Latest Cumulative Patches for Download

The latest Cumulative Patches for the Virtual Appliance and the components (Identity Manager, Identity Governance, Identity Portal) that are deployed on the Virtual Appliance are listed in this document.
cislp142
The latest Cumulative Patches for the Virtual Appliance and the components (Identity Manager, Identity Governance, Identity Portal) that are deployed on the Virtual Appliance are listed in this document.
Apply a Cumulative Patch
  • We recommend that you apply the latest Cumulative Patches on all the nodes in the Virtual Appliance deployment.
  • Ensure that the Primary node and the Disaster Recovery nodes are deployed with the same Cumulative Patch level.
    This applies even if the component (for example, Identity Manager) is not actively being used on a specific node. This is required for compatibility between nodes, and to ensure that any common code and underlying archives are updated across all nodes.
Each Cumulative Patch is provided in an encrypted compressed tarball format (tar.gz). The utility (patch_vapp) that is available on the appliance will automatically apply the patch when run.
To apply a Cumulative Patch, follow these steps:
  1. Copy the Cumulative Patch file into the Virtual Appliance using SCP software.
    SCP is available by default on the Mac/Linux systems. You can download WinSCP for the Windows platform.
    For example, the command to copy the patch from a Mac/Linux system into the Virtual Appliance is:
    scp CP_VA_140200_0003.tar.gz.gpg [email protected]:
  2. SSH into the Virtual Appliance.
    For example:
    Compare the cumulative patch MD5 file checksum with the checksum documented in the cumulative patch tables for each component in the following sections.
    Run "
    md5sum <Cumulative Patch>
    ".
    For example:
    md5sum CP_VA_140200_0003.tar.gpg
  3. Apply the cumulative patch:
    Run "
    patch_vapp <Cumulative Patch>
    ".
    For example:
    patch_vapp CP_VA_140200_0003.tar.gpg
  4. (optional - Rollback):
    If there is a need to rollback a Cumulative Patch after it has been applied, log in via SSH/CLI into the Virtual Appliance as shown in Step 2 and run "
    rollback_vapp
    "
  5. If the external database in use is Oracle, ensure that you reboot the machine after the patch is applied successfully.
When using Virtual Appliance, patch and rollback commands should be executed within a "screen" session (that is, run "screen" and then run the required patch/rollback command).
Latest Virtual Appliance Cumulative Patch
This section includes any patches for the Virtual Appliance Infrastructure or Embedded Database as identified in the Component column.
Patch Number
CP-VA-140200-0003.tar.gpg
The patch disables the AJP Listener. After applying the patch, you must renable the AJP Listener if it was already enabled in your previous deployment.
MD5 Checksum
4ca79be8d0d0f6b4c62c27be9fcb8fc6
Component
Virtual Appliance infrastructure
Published On
3 May 2021
Applies To
14.2 GA, 14.2 CPx
Deployment Instructions
Follow the deployment instructions mentioned in the section - Applying a Cumulative Patch.
Enhancements and Defects Fixed
Latest Operating System Security Cumulative Patch
The Operating System security patch is applicable to ESX installations. To apply security patch on the Virtual Appliance AWS installation, use the
updateManager
command. Ensure that you take a snapshot of the machine before running the updateManager or before you apply the security patch.
Patch Number
CP-OS-140200-Latest
MD5 Checksum
bd2e3d50a1cfd1924990d8fb1a71612f
Published On
16 July 2020
Applies To
14.2 GA
Deployment Instructions
Follow the deployment instructions mentioned in the section - Applying a Cumulative Patch.
Addressed Vulnerabilities
Latest Identity Portal Cumulative Patch
Patch Number
MD5 Checksum
13b32580073e6d19e4b017a3d35d126e
Published On
April 2021
Applies To
14.2 GA, 14.2 CPx
Deployment Instructions
Follow the deployment instructions mentioned in the section - Applying a Cumulative Patch.
The non-Virtual Appliance patches for Identity Portal can be downloaded from Identity Portal Cumulative Patch.
Note 1:
Identity Portal 14.2 CP3 is compatible with Identity Manager 14.2 CP6 and Identity Governance 14.2 CP4.
Note 2:
From Identity Manager 14.2 CP4 onwards, the following misspelled attributes
  • LAST_MODIFED_DATE
  • BUSINEES_UNIT
  • NAME_SUFFFIX
are replaced with the following correct attributes
  • LAST_MODIFIED_DATE
  • BUSINESS_UNIT
  • NAME_SUFFIX
After applying the latest Identity Manager cumulative patch, ensure that you reconfigure the misspelled attributes with the correct ones in all the
Forms
where these attributes are used.
