Last Modified: May 29, 2024
Affected Product(s):
BIG-IP APM
Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.1.0, 15.1.0.1
Fixed In:
16.0.0, 15.1.0.2, 15.0.1.3, 14.1.4.4
Opened: Oct 30, 2019 Severity: 3-Major
Java applets are not patched when accessed through APM Portal Access. /var/log/rewrite contains error messages similar to following: -- notice rewrite - fm_patchers/java_patcher_engine/CryptoToolsManager.cpp:568 (0x1919ab0): CryptoToolsManager :: _ReadCA() - cannot open CA file. /var/log/auditd/audit.log contains AVC denials for rewrite on attempt to read file under /config/filestore/.
Java applets cannot be patched by APM Portal Access rewriter.
Java patching is enabled via rewrite profile and Portal Access resource.
None.
Fixed an issue with SELinux policy blocking Portal Access code from reading Java Patcher certificates.