I am slightly confused about the large Patch 2 available for 8.2.1. Is this patch specifically targeted at vulnerabilities in the WebTier portion of Authentication Manager Server? Surely this isn't an installer for a WebTier instance - my understanding is that the installation package for a WebTier server is generated solely by the primary Authentication Manager server. *Essentially, am I safe to assume that Patch 2 changes how the WebTier package is generated so that it includes the fix for the vulnerability in Oracle WebLogic?*
If that is the case, would we actually need to go from 8.1.1.14 > 8.2.0.0 > 8.2.1.0 > 8.2.1.2 > 8.2.1.3 ?
Our implementation has the WebTier(s) running on Windows Server virtual instances. I have inherited the implementation and am planning the upgrade path. Please advise.
Have skimmed through the following already:
RSA Authentication Manager 8.2 SP1 Patch 2 - Web-Tier Server Readme
It is a full installer.
It can be installed against an 8.2.1.2.0 primary or higher.
If installed against 8.2.1.3.0 or higher primary the web tier 8.2.1.2.0 will become 8.1.2.3.0 (or whatever the primary version is) once it sets itself up.
Sometimes we release patches, and the web tier can be updated via the primary ops console 'update web tier' process,
sometimes we release patches that also have a full web tier installer, so it is important to remember this.
And now, today, we have 8.2.1.4.0 patch and web tier full installer.