U radu programskog paketa IBM Tivoli Common Reporting uočen je i ispravljen sigurnosni propust. Propust je moguće iskoristiti za izvođenje napada uskraćivanja usluge.

|+-------------------------------------------------------------------------------+|
||Readme file for IBM Tivoli Common Reporting 2.1.1.0 Interim Fix 1||
|+-------------------------------------------------------------------------------+|


+----------------------------- NOTE --------------------------------+
|Before using this information and the product it supports, read the|
|information in 4."Notices".                                        |
+-------------------------------------------------------------------+
This edition applies to Interim Fix 1 for Version 2, Release 1, Modified 1 of IBM Tivoli Common Reporting (program number 5724-T69).

Copyright International Business Machines Corporation 2011.
US Government Users Restricted Rights -- Use, duplication or disclosure 
restricted by GSA ADP Schedule Contract with IBM Corp.

+-----------------+
|Table of Contents|
+-----------------+
	1. Description
	1.1 APARs included
	1.2 Internal defects
	2. Applying Tivoli Common Reporting 2.1.1.0 Interim Fix 1
	3. Uninstalling Tivoli Common Reporting 2.1.1.0 Interim Fix 1
	4. Notices
	
+-----------------+
| 1. Description|
+-----------------+
The Interim Fix 1 for Tivoli Common Reporting 2.1.1.0 contains fix for the Federal Information Processing Standard (FIPS) Compliance issue with TIP 2.2
More about enabling FIPS on TIP 2.2 can be found at http://infdev.kraklab.pl.ibm.com/tcr21/index.jsp?topic=/com.ibm.tivoli.tcr.doc_211/ttip_install_configfips.html

If the customer has installed TCR using Re-use/Upgrade option, then TIP will be of v2.1 and this fix is not required to be applied in this case.

This readme contains the most current information for this interim fix and takes precedence over all other documentation.

+-----------------------+
| 1.1 APARs included|
+-----------------------+
The Interim Fix 1 for Tivoli Common Reporting 2.1.1.0 ships a JDK ifix containing APAR IZ91964

APAR IZ91964 - FIPS Complaince issue with TIP 2.2 only
When FIPS is enabled for TCR 2.1.1 on TIP 2.2, then some encryption algorithms such as AES, will use the IBMJCEFIPS provider and execute normally. 
However, the code does not execute well in some configurations and produces an exception like below. 
Error Message: The IBMJCEFIPS security provider is activated by specifying it in the configuration file "JAVADIR/jre/lib/security/java.security". 
This fix addresses the above issue and once this fix is applied, FIPS will be enabled successfully.

+------------------------+
| 1.2 Internal defects|
+------------------------+
None
	
+---------------------------------------------------------------------+
| 2 Applying Tivoli Common Reporting 2.1.1.0 Interim Fix 1|
+---------------------------------------------------------------------+
To apply the fix:

	1.	On the computer where Tivoli Common Reporting server has been 
		installed, unpack the 2.1.1.0-TIV-TCR-IF1.zip into a temporary directory. 
		
	2. 	Stop the Tivoli Common Reporting server.
	
	3.     Set the enviromnet variable WASUI_HOME to the Websphere UpdateInstaller Home.
		 - Windows Platform
                  set WASUI_HOME=<Install_Location_WASUI>
                  For eg, set WASUI_HOME=C:\IBM\UpdateInstaller
		 - Linux and Unix Platforms
                  export WASUI_HOME=<Install_Location_WASUI>
		    For eg, export WASUI_HOME=/opt/IBM/UpdateInstallaer
		 If the user is non-root users, make sure the user has the write permission for the
		 WebSphere UpdateInstaller directory.

	4. 	Install the interim fix by running the following command from shell:
			
			install[.sh|.bat] -i <TCR_2110_HOME>
		
		- where <TCR_2110_HOME> is the directory where Tivoli Common Reporting
			is installed.
			Example: /opt/IBM/tivoli/tipv2Components/TCRComponent
		- You may have to add executable permission (+x) for the install.sh 
			script on Linux/UNIX platforms (chmod u+x install.sh).
		- Due to case-sensitivity of Deployment Engine, the value used for 
			<TCR_2110_HOME> must be exactly the same as the directory path 
			entered during the TCR 2.1.1.0 installation. A common error is to 
			use a non capital letter for the installation drive on Windows. 
			If the disk where you installed Tivoli Common Reporting server 
			is "C:", you have to use a capital letter when specifying it, 
			for example:

			install.bat -i c:\IBM\tivoli\tipv2Components\TCRComponent will not work, while
			install.bat -i C:\IBM\tivoli\tipv2Components\TCRComponent will work.

	5.	Verify the installation:
		
			Navigate to the folder where the Deployment Engine
			has been installed.
		
