Release Notes McAfee ePolicy Orchestrator

Release Notes
Hotfix 1014944
McAfee ePolicy Orchestrator





Contents
About this release
Resolved issues
Installation instructions
Additional information
Find product documentation
About this release
This document contains important information about the current release. We strongly recommend that
you read the entire document.
Release date – November 4, 2014
This release was developed for use with:
o
McAfee® ePolicy Orchestrator® 4.6.x
o
McAfee® ePolicy Orchestrator® 5.0.x
o
McAfee® ePolicy Orchestrator® 5.1.0
o
McAfee® ePolicy Orchestrator® 5.1.1
o
All remote agent handlers for versions above
Rating
Mandatory — McAfee requires this release for all environments. This update must be applied
immediately to avoid a potential security breach, and to maintain a viable and supported product.
For more information about patch ratings, see McAfee KnowledgeBase article KB51560.
Resolved issues
This hotfix resolves the following issues. For a list of issues fixed in earlier releases, see the Release
Notes for the specific release.
Issue
Both of the vulnerabilities below involve denial of service attacks via memory leak. For more
information, please visit the links provided below.
o
CVE-2014-3513
o
CVE-2014-3567
o
McAfee Security Bulletin SB10091
Versions of OpenSSL affected:
o
OpenSSL 0.9.8a-zb
o
OpenSSL 1.0.0a-n
o
OpenSSL 1.0.1a-i
1
Versions of OpenSSL that are not affected:
o
OpenSSL 0.9.8zc
o
OpenSSL 1.0.0m
o
OpenSSL 1.0.1j
Resolution
This hotfix replaces all OpenSSL and Apache files used by McAfee ePO because there is a technology
dependence between the two.
Installation instructions
For information about installing or upgrading ePolicy Orchestrator, see the McAfee ePolicy Orchestrator
Installation Guide.
Before proceeding with the upgrade process, see McAfee KnowledgeBase article KB76739 for important
steps to take before upgrading (KB71825 for ePO 4.x).
Note: There are separate installers for this hotfix: ePOHF1014944_4x.exe and ePOHF1014944_5x.exe.
Use the appropriate installer for your McAfee ePO server and remote agent handlers.
o
ePOHF1014944_4x.exe will update ePO 4.6.x and any ePO 5.x remote agent handlers
installed on 32-bit operating systems.
o
ePOHF1014944_5x.exe is used for updating an ePO 5.x server and any remote agent
handlers installed on 64-bit operating systems.
Administrator’s notes
This hotfix must be installed on the McAfee ePO server, and any remote agent handlers where the
ssleay32.dll file version is not 1.0.1.10 or later. See below for more information.
FIPS 140-2 installations of McAfee ePO are NOT vulnerable. These updates will not install in FIPS mode.
If, after this hotfix is installed, McAfee ePO is reinstalled, then you must reapply this hotfix. Later patch
releases include this fix or include updated files.
Install the software on McAfee ePO and remote agent handlers
Follow these steps to install this hotfix.
Task
1
Extract the contents of ePOHF1014944.zip.
2
Run the appropriate ePOHF1014944_*x.exe and follow the on-screen instructions.
Install the software on McAfee ePO server clusters
Follow these steps to install this hotfix in your cluster environment.
Important: Perform the installation on the node where the first installation of McAfee ePO was
performed. The hotfix does not need to be installed on any other nodes.
Task
1
Close all connections (open consoles, either remote or local) to the McAfee ePO server.
2
Shut down all passive nodes. Although this is optional, we highly recommend this step to ensure
that the installation is isolated to the active node.
3
Use the Failover Cluster Manager to take the following McAfee ePO services offline:
a.
Apache
b.
Event Parser
c.
Tomcat
2
4
Copy the ePOHF1014944.zip file to a temporary folder on the node where the first installation
of McAfee ePO was performed.
5
Extract the contents of ePOHF1014944.zip.
6
Run the appropriate ePOHF1014944_*x.exe for your server operating system and follow the
instructions in the InstallShield wizard.
7
When the installation is finished, use the Failover Cluster Manager to bring these McAfee ePO
services online:
a.
Apache
b.
Event Parser
c.
Tomcat
Verify hotfix installation
Follow these steps to ensure that the hotfix was installed correctly.
Task
1
Go to the McAfee ePO or remote agent handler installation folder:
a.
McAfee ePO installation directory: <ePO Install folder>\Apache2\bin
b.
Remote agent handler installation directory: <AH Install folder>\apache\bin
2
Right-click ssleay32.dll, then select Properties.
3
Select the Details tab, and check the following property values:

File version will be 1.0.1.10

Product version will be 1.0.1j
Additional information
Important
The attached files are provided as is, and with no warranty either expressed or implied as to their
suitability for any particular use or purpose. McAfee, Inc. assumes no liability for damages incurred either
directly or indirectly as a result of the use of these files, including but not limited to the loss or damage of
data or systems, loss of business or revenue, or incidental damages arising from their use. Hotfix files
should be applied only on the advice of McAfee Technical Support, and only when you are actually
experiencing the issue being addressed by the hotfix. Hotfix files should not be proactively applied in
order to prevent potential product issues. You are responsible for reading and following all instructions
for preparation, configuration, and installation of hotfix files. Hotfix files are not a substitute or
replacement for product Service Packs which may be released by McAfee, Inc. It is a violation of your
software license agreement to distribute or share these files with any other person or entity without
written permission from McAfee, Inc. Further, posting of McAfee hotfix files to publicly available Internet
sites is prohibited. McAfee, Inc. reserves the right to refuse distribution of hotfix files to any company or
person guilty of unlawful distribution of McAfee software products. Questions or issues with McAfee
hotfix files should be directed to McAfee Technical Support.
Find product documentation
After a product is released, information about the product is entered into the McAfee online Knowledge
Center.
Task
1
Go to the McAfee ServicePortal at http://mysupport.mcafee.com and click Knowledge Center.
2
Enter a product name, select a version, then click Search to display a list of documents.
3
Copyright © 2014 McAfee, Inc. Do not copy without permission.
McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United
States and other countries. Other names and brands may be claimed as the property of others.
00-A
4