This patch updates the log4j library included in Tealeaf OnPrem v10.2 and v10.3 from 1.2.17 to 2.17.1.
The previous v1.2.17 library patch removed classes known to be vulnerable at the time of its release. This patch is to be used in the rare event that log4j needs to be fully upgraded from 1.2.17 to 2.17.1.
Note that this patch is only applicable for v10.2 and v10.3, not for any previous versions.
Applying the patch
-
Download the v10.2 patch zip file patch_10.2.0_log4j.zip or the v10.3 patch_10.3.0_log4j.zip from Downloads and extract its contents into a temporary folder.
-
Stop the services for Tealeaf Replay Server and Tealeaf Extractor Service running on servers that have the Replay Server and cxVerify LTS server already installed.
-
Take a backup of existing DOMDiffServer & LTSServer folders:
-
Version 10.2: located at Tealeaf_Home\Websphere\usr\servers (for e.g. C:\Program Files (x86)\Acoustic\Experience Analytics (Tealeaf) CX\Websphere\usr\servers).
-
Version 10.3: located at Tealeaf_Home\apache-tomcat\apache\webapps (for e.g. C:\Program Files (x86)\Acoustic\Experience Analytics (Tealeaf) CX\apache-tomcat\apache\webapps).
-
-
Copy DOMDiffServer & LTSServer folders from the patch folder location, and place them at:
-
Version 10.2: Tealeaf_Home\Websphere\usr\servers replacing existing folders.
-
Version 10.3: Tealeaf_Home\apache-tomcat\apache\webapps replacing existing folders.
-
-
In case secure communication is enabled between Tealeaf components, i.e. EnableTLS is ON (1) in Tealeaf registry, then the following additional steps are required:
-
Check the folder path location of server.tls.xml file. If it is located at C:\ProgramData\Acoustic\Tealeaf\security, then open server.xml file located in DOMDiffServer and LTSServer folders in any text editor and update the ‘location’ value from '${env.ALLUSERSPROFILE}/IBM/Tealeaf/security/server.tls.xml' to '${env.ALLUSERSPROFILE}/Acoustic/Tealeaf/security/server.tls.xml' and save the file.
-
If server.tls.xml file is located at C:\ProgramData\IBM\Tealeaf\security, then there are no changes required to server.xml file.
-
When the steps are completed, you can start services for Tealeaf Replay Server and Tealeaf Extractor Service.