Skip to main content Skip to complementary content
Qlik Resources
Announcements
Loading SearchUnify's search If you need assistance with your product, please contact Qlik Support.
Qlik Customer Portal
Loading SearchUnify's search If you need assistance with your product, please contact Qlik Support.
Qlik Customer Portal

TPS-5592

Info Value
Patch Name Patch20240327TPS-5592_v1
Release Date 2024-03-27
Target Verson 20240327_1-V8.0.1
Product affected IAM

Introduction

This patch is cumulative. It includes all previous generally available patches for Talend IAM 8.0.1.

NOTE: For information on how to obtain this patch, reach out to your Support contact at Talend.

Fixed issues

This patch contains the following fixes:

  • TPS-5054: [8.0.1] Patch log4j CVE in Syncope
  • TPS-5081: [8.0.1] Patch log4j to 2.17.1 in Syncope
  • TPS-5180: [8.0.1] Patch Spring4Shell CVE-2022-22965
  • TPS-5593: [8.0.1] Remove sts.war and all syncope wars
  • TPS-5592: [8.0.1] Patch Fediz to 1.6.2

Prerequisites

Consider the following requirements for your system:

  • Talend IAM 8.0.1 must be installed.

Installation

  1. Stop IAM
  2. Create a backup directory 
    $ mkdir -p <backup_dir>
  3. Copy original *.war files to the backup directory 
    $ cp <TALEND>/iam/apache-tomcat/webapps/idp.war <backup_dir>
$ cp <TALEND>/iam/apache-tomcat/webapps/oidc.war <backup_dir>
$ cp <TALEND>/iam/apache-tomcat/webapps/scim.war <backup_dir>
$ cp <TALEND>/iam/apache-tomcat/webapps/sts.war <backup_dir>
$ cp <TALEND>/iam/apache-tomcat/webapps/sts-tac.war <backup_dir>
$ cp <TALEND>/iam/apache-tomcat/webapps/syncope.war <backup_dir>
$ cp <TALEND>/iam/apache-tomcat/webapps/syncope-console.war <backup_dir>
$ cp <TALEND>/iam/apache-tomcat/webapps/syncope-enduser.war <backup_dir>
    Note: if you made any changes in extracted service app before don't forget to backup them too.
  4. Remove original webapp directories and files 
    $ rm -rf <TALEND>/iam/apache-tomcat/webapps/oidc*
$ rm -rf <TALEND>/iam/apache-tomcat/webapps/idp*
$ rm -rf <TALEND>/iam/apache-tomcat/webapps/scim*
$ rm -rf <TALEND>/iam/apache-tomcat/webapps/sts*
$ rm -rf <TALEND>/iam/apache-tomcat/webapps/syncope*
  5. Uzip the patch file: 
    $ unzip Patch_20240327_TPS-5592_v1.zip
  6. Copy patched war file to webapps directory replacing the original one 
    $ cp *.war <TALEND>/iam/apache-tomcat/webapps/
  7. Start IAM

Uninstallation

  1. Stop IAM
  2. Remove patched webapp directories and files 
    $ rm -rf <TALEND>/iam/apache-tomcat/webapps/oidc*
$ rm -rf <TALEND>/iam/apache-tomcat/webapps/idp*
$ rm -rf <TALEND>/iam/apache-tomcat/webapps/scim*
$ rm -rf <TALEND>/iam/apache-tomcat/webapps/sts*
$ rm -rf <TALEND>/iam/apache-tomcat/webapps/syncope*
  3. Copy saved *.war files from the backup directory 
    $ cp <backup_dir>/*.war <TALEND>/iam/apache-tomcat/webapps/
  4. Start IAM

Affected files for this patch

The following files are installed by this patch:

  • oidc.war
  • idp.war
  • scim.war
  • sts-tac.war

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!

Leave your feedback here