The Eclipse PD team has identified JBoss running on RHEL 5.x with Java 7u131 may crash when the Solar Eclpse SSL interface (i.e Connection Pool, Session manager and etc..) is accessed from a browser.
This is an Oracle bug, and it is expected to be fixed with java 7u141 release.
The Work-around is to not use java 7u131. Do not install java update or downgrade to an older version if java 7u131 has already been installed.
To downgrade java to older version, 7u95:
yum downgrade java-1.7.0-openjdk-22.214.171.124-126.96.36.199.el5_11
To exclude java updates when manually installing the RHEL updates:
yum update --exclude=java-1.7.0-openjdk-188.8.131.52*
If your system is setup with RHEL automatic update you may temporarily disable it and run manual updates until a fix is available.
To disable RHEL auto update:
chkconfig yum-updatesd off
service yum-updatesd stop
Log in as root to your server
To restore a single file (LEDGER) to a temporary directory (/esupport/restore):
mkdir -p /esupport/restore
rsync -av --progress --inplace --stats /mnt/nas/rsync/u2/backup-20170118.2200/eclipse/LEDGER /esupport/restore/
To restore an entire directory (/u2/eclipse) to it’s original location (/u2/eclipse) for a full system recovery:
Warning: As always, please exercise caution when performing system maintenance, especially when initiating processes that can potentially overwrite data.
rsync -av --progress --inplace --stats /mnt/nas/rsync/backup-20170118.2200/u2/eclipse/ /u2/eclipse/
What is Badlock?
Please see this article from Red Hat for an overview of the vulnerability.
How can I test my system to see if I’m vulnerable?
Run this script:
curl -s http://kb.eclipseinc.com/files/badlock-test.sh | sh
It will generate a report similar to the following if your system is vulnerable:
WARNING: The installed version of samba server (4.2.3-12.el7_2) is vulnerable to BADLOCK and should be upgraded! It is also enabled and/or running. Please update the package and restart the service.
See https://access.redhat.com/articles/2243351 and https://access.redhat.com/security/vulnerabilities/badlock for more information.
How do I patch my system?
Install Red Hat updates. If you don’t want to install all of the updates, you can optionally install only the samba updates:
yum update samba*
service smb restart
- Log in as root
- Open the backup script for editing:
- Find the MAILLIST value, and add any additional email addresses, separated by a blank space , like so: