How to upgrade Java Development Kit (JDK) supplied with CA Business Intelligence (CABI) 3.3 SP1 to address potential security vulnerabilities.

Document ID : KB000048412
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

CABI ships Oracle JDK 1.6 Update 35 with CABI 3.3 SP1 (aka CABI r3.2 SP6).

Certain security scan software might detect vulnerabilities with JDK Update 35 and earlier. To address these vulnerabilities, JDK 6 Update 36 and later can be used. Please be aware that the JDK has to be 32-bit not 64-bit.

This document will provided steps on how to upgrade JDK supplied with CABI 3.3 SP1 to address potential security vulnerabilities.

Solution:

  1. Take a backup/snapshot of the CABI server and CMS database

  2. Stop Tomcat and SIA from the Central Configuration Manager (CCM)

  3. Go to the "SC\CommonReporting3\Tomcat7\work\Catalina\localhost" folder on the CABI server and delete the contents of this folder.

  4. Go to the "SC\CommonReporting3\" folder on the CABI server and rename folder javasdk to javasdk_original. Create a new folder called javasdk in the same location.

  5. Download the JDK installer file 'jdk-6u45-windows-i586' from http://www.oracle.com/technetwork/java/javase/downloads/java-archive-downloads-javase6-419409.html#jdk-6u45-oth-JPR

  6. Run the JDK installer with 'Run as Administrator"

  7. Change the installation folder of the JDK to "SC\CommonReporting3\javasdk".

  8. A JRE installation will start after the JDK installation. Change the installation folder to "SC\CommonReporting3\javasdk\jre6".

  9. Once the installation is complete, restart Tomcat and SIA from the CCM

  10. Wait a few minutes for Java and Tomcat to fully initialize and test report functionality.