Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1545
Views
5
Helpful
4
Replies

FPR-1010 - What should the version be after patching with LOG4j Hotfix

Go to solution
yleduc
Level 1
Level 1

‎01-05-2022 07:37 AM

Hello all,

Just patched an FPR-1010 with the Hotfix for Log4J. While Patch History says that it is there, when I look at version either through FDM or via the CLI, there are no trace of its presence. How can I confirm the patch is there and running.

 

In my case, I applied 6.6.5.1-15 and then the hotfix 6.6.5.2-4. The version returned is 6.6.5.1-15.

 

Anybody seen this behaviour ?

 

Thank you.

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎01-05-2022 08:01 AM

Hi,

I had same case with 7.0.1. Go to FTD CLI and from expert navigate to ls
/var/sf/updates

If you see Uninstaller for the patch created then patch was installed
successfully.

**** please remember to rate useful posts

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Mohammed al Baqari
Level 11
Level 11

‎01-05-2022 08:01 AM

Hi,

I had same case with 7.0.1. Go to FTD CLI and from expert navigate to ls
/var/sf/updates

If you see Uninstaller for the patch created then patch was installed
successfully.

**** please remember to rate useful posts
0 Helpful

Go to solution
yleduc
Level 1
Level 1
In response to Mohammed al Baqari

‎01-05-2022 08:43 AM

Thanks Mohammed.



Yes I do have the uninstaller in the provided directory. Just wonder why they have a version number on the file but don't use it. Would be so much simpler instead of having to go into the guts of their software.


0 Helpful

Go to solution
yleduc
Level 1
Level 1

‎01-05-2022 12:06 PM

Update to the solution:

 

while searching on the problem, I found the following. if you run  find / -name log4j* -print 2>/dev/null you will obtain the following in the result:

 

/ngfw/var/cisco/ngfwWebUi/tomcat/webapps/ROOT/WEB-INF/lib/log4j-slf4j-impl-2.16.0.jar
/ngfw/var/cisco/ngfwWebUi/tomcat/webapps/ROOT/WEB-INF/lib/log4j-1.2-api-2.16.0.jar
/ngfw/var/cisco/ngfwWebUi/tomcat/webapps/ROOT/WEB-INF/lib/log4j-core-2.16.0.jar
/ngfw/var/cisco/ngfwWebUi/tomcat/webapps/ROOT/WEB-INF/lib/log4j-api-2.16.0.jar

 

and previous files (updated by 6.6.5.2)

 

/ngfw/var/cisco/ngfwWebUi/ftd_onbox_6.6.5.2_previous/ROOT/WEB-INF/lib/log4j-1.2-api-2.3.jar
/ngfw/var/cisco/ngfwWebUi/ftd_onbox_6.6.5.2_previous/ROOT/WEB-INF/lib/log4j-api-2.3.jar
/ngfw/var/cisco/ngfwWebUi/ftd_onbox_6.6.5.2_previous/ROOT/WEB-INF/lib/log4j-core-2.3.jar
/ngfw/var/cisco/ngfwWebUi/ftd_onbox_6.6.5.2_previous/ROOT/WEB-INF/lib/log4j-slf4j-impl-2.3.jar

0 Helpful

Go to solution
yleduc
Level 1
Level 1

‎01-25-2022 12:08 PM

while debugging an upgrade, I found the following directory for the actual status of the upgrade as you can actually follow along while the upgrade is taking place. This way, you are not kept in the dark of what is going on. 

The directory is /ngfw/var/log/sf. In that directory, there is a file update_status or upgrade_status (don't remember the filename exactly) that you can tail -f to see the upgrade process taking place. There is also a subdirectory for each patch that are applied with more details.

0 Helpful
Customers Also Viewed These Support Documents