Skip to main content
ExLibris
  • Subscribe by RSS
    • Back
    Voyager
    Ex Libris Knowledge Center

    Ex Libris Voyager Patron Directory Services (PDS) Security vulnerability patch

    1. Last updated
    2. Save as PDF
    • Product: Voyager
    • Product Version: 8.x - 9.2.1
    • Relevant for Installation Type: Local

     

    Description

    A Critical ranked vulnerability has been discovered for the Ex Libris PDS component. See the announcement, Ex Libris Patron Directory Services (PDS) Security vulnerability, for more details. PDS Apache should be patched on all Local Voyager Servers.

     

    *Even if PDS is not in use, it is likely that the server is still vulnerable. Ex Libris recommends that the patch be applied for this issue regardless of whether PDS is in use, or the service is enabled. If PDS should be left disabled, the following procedure will leave PDS disabled if step 6 is not completed.

    Resolution

    1. Log into Voyager server as the voyager user.

    2. Open a ticket with Voyager support to request this patch.  They will provide you with a special download URL for the patch.

    3. Upload the patch provided to the voyager user's home directory - /home/voyager

    4. Stop all Voyager PDS Apache services:

    for pdsapache in /m1/voyager/*/pds/apache/bin/apachectl; do

    ksh $pdsapache stop

    done

     

    5. Disable all Voyager PDS Apache services:

    chmod 600 /m1/voyager/*/pds/apache/bin/apachectl

     

    6. Install the PDS Apache fix to each Voyager PDS Apache service:

    for pdsprog in /m1/voyager/*/pds/program; do

    cd $pdsprog &&

    cat $HOME/PDSupdate | gzip -dc - | tar -xvf - &&

    sh ./RunMe.sh && echo "Patch applied in $pdsprog" || echo "Patch failed in $pdsprog"

    done

     

    7. Enable and restart ONLY the PDS Apache services for Voyager installs that you are using (skip if PDS is not enabled or used):

    chmod 750 /m1/voyager/*/pds/apache/bin/apachectl

    /m1/voyager/*/pds/apache/bin/apachectl start

     

    Additional Information

    Since PDS is installed by default, we recommend applying the fix whether it is enabled or not.

     

    If local security or firewall restrictions pose obstacles to downloading the patch, and PDS is not in use, disable the Voyager PDS Apache service:

     

    for pdsapache in /m1/voyager/*/pds/apache/bin/apachectl; do 
    ksh $pdsapache stop 
    done 
    chmod 600 /m1/voyager/*/pds/apache/bin/apachectl 

     

     

    • Article last edited: 11-Jul-2016
    1. Back to top
    • Was this article helpful?

    Recommended articles

    1. Article type
      Topic
      Language
      English
      Product
      Voyager
    2. Tags
      1. Apache
      2. pds