			For Windows the folder is:
				%ProgramFiles%\IBM\Common\acsi\bin
			Type listIU.cmd and the output should show that the TCR Interim Fix 1 has been installed, with an entry like below.
			Fix	(RootIU UUID: 3DD9564D2E7442788584C1F35B07F2A2	Name: SIU-TCR-2110-0001)Fix Name:826F534C48CA45799681EB7E8462A63A 
			Fix	(RootIU UUID: 3DD9564D2E7442788584C1F35B07F2A2	Name: TCR-2110-0001)Fix Name:TCR-2110-0001
		
			For UNIX-like systems:
			Source the DE environment by running the following command: 
				. /var/ibm/common/acsi/setenv.sh for root user, or
				. ~/.acsi_<USERNAME>/setenv.sh for non-root users.
			Make sure you include the . (dot and space) characters when running the command.
			Browse to the following directory:
				/usr/ibm/common/acsi/bin for root user, or
				~/.acsi_<USERNAME>/bin for non-user users.
			Type listIU.sh and the output should show that the TCR Interim Fix 1 has been installed, with an entry like below.
			Fix	(RootIU UUID: 3DD9564D2E7442788584C1F35B07F2A2	Name: SIU-TCR-2110-0001)Fix Name:826F534C48CA45799681EB7E8462A63A 
			Fix	(RootIU UUID: 3DD9564D2E7442788584C1F35B07F2A2	Name: TCR-2110-0001)Fix Name:TCR-2110-0001

	5. 	Start the Tivoli Common Reporting server.

+-------------------------------------------------------------+
| 3 Uninstalling Tivoli Common Reporting 2.1.1.0 Interim Fix 1|
+-------------------------------------------------------------+
To remove from your Tivoli Common Reporting instance the Tivoli Common Reporting 2.1.1.0 Interim Fix 1, follow these steps:

	1. 	Stop the Tivoli Common Reporting server.

	2. 	Run the following command from shell:
		install[.sh|.bat] -r <TCR_2110_HOME>

	3.	Start the server.

+----------+
| 4 Notices|
+----------+
This information was developed for products and services offered in the
U.S.A. IBM may not offer the products, services, or features discussed
in this document in other countries. Consult your local IBM
representative for information on the products and services currently
available in your area. Any reference to an IBM product, program, or
service is not intended to state or imply that only that IBM product,
program, or service may be used. Any functionally equivalent product,
program, or service that does not infringe any IBM intellectual property
right may be used instead. However, it is the user's responsibility to
evaluate and verify the operation of any non-IBM product, program, or
service.

IBM may have patents or pending patent applications covering subject
matter described in this document. The furnishing of this document does
not give you any license to these patents. You can send license
inquiries, in writing, to:



IBM Director of Licensing
IBM Corporation
North Castle Drive
Armonk, NY 10504-178, U.S.A.

For license inquiries regarding double-byte (DBCS) information, contact
the IBM Intellectual Property Department in your country or send
inquiries, in writing, to:

IBM World Trade Asia Corporation
Licensing
2-31 Roppongi 3-chome, Minato-ku
Tokyo 106, Japan

The following paragraph does not apply to the United Kingdom or any
other country where such provisions are inconsistent with local law:

INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION
"AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Some states do not allow disclaimer of express or implied warranties in
certain transactions, therefore, this statement might not apply to you.

This information could include technical inaccuracies or typographical
errors. Changes are periodically made to the information herein; these
changes will be incorporated in new editions of the publication. IBM may
make improvements and/or changes in the product(s) and/or the program(s)
described in this publication at any time without notice.

Any references in this information to non-IBM Web sites are provided for
convenience only and do not in any manner serve as an endorsement of
those Web sites. The materials at those Web sites are not part of the
materials for this IBM product and use of those Web sites is at your own
risk.

IBM may use or distribute any of the information you supply in any way
it believes appropriate without incurring any obligation to you.

Licensees of this program who wish to have information about it for the
purpose of enabling: (i) the exchange of information between
independently created programs and other programs (including this one)
and (ii) the mutual use of the information which has been exchanged,
should contact:

IBM Corporation
2Z4A/101
11400 Burnet Road
Austin, TX  78758 	U.S.A.

Such information may be available, subject to appropriate terms and
conditions, including in some cases, payment of a fee.

The licensed program described in this document and all licensed
material available for it are provided by IBM under terms of the IBM
Customer Agreement, IBM International Program License Agreement or any
equivalent agreement between us.

Any performance data contained herein was determined in a controlled
environment. Therefore, the results obtained in other operating
environments may vary significantly. Some measurements may have been
made on development-level systems and there is no guarantee that these
measurements will be the same on generally available systems.
Furthermore, some measurement may have been estimated through
extrapolation. Actual results may vary. Users of this document should
verify the applicable data for their specific environment.

Information concerning non-IBM products was obtained from the suppliers
of those products, their published announcements or other publicly
available sources. IBM has not tested those products and cannot confirm
the accuracy of performance, compatibility or any other claims related
to non-IBM products. Questions on the capabilities of non-IBM products
should be addressed to the suppliers of those products.

This information contains examples of data and reports used in daily
business operations. To illustrate them as completely as possible, the
examples include the names of individuals, companies, brands, and
products. All of these names are fictitious and any similarity to the
names and addresses used by an actual business enterprise is entirely
coincidental.

+--------------+
|4.1 Trademarks|
+--------------+
The following terms are trademarks of the IBM Corporation in the United
States or other countries or both: 

IBM
The IBM logo 
AIX
DB2
DB2® Universal Database
Tivoli
WebSphere
zSeries

Microsoft®, Windows®, and the Windows logo are registered trademarks, of
Microsoft Corporation in the U.S. and other countries.

UNIX is a registered trademark of The Open Group in the United States
and other countries.

Intel® is a trademark of Intel Corporation in the United States, other
countries, or both.

Linux® is a trademark of Linus Torvalds in the United States, other
countries, or both.

Other company, product, and service names may be trademarks or service
marks of others.