Enhancements
Defects Fixed
Latest Identity Manager Server Cumulative Patch
This section includes any patches for the Identity Manager Server, User Store, Provisioning Server, or Connector Server as identified in the Component column.
Note:
You can install Virtual Appliance external tools with 2 different installers:
  • Individual Installer, whose default installation location is same as Identity Manager.
  • Master Installer, whose installation location varies.
Depending on the installer type, the path to copy the files in the Cumulative Patches vary, so apply the patch accordingly.
Patch Number
MD5 Checksum
1334c6e4fcdd35e48b7acc1fb32ceb3f
Published On
3 May 2021
Applies To
14.2 GA, 14.2 CPx
Deployment Instructions
Follow the deployment instructions mentioned in the section - Applying a Cumulative Patch.
The non-Virtual Appliance patches for Identity Manager can be downloaded from Identity Manager Cumulative Patch.
Important!
Ensure that you upgrade the Remote Connector (C++) Server to the latest version by following the given steps:
  1. Log in to the Virtual Appliance.
  2. Select
    External Tools
    by clicking the Hamburger (three horizontal lines) icon available on the upper left corner of the menu bar.
  3. Download the Connector Server by following the instructions that are provided under the
    Remote Connector Server (for Windows OS)
    section.
  4. Next, upgrade the Remote Connector (C++) Server to the latest version.
Note:
Starting from Identity Manager CP4, the following misspelled attributes
  • LAST_MODIFED_DATE
  • BUSINEES_UNIT
  • NAME_SUFFFIX
are replaced with the following correct attributes
  • LAST_MODIFIED_DATE
  • BUSINESS_UNIT
  • NAME_SUFFIX
After applying the patch, ensure that you replace the misspelled well-known attributes with the correct ones in the
Provisioning Store Directory,
User Store Directory,
Environment Settings
and
Role Definitions XML files
and import the files back to environment.
Enhancements
Defects Fixed
Latest Identity Governance Cumulative Patch
Patch Number
CP-IGV-140200-0004.tgz.gpg
Identity Governance 14.2 CP4 cannot be rolled back as it contains database upgrades.
MD5 Checksum
ab4a7176014fe00040421ee9a6afd638
Published On
3 May 2021
Applies To
14.2 GA, 14.2 CPx
Deployment Instructions
Follow the deployment instructions that are mentioned in the section Applying a Cumulative Patch.
The non-Virtual Appliance patches for Identity Governance can be downloaded from Identity Governance Cumulative Patch.
Important!
Identity Governance 14.2 CP4 updates the database schema. After applying the Cumulative Patch, run the database scripts as the same user that was used while installing the product as given below.
  • Oracle
    1. Run on the SDB database.
    2. Run on the gvmdatawarehouse(reporting) database.
    3. Run the stored procedure in the file on your WPDS (workpoint) database.
    4. Run the below commands to create Properties and Certificates tables on eurekify_sdb database.
      CREATE TABLE Properties ( PropertyCategory NVARCHAR2(128) NOT NULL , PropertyName NVARCHAR2(256) NOT NULL , PropertyValue NVARCHAR2(256) NULL ); ALTER TABLE Properties ADD CONSTRAINT PK_Properties PRIMARY KEY (PropertyCategory, PropertyName); CREATE TABLE Certificates ( CertificateId INTEGER NOT NULL , Name NVARCHAR2(256) NOT NULL , Alias NVARCHAR2(256) NOT NULL , PrivateKey BLOB NULL, X509Certificate BLOB NOT NULL , CertType NVARCHAR2(256) NOT NULL , CreationDate DATE NOT NULL ); ALTER TABLE Certificates ADD CONSTRAINT PK_Certificates PRIMARY KEY (CertificateId); ALTER TABLE Certificates ADD CONSTRAINT U_Certificates UNIQUE (Alias); CREATE SEQUENCE SEQ_CertificateId START WITH 1 INCREMENT BY 1 NOMAXVALUE; CREATE TRIGGER TRG_CertificateId BEFORE INSERT ON Certificates FOR EACH ROW BEGIN SELECT SEQ_CertificateId.NEXTVAL INTO :NEW.CertificateId FROM DUAL; END;
    5. Post the successfully execution of the scripts, execute the following ALTER statement alone:
      ALTER TRIGGER TRG_CertificateId ENABLE;
  • SQL Server
    1. Run on the SDB database.
    2. Run on the gvmdatawarehouse(reporting) database.
Enhancements
Defects Fixed
Previous Cumulative Patches
For old cumulative patches, refer to Previous Cumulative Patches.