CABI--Unable to remove old versions of commons-text files to fix CABI vulnerability
search cancel

CABI--Unable to remove old versions of commons-text files to fix CABI vulnerability

book

Article ID: 258650

calendar_today

Updated On:

Products

DX NetOps CA Spectrum

Issue/Introduction

While implementing the resolution for vulnerability CVE-2022-42889 "Apache Commons Text Vulnerability" on the CABI system, we removed the old jar files and replaced them with the new jar files.

We then ran a locate for the old jar files and locate listed the old files that were deleted.

However, when we cd to the directory and run a file listing, the file is not there:

 

Environment

Release : Any release installed on Linux

Component: CABI

Cause

The locate command looks for files only in the Linux database. It does not look for the files like the find command.

Resolution

This looks like an issue with the Linux database not updating correctly as the file is not in the directory seen in the results of the locate command.

Use the find command instead of the locate command.

"The find command will search for the specified files in all of your computer's directories. Meanwhile, the locate command will look for files only on your Linux database."

Attachments

Powered by Wolken Software