<> Trend Micro Incorporated February 4, 2021 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) ServerProtect(TM) for Linux(TM) 3.0 Critical Patch - Build 1635 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ========================================================== 1. Overview of This Critical Patch Release 1.1 Issues 1.2 Files Included in This Release 2. Documentation Set 3. System Requirements 4. Installation 4.1 Installing 4.2 Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement ========================================================== 1. Overview of This Critical Patch Release ====================================================================== 1.1 Issues =================================================================== This critical patch resolves the following issues: Issue 1: The Active Update (AU) module is affected by certain vulnerabilities. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This critical patch updates the Active Update module to remove these vulnerabilities. Issue 2: A large number of retry messages are logged in the system log when ServerProtect cannot read the "tmsplx.xml" file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This critical patch reduces the retry frequency and the error logs for when ServerProtect cannot read the "tmsplx.xml" file. 1.2 Files Included in This Release =================================================================== A. Files for Current Issues ------------------------------------------------------------------- Filename Build Number ---------------------------------------------------------------- For 32-bit ServerProtect: AuPatch 2.86.0.4003 cert5.db 2.86.0.4003 expapply.so 2.86.0.4003 libciuas32.so 2.86.0.4003 liblwtpciu32.so 2.86.0.4003 libpatch.so 2.86.0.4003 libtmactupdate.so 2.86.0.4003 x500.db 2.86.0.4003 vsapiapp 3.0.1635 libsplxcxml.so 3.0.1635 For 64-bit ServerProtect: AuPatch 2.86.0.4003 cert5.db 2.86.0.4003 expapply64.so 2.86.0.4003 libciuas64.so 2.86.0.4003 liblwtpciu.so 2.86.0.4003 libpatch.so 2.86.0.4003 libtmactupdate.so 2.86.0.4003 x500.db 2.86.0.4003 vsapiapp 3.0.1635 libsplxcxml.so 3.0.1635 B. Files for Previous Issues ------------------------------------------------------------------- Filename Build Number ---------------------------------------------------------------- For 32-bit ServerProtect: AuPatch 2.86.2051 cert5.db 2.86.2051 libaction.so 3.0.1635 libpatch.so 2.86.2051 libtmactupdate.so 2.86.2051 x500.db 2.86.2051 libcxmlapi.so 3.0.1635 libi18n.so.1 3.0.1635 libicui18n.so.18.1 3.0.1635 libicuuc.so.18.1 3.0.1635 liblogmgt.so.1 3.0.1635 liblogrdr.so.1 3.0.1635 liblogshr.so.1 3.0.1635 liblogwtr.so.1 3.0.1635 liblowlib.so.1 3.0.1635 libsplxcommon.so 3.0.1635 libsplxcxml.so 3.0.1635 libTMNotifymt.so.1 3.0.1635 libxerces-c1_7_0.so 3.0.1635 CMconfig 3.0.1635 DiagnosticTool 3.0.1635 EncryptAgentPassword 3.0.1635 splxcomp 3.0.1635 splxport 3.0.1635 TMBIF 3.0.1635 upcfg 3.0.1635 xmlvalidator 3.0.1635 entity 3.0.1635 SetTMDefaultExt 3.0.1635 splxmain 3.0.1635 splx_manual_scan 3.0.1635 splx_schedule_scan 3.0.1635 virus_type_finder 3.0.1635 vsapiapp 3.0.1635 cmoption.cgi 3.0.1635 login_and_register.cgi 3.0.1635 log_management.cgi 3.0.1635 notification.cgi 3.0.1635 proption.cgi 3.0.1635 scanoption.cgi 3.0.1635 scanoption_set.cgi 3.0.1635 showpage.cgi 3.0.1635 srv_admin.cgi 3.0.1635 summary.cgi 3.0.1635 tmcm_sso.cgi 3.0.1635 viewlog.cgi 3.0.1635 splx 3.0.1635 splxhttpd 3.0.1635 splxcore 3.0.1635 cgiCmdNotify 5.0.0.2364-RH9 libProductLibrary.so 5.0.0.2364-RH9 libEn_Utility.so.1.0.0 5.0.0.2364-RH9 libSSO_PKIHelper.so.1.0.0 5.0.0.2364-RH9 libTrendAprWrapper.so.1.0.0 5.0.0.2364-RH9 libapr-1.so.0.1.1 5.0.0.2364-RH9 libcrypto.so.1.0.0 5.0.0.2364-RH9 libcurl.so.4.4.0 5.0.0.2364-RH9 libssl.so.1.0.0 5.0.0.2364-RH9 libcares.so.2 5.0.0.2364-RH9 install.sh n/a rollback.sh n/a Patch.ini n/a For 64-bit ServerProtect: libtmprapi.so 1.2.1146 entity 3.0.1635 vsapiapp 3.0.1635 splxmain 3.0.1635 splx_manual_scan 3.0.1635 splx_schedule_scan 3.0.1635 log_management.cgi 3.0.1635 proption.cgi 3.0.1635 scanoption_set.cgi 3.0.1635 showpage.cgi 3.0.1635 tmcm_sso.cgi 3.0.1635 cmoption.cgi 3.0.1635 login_and_register.cgi 3.0.1635 scanoption.cgi 3.0.1635 srv_admin.cgi 3.0.1635 viewlog.cgi 3.0.1635 notification.cgi 3.0.1635 summary.cgi 3.0.1635 splx 3.0.1635 splxhttpd 3.0.1635 splxcore 3.0.1635 install.sh n/a rollback.sh n/a Patch.ini n/a 2. Documentation Set ====================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com In addition to this Readme file, the documentation set for this product includes the following: - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining ServerProtect. To access the Online Help, go to http://docs.trendmicro.com - Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying ServerProtect. - Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining ServerProtect. - Getting Started Guide (GSG): The Getting Started Guide contains product overview, installation planning, installation and configuration instructions, and basic information intended to get ServerProtect "up and running". - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. To access the Support Portal, go to http://esupport.trendmicro.com 3. System Requirements ====================================================================== Install this critical patch on computers protected by - ServerProtect for Linux 3.0 Patch 8 for Service Pack 1 - ServerProtect for Linux 3.0 GM package if installed on any of the following platforms: - CentOS(TM) 8.0 - Red Hat(TM) Enterprise Linux 8.0 - SUSE Enterprise Server 15 4. Installation ====================================================================== This section explains key steps for installing the critical patch. 4.1 Installing =================================================================== To install: 1. Log on as a root user. 2. For the following operating systems, install the 32-bit "libstdc++" package before installing this critical patch. - Red Hat Enterprise Linux 4 / 5 / 6 - CentOS 4 / 5 / 6 - SUSE Enterprise Server 10 / 11 3. For the following operating systems, install the 32-bit "compat-libstdc++-33-3.2.3" package before installing this critical patch. - Red Hat Enterprise Linux 4 / 5 / 6 - CentOS 4 / 5 / 6 4. Upload and copy the critical file to a working directory. For example, "/home/workdir." 5. Run the following command to extract the critical patch files from the "tar.gz" file. # tar zxvf splx_30_lx_en_criticalpatch1635.tar.gz 6. Go to the critical patch directory. Run the following command: #./install.sh 4.2 Uninstalling =================================================================== No uninstallation steps provided. NOTE: You cannot roll back this critical patch to any older build. 5. Post-Installation Configuration ====================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ====================================================================== There are no known issues for this critical patch release. 7. Release History ====================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download 8. Contact Information ====================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 9. About Trend Micro ====================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2021, Trend Micro Incorporated. All rights reserved. Trend Micro, ServerProtect, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreement ====================================================================== View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/ license-agreements Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide