This document provides installation instructions for CVP10.5(1) ES28. It also contains a list of CVP issues resolved by this engineering special. Please review all sections in this document pertaining to installation before installing the product. Failure to install this engineering special as described may result in inconsistent CVP behavior.
This document contains these sections:
The Product Alert Tool
offers you the ability to set up one or more profiles
that will enable you to receive email notification of new Field Notices,
Product Alerts or End of Sale information for the products that you have selected.
The Product Alert Tool is available at
http://www.cisco.com/cgi-bin/Support/FieldNoticeTool/field-notice
This patch upgrades the version of the Apache Commons Collections jar from 3.2.1 to 3.2.2. This is required to mitigate the Apache security vulnerability CWE-502 detailed here: https://www.kb.cert.org/vuls/id/576313
Although CVP code does not use the class (InvokerTransformer) affected by the above vulnerability, we are still upgrading the jar version to be safe, in case a future version of the product ends up using the class for deserialization of objects.
This section provides information to help you understand on which CVP servers CVP10.5(1) ES28 can and should be installed. "these versions/components/servers are supported, and these other ones aren't".
This patch is applicable only on CVP version 10.5(1), with or without any other patches already installed.
This section lists the CVP components on which this engineering special can be installed, and those on which it cannot.
CVP10.5(1) ES28 is compatible with and should be installed on these CVP components:
Patching Unified CVP Call Server:
Patching Unified CVP Reporting Server:
Patching Unified CVP OAMP Server:
Note:
You may want to apply this patch late at night, because it requires rebooting the servers listed in above section, post installation.
After installing/uninstalling this patch, stop the VXML Server service and copy (replace) the file commons-collections.jar from C:\Cisco\CVP\lib\ to C:\Cisco\CVP\VXMLServer\Tomcat\webapps\CVP\WEB-INF\lib. Restart the VXML Server service.
To uninstall this patch, go to Control Panel. Select "Add or Remove Programs". Find the installed patch in the list and select "Remove".
Note: Patches have to be removed in the reverse order in which they were installed. For example, if you had installed patches 3, then 5, then 10 for a product, you will need to uninstall patches 10, 5 and 3 in that order to remove all patches for that product.
This section provides a list of significant CVP defects resolved by this engineering special. It contains these subsections:
Note: You can view more information on and track individual CVP defects using the Cisco Bug Toolkit located at: http://www.cisco.com/support/bugtools/Bug_root.html
This section lists caveats specifically resolved by CVP10.5(1) ES28.
Caveats in this section are ordered by CVP component, severity, and then identifier.
Be sure to include ALL of the resolved caveats for the files you're delivering, i.e. all of the caveats from the release notes of the previous ES which included these files.
| Identifier | Severity | Component | Headline |
|---|---|---|---|
| CSCux35046 | 3 | install | Evaluation of isn for Java_December_2015 |
Caveats are ordered by severity then defect number.
Be sure to include ALL of the resolved caveats for the files you're delivering, i.e. all of the caveats from the release notes of the previous ES which included these files.
Defect Number: CSCux35046
Component: install
Severity: 3
Headline: Evaluation of isn for Java_December_2015
The following sections provide sources for obtaining documentation from Cisco Systems.
You can access the most current Cisco documentation on the World Wide Web at the following sites:
Cisco documentation and additional literature are available in a CD-ROM package, which ships with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or as an annual subscription.
Cisco documentation is available in the following ways:
If you are reading Cisco product documentation on the World Wide Web, you can submit technical comments electronically. Click Feedback in the toolbar and select Documentation. After you complete the form, click Submit to send it to Cisco.
You can e-mail your comments to bug-doc@cisco.com.
To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:
Attn Document Resource Connection
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-9883
We appreciate your comments.
Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools. For Cisco.com registered users, additional troubleshooting tools are available from the TAC website.
Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information and resources at anytime, from anywhere in the world. This highly integrated Internet application is a powerful, easy-to-use tool for doing business with Cisco.
Cisco.com provides a broad range of features and services to help customers and partners streamline business processes and improve productivity. Through Cisco.com, you can find information about Cisco and our networking solutions, services, and programs. In addition, you can resolve technical issues with online technical support, download and test software packages, and order Cisco learning materials and merchandise. Valuable online skill assessment, training, and certification programs are also available.
Customers and partners can self-register on Cisco.com to obtain additional personalized information and services. Registered users can order products, check on the status of an order, access technical support, and view benefits specific to their relationships with Cisco.
To access Cisco.com, go to: http://www.cisco.com
The Cisco TAC website is available to all customers who need technical assistance with a Cisco product or technology that is under warranty or covered by a maintenance contract.
If you have a priority level 3 (P3) or priority level 4 (P4) problem, contact TAC by going to the TAC website: http://www.cisco.com/tac
P3 and P4 level problems are defined as follows:
In each of the above cases, use the Cisco TAC website to quickly find answers to your questions.
To register for Cisco.com, go to the following website: http://www.cisco.com/register/
If you cannot resolve your technical issue by using the TAC online resources, Cisco.com registered users can open a case online by using the TAC Case Open tool at the following website: http://www.cisco.com/tac/caseopen
If you have a priority level 1(P1) or priority level 2 (P2) problem, contact TAC by telephone and immediately open a case. To obtain a directory of toll-free numbers for your country, go to the following website: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
P1 and P2 level problems are defined as follows: