Data360 DQ+ Product Announcements

 View Only

Data360 DQ+ 7.1.6 Hotfix Announcement– Text4Shell Vulnerability Hotfix

  Thread closed by the administrator, not accepting new replies.
  • 1.  Data360 DQ+ 7.1.6 Hotfix Announcement– Text4Shell Vulnerability Hotfix

    Employee
    Posted 11-09-2022 09:48
    No replies, thread closed.


    The fix for the Text4Shell vulnerability is now available with Data360 DQ+ 7.1.6 is now available.

    Below are the instructions to apply the Hotfix for 7.1.6:

    7.1.6 Hotfix for cve-2022-42889 upgrades the Apache Commons Text version used in DQ+ to remove the vulnerability identified in cve-2022-42889

     

    Steps:

    1. Download the fix pack into the /tmp folder.
    2. Give execute permission to the downloaded fix pack, for example:chmod 777 dqplus_IS-7.1-202202232146-6-fixpack.sh
    3. Extract the downloaded fix pack by running its name as a command, for example:./dqplus_IS-7.1-202202232146-6-fixpack.sh

        Extracting a fix pack for the first time will create a directory at:

         /opt/infogix/dqplus-7.1/maintenance

    1. Execute the ./apply-patch command from within /opt/infogix/dqplus-7.1/maintenance/dqplus_IS-7.1-202202232146-6-fixpack/bin.

    To verify that the fix pack has been applied, navigate to the Help menu in the product and select About. The product's Updates information should be updated.