Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
17426
Views
35
Helpful
23
Replies

Cisco ISE hot patch log4j -CSCwa47133 - File not the correct format

Go to solution
seto_wai_hong
Level 1
Level 1

‎12-16-2021 02:12 AM

Cisco Identity Services Engine Software hot patch for the log4j PSIRT bug - CSCwa47133. Apply this hot patch for 2.4,2.6,2.7 and 3.0 patches.

 

Patch cannot installed. patch file is not in the correct format.

 

15 people had this problem
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Marcelo Morais
VIP
VIP

‎12-16-2021 07:39 AM

Hi @seto_wai_hong ,

please take a look at the following post: ISE 2.7.0.356.

 

Hope this helps !!!

View solution in original post

0 Helpful

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to seto_wai_hong

‎12-19-2021 08:04 PM

From the error output you're seeing, it looks like you're trying to install using the 'patch install' CLI command. You need to use the 'application install' command as stated in the Release Notes for this hot patch.

View solution in original post

23 Replies 23

Go to solution
csavoy
Level 1
Level 1

‎12-16-2021 06:11 AM

Same problem with message "% Unable to unbundle the package. It should be in tar.gz file format"

But the downloaded file is only 20kB big... it looks very small for a patch...

Could it be a "fake" file used to prepare the release of the real hot fix ???

 

0 Helpful

Go to solution
bearman97
Level 1
Level 1
In response to csavoy

‎12-16-2021 06:45 AM

My download was only 5K.  Did your download get ungzipped?

Haven't tried to install yet, waiting to see what others' experiences are.

 

0 Helpful

Go to solution
csavoy
Level 1
Level 1
In response to csavoy

‎12-16-2021 11:26 PM

I downloaded the file once again a few hours later and the size changed to 5kB.

I was able to install it with no error message.. I don't know why my first file was 20kB big...

 

0 Helpful

Go to solution
Damien Miller
VIP Alumni
VIP Alumni
In response to csavoy

‎12-17-2021 08:14 AM

This happened to my customer too. I downloaded the file again via Chrome, then copied it with Filezilla ftp portable. Not sure how they ended up with a 20k file, but it prompted me to overwrite indicating the size discrepancy. 

0 Helpful

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎12-16-2021 07:22 AM

See the shared link above from another post.  Specifically @Leo Laohoo 's post.  There is a readme link that breaks the process down.  Lastly, yes an application restart is required.  

0 Helpful

Go to solution
Marcelo Morais
VIP
VIP

‎12-16-2021 07:39 AM

Hi @seto_wai_hong ,

please take a look at the following post: ISE 2.7.0.356.

 

Hope this helps !!!

0 Helpful

Go to solution
seto_wai_hong
Level 1
Level 1
In response to Marcelo Morais

‎12-19-2021 07:42 PM

% Warning: Patch will be installed only on this node. Install using Primary Administration node GUI to install on all nodes in deployment. Continue? (yes/no) [yes] ? yes
Save the current ADE-OS running configuration? (yes/no) [yes] ? yes
Generating configuration...
Saved the ADE-OS running configuration to startup successfully
Initiating Application Patch installation...

Getting bundle to local machine...
Unbundling Application Package...
Verifying Application Signature...
% Error: Application bundle detected. Please use application CLI for application installation or upgrade.



I get the error - % Error: Application bundle detected. Please use application CLI for application installation or upgrade.

Help Any one? Tks.

0 Helpful

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to seto_wai_hong

‎12-19-2021 08:04 PM

From the error output you're seeing, it looks like you're trying to install using the 'patch install' CLI command. You need to use the 'application install' command as stated in the Release Notes for this hot patch.

Go to solution
rpidcock@bankrcb.net
Level 1
Level 1
In response to Greg Gibbs

‎12-21-2021 01:00 PM

Is it required to run this patch on both nodes if I have a secondary node, or do I just run it on my primary node?

 

 

0 Helpful

Go to solution
Marcelo Morais
VIP
VIP
In response to rpidcock@bankrcb.net

‎12-21-2021 02:10 PM

Hi rpidcock@bankrcb.net ,

 you need to run the Hot Patch on ALL Nodes.

 

Hope this helps !!!

0 Helpful

Go to solution
tneuhuber
Level 1
Level 1
In response to Marcelo Morais

‎12-23-2021 05:31 AM

hello Marcelo, it seems Cisco has removed patch "ise-apply-CSCwa47133_Ver_24_30_allpatches-SPA.tar.gz", its gone from the download area, instead there is one for ISE 3.1. But this one is applicable to for 3.1 only, not for the older version.

Does anybody know why Cisco has remove the patch? 

When they will upload a new one.

We have already downloaded a copy, but due to removal from the web, we are concerned about the installation of it.

thx in advance for your help.

br, Thomas

 

 

Go to solution
Marcelo Morais
VIP
VIP
In response to tneuhuber

‎12-23-2021 05:42 AM

Hi @tneuhuber ,

 please take a look at the following:

LOG4J.png

 

Check the All Release or at Log4j2-fix-2.4-3.0.

 

Hope this helps !!!

Go to solution
tneuhuber
Level 1
Level 1
In response to Marcelo Morais

‎12-23-2021 06:21 AM

Hi, thx for kind and quick support.

My fault, did not scroll down to the bottom.

br, Thomas

0 Helpful
Customers Also Viewed These Support Documents