[IQUG] [Alert: Spoofed 'From Address' Detected] Re: [Alert: Spoofed 'From Address' Detected] FW: IQ 16.0 PL21 data corruption issue and downgrade procedure

Louie, David David.Louie at blackrock.com
Fri Jan 4 15:02:48 MST 2019


Point taken.  Good thing this was the case!

From: Gehman, Kirby [mailto:kirby.gehman at sap.com]
Sent: Friday, January 04, 2019 2:23 PM
To: Louie, David <David.Louie at blackrock.com>; iqug at iqug.org
Subject: RE: [IQUG] [Alert: Spoofed 'From Address' Detected] Re: [Alert: Spoofed 'From Address' Detected] FW: IQ 16.0 PL21 data corruption issue and downgrade procedure


External Email: Use caution with links and attachments
I did want to add that this was a rather exceptional circumstance and the information that it’s not possible to roll back once ALTER DATABASE UPGRADE has been run is still the official stance.



Kirby Gehman
Platinum Technical Support Engineer
Digital Business Services
SAP North America
T +1 519 883-4803, E kirby.gehman at sap.com<mailto:kirby.gehman at sap.com>

http://www.sap.com/<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.sap.com_&d=DwMGaQ&c=zUO0BtkCe66yJvAZ4cAvZg&r=hvVkP5y30w3_fHBwXsoZ2pqbwQXietniE01Z666b0tE&m=iTrXEmOlXUeWSWtPhZglFMwPOQX2YIOwUDiV1m002vQ&s=Dfauxsn-8v7LWAbnS2p1m5oM9oRwzWd_KwFlslZ6NI8&e=> unsubscribe<https://urldefense.proofpoint.com/v2/url?u=https-3A__global.sap.com_profile_unsubscribe.epx-3FPID-3D10386-26PFID-3D12894&d=DwMGaQ&c=zUO0BtkCe66yJvAZ4cAvZg&r=hvVkP5y30w3_fHBwXsoZ2pqbwQXietniE01Z666b0tE&m=iTrXEmOlXUeWSWtPhZglFMwPOQX2YIOwUDiV1m002vQ&s=hn3kmImkDkLxIdD2_OUvOJ9-kQsKorjs2MfnaxoCFS0&e=>



From: Louie, David <David.Louie at blackrock.com<mailto:David.Louie at blackrock.com>>
Sent: Friday, January 4, 2019 1:17 PM
To: Gehman, Kirby <kirby.gehman at sap.com<mailto:kirby.gehman at sap.com>>; iqug at iqug.org<mailto:iqug at iqug.org>
Subject: RE: [IQUG] [Alert: Spoofed 'From Address' Detected] Re: [Alert: Spoofed 'From Address' Detected] FW: IQ 16.0 PL21 data corruption issue and downgrade procedure

Thanks Kirby for the feedback and responding to the case I opened.

I did the downgraded yesterday from PL21 to PL20 as planned and no longer have any concerns given this new information.

-David

From: Gehman, Kirby [mailto:kirby.gehman at sap.com]
Sent: Thursday, January 03, 2019 3:31 PM
To: Louie, David <David.Louie at blackrock.com<mailto:David.Louie at blackrock.com>>; iqug at iqug.org<mailto:iqug at iqug.org>
Subject: RE: [IQUG] [Alert: Spoofed 'From Address' Detected] Re: [Alert: Spoofed 'From Address' Detected] FW: IQ 16.0 PL21 data corruption issue and downgrade procedure


External Email: Use caution with links and attachments
Hi David,

You can not downgrade a database once changes have been made to it as part of the ALTER DATABASE UPGRADE.  For example, if changes are made to system tables or system stored procs.  Not every PL includes changes to the catalog structures like that.

In the upgrades that are listed, there were no significant changes to the catalog, so simply changing back to the original binaries is sufficient to roll back the upgrade.

In the example you provided, moving from 15 to 16 is a very significant change to the catalog and data structures, so rolling back to the old binaries would not be possible.

Make sense?



