Pega Security Advisory - Apache Log4j - Vulnerability Hotfixes error for Pega 8.6 &8.5.3v

HARIL043 · December 21, 2021, 11:21am

For 8.6version - We got a zip “DL-7585_HF-54923.zip” file from HF-54923 request and For 8.5.3v - We got a zip “DL-7585_HF-54924.zip” file from HF-549254 request.

When we tried to import using hot fix manager from UI, getting this error message

“Signature verification failed for DL-7577_HF-54923.zip: Failed to verify signatures: Unable to determine revocation status due to network error”.
“Signature verification failed for DL-7577_HF-54923.zip: Failed to verify signatures: Unable to determine revocation status due to network error”.
Please see the attachment.

KarthikMutupuri · December 21, 2021, 1:24pm

@HARIL043 This could be due to the HFIX getting corrupted. Request a copy from Pega GCS ftp link by raising a Pega Support ticket

HARIL043 · December 22, 2021, 6:00am

@KarthikM6254 , found a solution - need to change the hotfixmanager/enableRevocation DSS to false and it worked.

Conversation		Replies	Views
Vulnerability Hotfixes:Signature verification failed General pega-platform , senior-system-architect , security , case-management , financial-services , 8-6	4	1553	November 17, 2023
Pega 8.6- Hotfix Installation Issue General system-architect , data-model , healthcare-and-life-sciences , pega-claims-repair-for-healthcare	1	234	July 6, 2023
page not found for pega 8 log 4j 2.17 hotfix details General security , updates , 8-4-1	3	80	January 5, 2022
Require H22 Hotfix id for Pega version 8.6.5 General security , installation-and-deployment , healthcare-and-life-sciences , 8-6-5	7	445	January 11, 2023
Unable to install hotfix's General security , system-administration , installation-and-deployment , 8-8-1	5	242	November 9, 2023

Pega Security Advisory - Apache Log4j - Vulnerability Hotfixes error for Pega 8.6 &8.5.3v

Related topics