14.4.1 Cumulative Hotfix 2

View information about Virtual Appliance 14.4.1 Cumulative Hotfix 2.
This topic covers the following sections:
Virtual Appliance Cumulative Hotfix 2 does not include a fix for the Apache Log4j issues. See Hotfixes for information about the upgrade patch to fix Apache Log4j Issues.

Deployment Instructions

Follow these instructions to deploy a cumulative hotfix:
  1. Download the cumulative hotfix from the support link. Support download links are provided in the succeeding sections on this page.
  2. Extract the downloaded cumulative hotfix. Each cumulative hotfix is provided in a compressed tarball format (tar.gz).
    • On Linux, use "tar -zxvf <filename>" to extract the compressed tarballs.
    • On Windows, extract the compressed tarballs.
  3. Copy the extracted files to the Virtual Appliance using SCP software. SCP is available by default on most Mac/Linux systems. You can download WinSCP for the Windows platform.
    The command to copy the hotfix from a Mac/Linux system to the Virtual Appliance is:
    scp CHF_<Component_Name>-14.4.1-<Date>-CHF002.tgz.gpg [email protected]:
    For example:
    scp CHF_IMS-14.4.1-20220204152054-CHF002.tgz.gpg [email protected]:
  4. SSH into the Virtual Appliance.
    For example:
  5. Generate the MD5 checksum for the hotfix and compare with the checksum that is documented in the succeeding sections on this page.
    md5sum <Cumulative Patch>
    For example:
    md5sum CHF_IMS-14.4.1-20220204152054-CHF002.tgz.gpg
  6. Apply the cumulative hotfix.
    patch_vapp <Cumulative Hotfix>
    For example:
    patch_vapp CHF_IMS-14.4.1-20220204152054-CHF002.tgz.gpg
  7. (Optional - Rollback): If there is a need to roll back a cumulative hotfix after it has been applied, log in via SSH/CLI into the Virtual Appliance as shown in Step 4 and run "
    rollback_vapp
    ".
  • The patch and rollback commands should be executed within a "tmux" session (that is, run "tmux" and then run the required patch/rollback command).
  • Hotfixes must be applied only after deploying services on a cluster node.

Virtual Appliance

Hotfix Number
Published On
28 April 2022
Applies To
14.4.1
MD5 Checksum
935B6A3006307B0DB0513994744D6B1C
Deployment Instructions
Follow the deployment instructions that are mentioned in Applying a Cumulative Patch.
Fixed Defects

Virtual Appliance - Identity Manager

Hotfix Number
CHF_IMV-14.4.1-CHF002.tar.gz
  • After applying Identity Manager 14.4.1 Cumulative Hotfix 2, ensure that you run the following command to deploy the latest Azure REST metadata in the Provisioning Directory.
    registerJavaConnectors
  • If you happen to roll back Identity Manager 14.4.1 Cumulative Hotfix 2, ensure that you revert the audit schema in the Identity Manager Audit database to version 14.2.0.0.0.
Published On
26 April 2022
Applies To
14.4.1
Files Bundled with the Hotfix
  • Identity Manager
    Server
    • CHF_IMS-14.4.1-20220422120924-CHF002.tgz.gpg
  • Provisioning Server
    • CHF_PS-14.4.1-20220426135859-CHF002.tgz.gpg
  • Connector Server (JCS)
    • CHF_CS-14.4.1-20220512130450-CHF002.tgz.gpg
MD5 Checksum
  • Identity Manager
    Server
    • f056517750813f37c58f934179c74dc3
  • Provisioning Server
    • d97cb29a46473a9b95369e6a106ce975
  • Connector Server (JCS)
    • c1517fef0ab02bcefc36f0110f150d6c
Deployment Instructions
Follow the deployment instructions that are mentioned in Applying a Cumulative Patch.
Fixed Defects

Virtual Appliance - Identity Governance

Hotfix Number
CHF_IGV-14.4.1-CHF002.tar.gz
Identity Governance 14.4.1 Cumulative Hotfix 2 has database schema changes. After applying Cumulative Hotfix, you must run the following commands on the databases that you are using in your deployment:
  • SQL Server
    • sdb database
      ALTER TABLE SingleConnectorParameters ALTER COLUMN Name NVARCHAR (768);
    • gvm_datawrehouse database
      ALTER TABLE I2_ALERT_WITH_ENTITIES_STG ALTER COLUMN ENTITY1_RES3 NVARCHAR (768); ALTER TABLE I2_ALERT_WITH_ENTITIES_STG ALTER COLUMN ENTITY2_RES3 NVARCHAR (768); ALTER TABLE I2_ALERT_WITH_ENTITIES_STG ALTER COLUMN ENTITY3_RES3 NVARCHAR (768); ALTER TABLE I2_ALERT_WITH_ENTITIES_STG ALTER COLUMN ENTITY4_RES3 NVARCHAR (768);
  • Oracle
    • sdb database
      ALTER TABLE SingleConnectorParameters MODIFY Name NVARCHAR2(768); Commit;
    • gvm_datawrehouse database
      ALTER TABLE I2_ALERT_WITH_ENTITIES_STG MODIFY ENTITY1_RES3 NVARCHAR2(768); ALTER TABLE I2_ALERT_WITH_ENTITIES_STG MODIFY ENTITY2_RES3 NVARCHAR2(768); ALTER TABLE I2_ALERT_WITH_ENTITIES_STG MODIFY ENTITY3_RES3 NVARCHAR2(768); ALTER TABLE I2_ALERT_WITH_ENTITIES_STG MODIFY ENTITY4_RES3 NVARCHAR2(768); Commit;
Published On
26 April 2022
Applies To
14.4.1
Files Bundled with the Hotfix
CHF_IG-14.4.1-20220422125802-CHF002.tgz.gpg
MD5 Checksum
578241d72a61e37f93182463eaf58b2e
Deployment Instructions
Follow the deployment instructions that are mentioned in Applying a Cumulative Patch.
Fixed Defects

Virtual Appliance - Identity Portal

Hotfix Number
Published On
26 April 2022
Applies To
14.4.1
Files Bundled with the Hotfix
CHF_IP-14.4.1-20220422142634-CHF002.tgz.gpg
MD5 Checksum
dce18f700af3c6efb016ebc7e14149ff
Deployment Instructions
Follow the deployment instructions that are mentioned in Applying a Cumulative Patch.
Fixed Defects

Virtual Appliance - Fixed Defects

The following defects are fixed in Virtual Appliance 14.4.1 Cumulative Hotfix 2:
Support Ticket
Engineering Ticket
Problem Summary
Root Cause
Behavioral Change
33072900
DE532183
The hung jstat process to validate the Java heap on the MCA (WildFly) servers consumed excess memory space.
When multiple Java processes are running, jstat does not exit.
Limited the Java processes list and set a timeout of 5 seconds to monitor the heap size of each Java process.
32933238
DE525441
Identity Manager server is failing to start and timeouts with an error.
By default, Identity Manager is configured to timeout after 15 minutes of startup.
-
32961706
DE524026
Address security risks that are identified in the Apache HTTPD Web Server.
Security risks due to loading of irrelevant modules.
-