Check Point fixes the reported issues and provides hotfixes. Depending on the fixed code, a hotfix might be provided as a Linux kernel RPM with improved Linux kernel / improved hardware drivers, or as a separate hotfix package to replace Check Point files.
In order to check, which RPM packages were installed on the machine, collect the list of current RPM packages and compare it with the list of RPM packages, which were installed by default from ISO.
List of RPM packages, which are installed by default from ISO can only be obtained right after installing Check Point from ISO. Meaning, that a clean install must be performed (this can be done even in VMWare).
Check Point software consists of various parts - e.g., FW1 (main FireWall code), CVPN (Mobile Access code), SecurePlatform (OS code on Gaia / SecurePlatform), etc. Some hotfixes replace files only in one part, while other hotfixes replace files in several parts (e.g., Jumbo Hotfix Accumulators). Therefore, the search for hotfixes in Check Point Registry file should be performed in the entire file.
Refer to Check Point Registry file:
On Gaia / SecurePlatform / IPSO / XOS:
On Windows OS:
Information is saved in Windows Registry - in HKEY_LOCAL_MACHINE\SOFTWARE\CheckPoint\
Excerpt from Release Notes of the 'FOXX_HF_HA40_041' hotfix:
Files updated by this hotfix (Linux):
please verify that in the cpvinfo output on the below files you see :
Module Name = NACServer
Minor Release = foxx_hf_ha40_041
Build Number = 986041005
Therefore, we run: [Expert@HostName]# cpvinfo /opt/CPsuite-R75.40/fw1/lib/libpdplib.so | grep -E "Build|Minor"
The output should show: Build Number = 986041005 Minor Release = foxx_hf_ha40_041