Kirby Gehman
Platinum Technical Support Engineer
Digital Business Services
SAP North America
T +1 519 883-4803, E kirby.gehman at sap.com<mailto:kirby.gehman at sap.com>

http://www.sap.com/<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.sap.com_&d=DwMGaQ&c=zUO0BtkCe66yJvAZ4cAvZg&r=hvVkP5y30w3_fHBwXsoZ2pqbwQXietniE01Z666b0tE&m=6utFrpJkyztg_vZ8iGglAyVW5Cm1dp3V6X5BzI5J5B4&s=pKPXJleKOT1EUKTo9632phhqFcMtFDXLwCWcvzOQiz8&e=> unsubscribe<https://urldefense.proofpoint.com/v2/url?u=https-3A__global.sap.com_profile_unsubscribe.epx-3FPID-3D10386-26PFID-3D12894&d=DwMGaQ&c=zUO0BtkCe66yJvAZ4cAvZg&r=hvVkP5y30w3_fHBwXsoZ2pqbwQXietniE01Z666b0tE&m=6utFrpJkyztg_vZ8iGglAyVW5Cm1dp3V6X5BzI5J5B4&s=lcDE0UUdtKSwobTOfiwhwj4Ob2eChkvifuPusxFNKo0&e=>



From: iqug-bounces at iqug.org<mailto:iqug-bounces at iqug.org> <iqug-bounces at iqug.org<mailto:iqug-bounces at iqug.org>> On Behalf Of Louie, David
Sent: Thursday, January 3, 2019 1:51 PM
To: iqug at iqug.org<mailto:iqug at iqug.org>
Subject: Re: [IQUG] [Alert: Spoofed 'From Address' Detected] Re: [Alert: Spoofed 'From Address' Detected] FW: IQ 16.0 PL21 data corruption issue and downgrade procedure


This is the doc on the SAP site stating that once ALTER database upgrade was done reverting back to old patch or rev is impossible unless you restore from backup.

Resolution
If all that has been done is starting the SAP IQ database with new binaries, then simply restarting the server with the old binaries is possible.
However, once ALTER DATABASE has been run, there is no way to downgrade or undo the upgrade to the database.
In an upgrade from SAP Sybase IQ 15 to SAP IQ 16, there is no way to rollback, downgrade or undo the upgrade.
In all circumstances, restoring from backups that were taken prior to the upgrade is the only solution.
Why is this possible now going from PL21 back to PL20?

1.    If you installed one of the affected PL21, PL13, or PL03 patch releases, and if you performed an ALTER DATABASE UPGRADE after that upgrade operation, check your database options. Some database option settings changed due to your upgrade to PL21, PL13, or PL03. For example, the FP_NBIT_ENABLE_TOKENCOUNT_CHECK option default value changed to ON from OFF in PL21, PL13, and PL03. For information on checking your database options after an upgrade, see Review the SAP IQ Options Every Time You Upgrade<https://urldefense.proofpoint.com/v2/url?u=https-3A__help.sap.com_viewer_664aec65107f4c26a686e3228d71654c_16.1.3.3_en-2DUS_39d7f37ba06c47559158c03be6143e90.html&d=DwMGaQ&c=zUO0BtkCe66yJvAZ4cAvZg&r=hvVkP5y30w3_fHBwXsoZ2pqbwQXietniE01Z666b0tE&m=lwRjo1y0qwhpOWqdMvP0lkDHzOLzm51QEYkwj59SXts&s=0N6AMeM4cyCQgz0YsNpiF4nBkymLBaU5eO03NdxyTNU&e=> in the SAP IQ Best Practices Guide.


From: iqug-bounces at iqug.org<mailto:iqug-bounces at iqug.org> [mailto:iqug-bounces at iqug.org] On Behalf Of Louie, David
Sent: Thursday, January 03, 2019 2:39 PM
To: iqug at iqug.org<mailto:iqug at iqug.org>
Subject: [Alert: Spoofed 'From Address' Detected] Re: [IQUG] [Alert: Spoofed 'From Address' Detected] FW: IQ 16.0 PL21 data corruption issue and downgrade procedure


External Email: Use caution with links and attachments
Here’s the SAP instructions.  It affects the latest version of 16.0 SP11.PL21, and two 16.1 versions SP02, SP03

Reason and Prerequisites
A bug exists in the PL21, PL13, and PL03 patch releases listed above. This bug has been isolated and fixed, and the fix will be available in the next PL releases for SAP IQ 16.0 SP11, SAP IQ 16.1 SP02, and SAP IQ 16.1 SP03.
The affected PL21, PL13, and PL03 patch releases have been removed from the SAP Software Download Center.
Solution
Downgrade your installation. Install the previous patch level release for your operating system from the SAP Software Download Center.
1.    Shut down the SAP IQ server.
2.    Remove the affected patch:
a.    Uninstall the PL03, PL13, or PL21 patch,
or
b.    Run the setup for the previous patch release, and overlay previous patch release binaries on top.
3.    Restart the SAP IQ server using the previous patch level release binaries.

