Skip to main content
ExLibris

Knowledge Assistant

BETA
 
  • Subscribe by RSS
  • Back
    Voyager

     

    Ex Libris Knowledge Center
    1. Search site
      Go back to previous article
      1. Sign in
        • Sign in
        • Forgot password
    1. Home
    2. Voyager
    3. Knowledge Articles
    4. Ex Libris Voyager Patron Directory Services (PDS) Security vulnerability patch

    Ex Libris Voyager Patron Directory Services (PDS) Security vulnerability patch

    1. Last updated
    2. Save as PDF
    3. Share
      1. Share
      2. Tweet
      3. Share
    1. Description
    2. Resolution
    3. Additional Information
    • Product: Voyager
    • Product Version: 8.x - 9.2.1
    • Relevant for Installation Type: Local

     

    Description

    A Critical ranked vulnerability has been discovered for the Ex Libris PDS component. See the announcement, Ex Libris Patron Directory Services (PDS) Security vulnerability, for more details. PDS Apache should be patched on all Local Voyager Servers.

     

    *Even if PDS is not in use, it is likely that the server is still vulnerable. Ex Libris recommends that the patch be applied for this issue regardless of whether PDS is in use, or the service is enabled. If PDS should be left disabled, the following procedure will leave PDS disabled if step 6 is not completed.

    Resolution

    1. Log into Voyager server as the voyager user.

    2. Open a ticket with Voyager support to request this patch.  They will provide you with a special download URL for the patch.

    3. Upload the patch provided to the voyager user's home directory - /home/voyager

    4. Stop all Voyager PDS Apache services:

    for pdsapache in /m1/voyager/*/pds/apache/bin/apachectl; do

    ksh $pdsapache stop

    done

     

    5. Disable all Voyager PDS Apache services:

    chmod 600 /m1/voyager/*/pds/apache/bin/apachectl

     

    6. Install the PDS Apache fix to each Voyager PDS Apache service:

    for pdsprog in /m1/voyager/*/pds/program; do

    cd $pdsprog &&

    cat $HOME/PDSupdate | gzip -dc - | tar -xvf - &&

    sh ./RunMe.sh && echo "Patch applied in $pdsprog" || echo "Patch failed in $pdsprog"

    done

     

    7. Enable and restart ONLY the PDS Apache services for Voyager installs that you are using (skip if PDS is not enabled or used):

    chmod 750 /m1/voyager/*/pds/apache/bin/apachectl

    /m1/voyager/*/pds/apache/bin/apachectl start

     

    Additional Information

    Since PDS is installed by default, we recommend applying the fix whether it is enabled or not.

     

    If local security or firewall restrictions pose obstacles to downloading the patch, and PDS is not in use, disable the Voyager PDS Apache service:

     

    for pdsapache in /m1/voyager/*/pds/apache/bin/apachectl; do 
    ksh $pdsapache stop 
    done 
    chmod 600 /m1/voyager/*/pds/apache/bin/apachectl 

     

     


    • Article last edited: 11-Jul-2016
    View article in the Exlibris Knowledge Center
    1. Back to top
      • Ex Libris Offices' IP Addresses
      • Example of MARC ID input file to be used with Bulk Export (MarcExport)
    • Was this article helpful?

    Recommended articles

    1. Article type
      Topic
      Language
      English
      Product
      Voyager
    2. Tags
      1. Apache
      2. pds
    1. © Copyright 2025 Ex Libris Knowledge Center
    2. Powered by CXone Expert ®
    • Term of Use
    • Privacy Policy
    • Contact Us
    2025 Ex Libris. All rights reserved