExt 3.0.1706 splxmain 3.0.1706 splx_manual_scan 3.0.1706 splx_schedule_scan 3.0.1706 virus_type_finder 3.0.1706 vsapiapp 3.0.1706 2. Documentation Set ======================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining the product. To access the Online Help, go to http://docs.trendmicro.com - Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying the product. - Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining the product. - Getting Started Guide (GSG): The Getting Started Guide contains product overview, installation planning, installation and configuration instructions, and basic information intended to get the product 'up and running'. - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. - To access the Support Portal, go to http://success.trendmicro.com 3. System Requirements ======================================================================== 1. Trend Micro ServerProtect For Linux 3.0 SP1_Patch9 Build 1657 - English - Linux - x32-x64 4. Installation ======================================================================== This section explains key steps for installing the Critical Patch. 4.1. Installing ==================================================================== To install: 1. Log on as a root user. 2. Upload and copy the hotfix file to a working directory (for example, "/home/workdir"). 3. Run the following command to extract the hotfix files from the "tar.gz" file: # tar zxvf splx_30_lx_en_criticalpatch_b1706.tar.gz 4. Go to the hotfix directory and run the following command: #./install.sh 4.2. Uninstalling ==================================================================== To roll back to the previous build: 1. Log on as a root user. 2. Go to the hotfix directory and run the following command: #./rollback.sh All current files are replaced with the backup files generated during installation. 3. Clear the cookies from the web browser. NOTE: You can roll back ServerProtect only to the last build. Rollback to any other previous build is not supported. 5. Post-installation Configuration ======================================================================== No post-installation steps are required. 6. Known Issues ======================================================================== There are no known issues for this Critical Patch release. 7. Release History ======================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download Prior Hotfixes ==================================================================== Only this Critical Patch was tested for this release. Prior hotfixes were tested at the time of their release. [Hotfix 1705] Issue 1: The Apache module is affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix updates the Apache module to resolve the vulnerability. Issue 2: The manual scan cannot be stopped. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix fixes the issue. [Hotfix 1699] Issue 1: The OpenSSL(TM) module was affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix updates the OpenSSL module to resolve the vulnerability. [Hotfix 1694] Issue 1: The Exclusion List did not synchronize changes properly after the Quarantine or Backup directory was updated. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix resolves this issue. Enhancement 1: This hotfix adds Kernel Hook Module (KHM) support for the following platform: SUSE Linux Enterprise Desktop 15 Service Pack 4 [Hotfix 1688] Issue 1: The Apache(TM) module is affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix updates the Apache module to resolve the vulnerability. Issue 2: The OpenSSL(TM) module is affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix updates the OpenSSL module to resolve the vulnerability. Issue 3: The expat(TM) module is affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hotfix updates the expat module to resolve the vulnerability. Issue 4: Incorrect CMAgent version number showed in the CMAgent debug log on the 32-bit OS platform. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This hotfix resolves the issue. Issue 5: Some customers reported that an "Internal Server Error" occurred when they chose Real-time Scan, Scheduled Scan, or Manual Scan under "Scan Options" of the management console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This hotfix resolves the issue. Issue 6: In some customer environments, SPLX was displayed as "Not registered" on the management console although it has been registered to Apex Central successfully. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This hotfix resolves the issue. Issue 7: In some customer environments, CPU usage spikes many times within a short period of time. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: This hotfix resolves the issue by adding "*imjournal" to "RealtimeExcludeCommand" of the"tmsplx.xml" file. Issue 8: If SPLX was registered to Apex Central from RHEL 7 or later versions, the "Language" field under "Operating System" displayed as "Unknown language" on the Apex Central web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: This hotfix resolves the issue. [Hotfix 1676] Issue 1: The OpenSSL module is affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix updates the OpenSSL module to resolve the vulnerability. Issue 2: If ServerProtect for Linux registers to Trend Micro Control Manager(TM) after Patch 9 is installed, the status changes from "registered" to "unregistered" after Patch 9 is uninstalled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix resolves this issue. Issue 3: In the Alert Settings, the character limit to both the "Subject" and "Message" fields is 255 UTF-8 byte characters. In the Japanese version of the console, the "Subject" fields allow users to input more than 255 UTF-8 byte characters . ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix ensures that the "Subject" field in the Japanese version of the console allows up to 255 UTF-8 byte characters. Issue 4: Duplicate Entity ID's display for ServerProtect for Linux on the Trend Micro Apex Central(TM) console, when ServerProtect registers to Apex Central. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Hotfix resolves this issue. Enhancement 1: This Hotfix ensures that the correct build number for Control Manager and Trend Micro Apex Central(TM) appears after users apply a hotfix. 8. Contact Information ======================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. https://www.trendmicro.com/en_us/contact.html NOTE: This information is subject to change without notice. 9. About Trend Micro ======================================================================== Smart, simple, security that fits. As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2024, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, OfficeScan, Trend Micro Security (for Mac), Control Manager, Trend Micro Apex One, and Trend Micro Apex Central are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other product or company names may be trademarks or registered trademarks of their owners. 10. License Agreement ======================================================================== View information about your license agreement with Trend Micro at: https://www.trendmicro.com/en_us/about/legal.html Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide