Bug ID 832205: ASU cannot be completed after Signature Systems database corruption following binary Policy import

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2

Fixed In:
14.1.2.3, 12.1.5.1

Opened: Sep 29, 2019
Severity: 3-Major

Symptoms

Signatures cannot be updated after signature systems have become corrupted in the configuration database, after a binary policy containing a user-defined Signature Set using an unknown System was imported.

Impact

Signatures cannot be updated.

Conditions

Signature systems are corrupted in configuration database, because a binary policy containing a user-defined Signature Set using an unknown System was imported.

Workaround

Delete signature systems with an ID greater than 38, and re-add them by performing a signature update. You can delete these signature systems by running the following command: mysql -u root -p$(perl -MPassCrypt -nle 'print PassCrypt::decrypt_password($_)' /var/db/mysqlpw) -e "DELETE FROM PLC.NEGSIG_SYSTEMS WHERE system_group = ''"

Fix Information

None

Behavior Change