Based on our recent Vulnerability Assessment by security team they have found 1 critical item as per below which requires an urgent attention.
They recommend us to upgrade the Java to higher/recent as possible.
Current JRE installed for XCOM : /opt/CA/SharedComponents/JRE/1.8.0.45_ALL
Please advise on how to point the XCOM config to new upgraded Java?
88046 - Oracle Java SE Multiple Vulnerabilities (January 2016 CPU) (SLOTH) (Unix)
Description : The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 71, 7 Update 95, or 6 Update 111. It is, therefore, affected by security vulnerabilities in the following components :
- 2D
- AWT
- JAXP
- JMX
- Libraries
- Networking
- Security
Solution: Upgrade to Oracle JDK / JRE 8 Update 71, 7 Update 95, 6 Update 111, or later. If necessary, remove any affected versions.
Release : 11.6 SP00 version 13081 (GA Release)
Component : XCOM Data Transport for Linux PC
Using XCOM 11.6 SP00 version 13081 (GA release) which distributes Java 1.8 u45
Both XCOM 11.6 SP01 and 12.0 install Oracle "JRE 8 Upgrade 77" so will resolve the vulnerability
To access the install media login to the Broadcom Support Portal
Select "XCOM Data Transport - for Linux (PC) Linux All"
Download and install 11.6 SP01 oR 12.0
By default XCOM 11.6 SP01 and XCOM 12.0 installs JRE 1.8 u77 under XCOM_HOME in directory /opt/CA/XCOM/JRE/1.8.0_77
The file xcom.glb has corresponding parameter XCOM_JVM set accordingly: CA XCOM DATA TRANSPORT FOR UNIX/LINUX 11.6.1 > XCOM_JVM
CA XCOM DATA TRANSPORT FOR UNIX/LINUX 12.0 > XCOM.JVM