Note: ALTER DATABASE UPGRADE is not required for this installation downgrade procedure.
4.    If you installed one of the affected PL21, PL13, or PL03 patch releases, and if you performed an ALTER DATABASE UPGRADE after that upgrade operation, check your database options. Some database option settings changed due to your upgrade to PL21, PL13, or PL03. For example, the FP_NBIT_ENABLE_TOKENCOUNT_CHECK option default value changed to ON from OFF in PL21, PL13, and PL03. For information on checking your database options after an upgrade, see Review the SAP IQ Options Every Time You Upgrade<https://urldefense.proofpoint.com/v2/url?u=https-3A__help.sap.com_viewer_664aec65107f4c26a686e3228d71654c_16.1.3.3_en-2DUS_39d7f37ba06c47559158c03be6143e90.html&d=DwMGaQ&c=zUO0BtkCe66yJvAZ4cAvZg&r=hvVkP5y30w3_fHBwXsoZ2pqbwQXietniE01Z666b0tE&m=lwRjo1y0qwhpOWqdMvP0lkDHzOLzm51QEYkwj59SXts&s=0N6AMeM4cyCQgz0YsNpiF4nBkymLBaU5eO03NdxyTNU&e=> in the SAP IQ Best Practices Guide.


From: iqug-bounces at iqug.org<mailto:iqug-bounces at iqug.org> [mailto:iqug-bounces at iqug.org] On Behalf Of Louie, David
Sent: Thursday, January 03, 2019 1:36 PM
To: iqug at iqug.org<mailto:iqug at iqug.org>
Subject: [Alert: Spoofed 'From Address' Detected] [IQUG] FW: IQ 16.0 PL21 data corruption issue and downgrade procedure


External Email: Use caution with links and attachments

Happy New Year Everyone!

We received an alert from SAP stating that due to ‘serious data corruption issues’ we should stop using IQ 16.0 SP11.PL21 immediately.

This data corruption is so serious SAP has removed the SP11.PL21 binaries from their download page.

Fortunately we only had it installed on one DEV server.

SAP has advised we can downgrade from SP11.PL21 back to SP11.PL20 simply by shutting down the server, rerunning the setup.bin (PL20)
and then restarting the server.  They state ALTER DATABASE upgrade need not be run for the rollback.

I just tested out the downgrade from PL21 --> PL20 on our lab host.

ALTER database upgrade needs to be run.  sp_iqcheckdb ( and a lot of other things I would think) breaks otherwise
1> sp_iqcheckdb 'check database'
2> go
Msg 213, Level 16, State 0:
SQL Anywhere Error -207: Wrong number of values for INSERT
(0 rows affected)
1> sp_iqcheckdb 'allocation database'
2> go
Msg 213, Level 16, State 0:
SQL Anywhere Error -207: Wrong number of values for INSERT
(0 rows affected)
1> alter database upgrade
2> go
Database upgrade started
Creating system views
Creation of system views completed
Creating DBO views
Creation of DBO views completed
Creating system procedures
Creation of system procedures completed
Creating system views
Creation of system views completed
Setting option values
Setting option values completed
Creating migration procedures
Creation of migration procedures completed
Creating jConnect procedures
Creation of jConnect procedures completed
(1    row affected)
1>quit


1> sp_iqcheckdb 'allocation database'
2> go
Stat
         Value
         Flags
--------------------------------------------------
         --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
         ------
==================================================
         ==============================
         ======
DBCC Allocation Mode Report


==================================================
         ==============================
         ======
    DBCC Status
         No Errors Detected




==================================================
         ==============================
         ======
Allocation Summary

Additionally the doc states that if you ran ALTER DATABASE UPGRADE after patching to PL21 you should check the options which may have changed.

The fact that you can downgraded from PL21 to PL20 is  contrary to what was stated in the past which was patching or upgrades were irreversible and restore from backup was the only way to downgrade.

Should we be concerned about this downgrade procedure?

Thanks
David


This message may contain information that is confidential or privileged. If you are not the intended recipient, please advise the sender immediately and delete this message. See http://www.blackrock.com/corporate/compliance/email-disclaimers for further information.  Please refer to http://www.blackrock.com/corporate/compliance/privacy-policy for more information about BlackRock’s Privacy Policy.
For a list of BlackRock's office addresses worldwide, see http://www.blackrock.com/corporate/about-us/contacts-locations.

© 2019 BlackRock, Inc. All rights reserved.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://iqug.org/pipermail/iqug/attachments/20190104/0fd2823f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 4700 bytes
Desc: image001.png
URL: <http://iqug.org/pipermail/iqug/attachments/20190104/0fd2823f/attachment-0001.png>


More information about the IQUG mailing list