Upgrade Python on Data Repository
search cancel

Upgrade Python on Data Repository

book

Article ID: 141678

calendar_today

Updated On:

Products

CA Performance Management - Usage and Administration DX NetOps

Issue/Introduction

Our security scans flagged python on our systems where we have Data Repository (3 separate nodes).

We would like to know if we can upgrade python itself or it's related and connected to CAPM version.

Environment

Release : 22.2.x, 23.3.4

Component : IM Data Repository

Cause

Vertica uses Python and installs a version under

/opt/vertica

This is an internal requirement of Vertica.

currently Vertica 10.1.1-20 ships with python 3.7.4

This version is EOL june 2023, but that does not mean it is a security risk.

 

Resolution

You cannot upgrade the bundled python manually

If it is within /opt/vertica/ then you may not upgrade or modify it.

 

If it is outside of that path, then PM is not affected by the install, and you can upgrade or remove it as you need.

 

In order to access the older version of python, the system would need to be physically compromised.

Additional Information

Dx NetOps performance management 23.3.4 ships with python 3.7.4

Broadcom is planning to upgrade vertica version as soon as RHEL 9 support is offered by vertica.