Security Pack NB_ORA_50_6S01_M.rs6000_51.tar provides security-related fixes for Veritas NetBackup (tm) Enterprise Server / Server 5.0 for Oracle Database Agent on AIX 5.1 platforms.

Article:TECH47006  |  Created: 2006-01-22  |  Updated: 2006-01-27  |  Article URL http://www.symantec.com/docs/TECH47006
Article Type
Technical Solution


Environment

Issue



Security Pack NB_ORA_50_6S01_M.rs6000_51.tar provides security-related fixes for Veritas NetBackup (tm) Enterprise Server / Server 5.0 for Oracle Database Agent on AIX 5.1 platforms.

Solution



ORA 5.0GA Pack NB_ORA_50_6S01_M README OEBU March 23, 2006
Requirement: NB_CLT_50_6S01_M
================================================================================
This Security Pack provides updates and fixes for Veritas NetBackup (tm) for
Oracle Database Agent.

================================================================================


=================
PACK DEPENDENCIES
=================

-- Installation of this Security Pack requires version 1.17.4.34 of
the Vrts_pack.install.

-- NB_CLT_50_6S01_M must be installed prior to installing this pack.


I. DOWNLOAD INSTRUCTIONS
II. INSTALLATION INSTRUCTIONS
III. UNINSTALL INSTRUCTIONS
IV. DESCRIPTION OF PROBLEMS FIXED
Current Pack
NB_ORA_50_6S01_M



=========================
I. DOWNLOAD INSTRUCTIONS
=========================
1) Download NB_ORA_50_6S01_M_<6 digit number>.<platform>.tar into the /tmp
directory.

where <6 digit number> is an internal tracking identifier

where <platform> is: alpha_5, hp11.00, hp11.11, linux2.4, rs6000_433,
rs6000_51, sgi65, solaris7

2) Extract NB_ORA_50_6S01_M_<6 digit number>.<platform>.tar
/bin/tar -xvf NB_ORA_50_6S01_M_<6 digit number>.<platform>.tar

This will create the files:
Vrts_pack.install
VrtsNB_ORA_50_6S01_M.README
VrtsNB_ORA_50_6S01_M.<platform>.tar.Z


==============================
II. INSTALLATION INSTRUCTIONS
==============================
There are two ways to install database agent security pack software.

1. Remote Installation: Loads the software on a master server with
the intent of pushing database software out to affected clients.

2. Local Installation: Loads and installs the software only to this
local machine.

---

Remote Installation:

Warning: Before installation - If production rman scripts are found in
the /usr/openv/netbackup/ext/db_ext/oracle/samples/rman, please save them
in another location to prevent them from being overwritten.

1. Log in as the Oracle user on the clients to receive the pack software
and shut down all Oracle instances. (Recommended)

Login as root on the NetBackup Master server:

2. Install the Security Pack binaries.

cd /tmp
/bin/sh Vrts_pack.install

Pick option 1 (Remote Installation) when prompted for the installation
method.

3. Run update_dbclients to push pack software affected database agent clients:
/cd <install_path/netbackup/bin
./update_dbclients Oracle ALL ALL

This command will look at all possible clients and only update and only
update the ones currently in Oracle policy type. For more information on
how to run update_dbclients, refer to the NetBackup for Oracle System
Administrator's Guide.

4. For every client to which you pushed the pack software in step 3, the
following steps must be performed:

4.1 Verify that Oracle Agent library is located in /usr/openv/netbackup/bin
directory.

4.2 Verify that library is visible to Oracle.
If $ORACLE_HOME/lib[32,64]/libobk.<platform extension> is a soft link to
/usr/openv/netbackup/bin/libobk.<platform extension>
then library is visible to Oracle.

Perform step 4.3 only if library is not visible to Oracle.

4.3 Make the library visible to Oracle
Run /usr/openv/netbackup/bin/oracle_link script OR Perform manual linking.

For more information on how to manually link the library, refer to Oracle
System Administrator Guide.

4.4 Restart any Oracle instances. (Recommended)

----

Local Installation:

Warning: Before installation - If production rman scripts are found in
the /usr/openv/netbackup/ext/db_ext/oracle/samples/rman, please save them
in another location to prevent them from being overwritten.

1. Log in as the Oracle user and shut down all Oracle instances. (Recommended)

As root on the NetBackup for Oracle client:

2. Install the Security Pack binaries.

cd /tmp
/bin/sh Vrts_pack.install

If the pack is being installed on a master server, pick option 2,
Local Installation, when prompted.

This will install the updated NetBackup files for the Oracle library
in /usr/openv/netbackup/bin.

3. Verify that Oracle Agent library is located in
/usr/openv/netbackup/bin directory.

4. Verify that library is visible to Oracle.
If $ORACLE_HOME/lib[32,64]/libobk.<platform extension> is a soft link to
/usr/openv/netbackup/bin/libobk.<platform extension> then library is
visible to Oracle.

Perform step 5 only if library is not visible to Oracle.

5. Make the library visible to Oracle
Run /usr/openv/netbackup/bin/oracle_link script OR
Perform manual linking.

For more information on how to manually link the library, refer to Oracle
System Administrator Guide.


6. Log in as the Oracle user and restart any Oracle instances. (Recommended.)

For help linking the NetBackup for Oracle library, you can also refer to the
support technote 233482, available on www.support.veritas.com.



============================
III. UNINSTALL INSTRUCTIONS
============================
1) Close the NetBackup user interfaces.

If a database agent is being used, such as Oracle,
ensure that the database services are stopped.

2) Change directory to the patch save directory.
Substitute the pack name for ${PACK} in the following command:

cd /usr/openv/pack/${PACK}/save

3) Run the un-install script:

./Vrts_pack.uninstall

4) Verify that the pack uninstalled successfully by checking
/usr/openv/pack/pack.history.

5) Only perform this step if the pack was originally pushed to remote
clients using update_dbclients. Please run update_dbclients after
the pack was successfully uninstalled on the master server.



==================================
IV. DESCRIPTION OF PROBLEMS FIXED
==================================
The following are descriptions of the problems fixed. Please read the entire
document before installing.

README Conventions:

Description
Describes a particular problem contained in this Security Pack.

** Description **
Describes a problem that can lead to potential data loss. Please
read these problem descriptions carefully.

Workaround
Any available workarounds to a problem are also listed. Workarounds
can be used INSTEAD of applying the patch, however, Symantec strongly
recommends the "best practice" of being at the latest patch level.

Additional Notes
Any additional information regarding this problem is included.


=============
Current pack
=============

================================================================================
Etrack Incident = ET538174 ET537659 ET537508 ET537534 ET537525 ET537517 ET537472
ET537554 ET537411 ET538159 ET542501 ET546266 ET564217

Description:
Multiple buffer overflow vulnerabilities have been identified in daemons
that run on Veritas NetBackup master, media, and client servers. An
attacker, if able to access a vulnerable Veritas NetBackup server and
successfully exploit these issues, could potentially execute arbitrary
code resulting in possible unauthorized and elevated privilege access to
the targeted system.

For more information about this vulnerability, refer to TechNote 281521 on
the Symantec Support Web site (http://support.veritas.com/docs/281521 ).
================================================================================



Attachments

NB_ORA_50_6S01_M_282521.rs6000_51.tar (2.5 MBytes)


Legacy ID



282521


Article URL http://www.symantec.com/docs/TECH47006


Terms of use for this information are found in Legal Notices