For Apache ActiveMQ 5.16.x, this vulnerability affects the versions up to 5.16.6.
As of SOI 4.2 CU5, it is bundled with Apache ActiveMQ 5.16.5 which is known to be impacted; please follow the below manual procedure to upgrade Apache ActiveMQ to 5.16.7.
- Shutdown all the SOI services across distributed environments
- On the system where CA SOI MQ Server is installed, follow the below steps
- Go to SOI HOME directory and rename the folder apache-activemq to apache-activemq-5.16.5
- Download the file apache-activemq.zip and extract the contents to SOI HOME directory. Once the extraction is completed you should be able to see the folder apache-activemq
- Replace the below files from backup (apache-activemq-5.16.5):
- apache-activemq\bin\win64\wrapper.conf
- apache-activemq\conf\activemq.xml
- apache-activemq\conf\log4j.properties
- Copy the below files from backup (apache-activemq-5.16.5)
- apache-activemq\lib\soi.common.message-bus.jar
- On the system where CA SOI Event Management is installed, follow the below steps
- Delete the below files
- <SOI HOME>\EventManagement\lib\activemq-all-5.16.5.jar
- Copy the file from apache-activemq\activemq-all-5.16.7.jar from CA SOI MQ Server system to this server
- <SOI HOME>\EventManagement\lib\activemq-all-5.16.7.jar
- On the system where CA SOI User Interface Server is installed, follow the below steps
- Delete the below files
- <SOI HOME>\SamUI\lib\activemq-all-5.16.5.jar
- Copy the file from apache-activemq\activemq-all-5.16.7.jar from CA SOI MQ Server system to this server
- <SOI HOME>\SamUI\lib\activemq-all-5.16.7.jar
- On the system where CA SOI Application Server is installed, follow the below steps
- Delete the below files
- <SOI HOME>\tomcat\lib\activemq-all-5.16.5.jar
- <SOI HOME>\tomcat\webapps\sor.application\WEB-INF\lib\activemq-all-5.16.5.jar
- <SOI HOME>\Tools\Priming Utility\lib\activemq-all-5.16.5.jar
- Copy the file from apache-activemq\activemq-all-5.16.7.jar from CA SOI MQ Server system to this server
- <SOI HOME>\tomcat\lib\activemq-all-5.16.7.jar
- <SOI HOME>\tomcat\webapps\sor.application\WEB-INF\lib\activemq-all-5.16.7.jar
- <SOI HOME>\Tools\Priming Utility\lib\activemq-all-5.16.7.jar
- On the system where CA SOI UCF Broker is installed, follow the below steps
- Delete the below files
- <SOI HOME>\ucfbroker\lib\activemq-all-5.16.5.jar
- Copy the file from apache-activemq\activemq-all-5.16.7.jar from CA SOI MQ Server system to this server
- <SOI HOME>\ucfbroker\lib\activemq-all-5.16.7.jar
- On the system where CA SOI Integration Services is installed, follow the below steps
- Delete the below files
- <SOI HOME>\lib\ivy\activemq-all-5.16.5.jar
- Copy the file from apache-activemq\activemq-all-5.16.7.jar from CA SOI MQ Server system to this server
- <SOI HOME>\lib\ivy\activemq-all-5.16.7.jar
Start all the SOI services across distributed environments