IBM i PTF Guide, Volume 24, Number 19
May 11, 2022 Doug Bidwell
So here is what’s new. Here is a notice at the top of the Fix Central Home Page: “Your action may be required. IBM will implement infrastructure improvements to electronic fix distribution on June 4, 2022. IP and hostnames will change for servers that support fix delivery. New connections are required. You must configure your firewall and proxy server if you have a firewall in your network, or if your machine uses a proxy server to access the internet. Please see preparing firewalls and proxies.”
And here is another note from the PTF Cume Cover Letter: “IMPORTANT: Permanently apply any temporarily applied Licensed Internal Code PTFs on your partition before installing this cumulative PTF package:
APYPTF LICPGM(5770999) SELECT(*ALL) APY(*PERM)
This is mandatory going forward according to IBM Tech Support.”
Also, there is a Security Bulletin: Due to use of Apache Log4j, OmniFind Text Search Server for DB2 for i is vulnerable to arbitrary code execution (CVE-2021-4104), which you can find out more about here. PTF Fixes are here:
OmniFind for i Release IBM i Release PTF Number V1R6M0 7.5 SI78636,SI78665,SI78673 V1R5M0 7.4 SI78753,SI78754,SI78755 V1R4M0 7.3 SI78756,SI78757,SI78758 V1R3M0 7.2 SI78751,SI78759,SI78760,SI78761
And another Security Bulletin: IBM i components are vulnerable to data access due to CVE-2022-22481, which you can read about there.
IBM Navigator for i (heritage version only) – IBM i 7.4, 7.3, and 7.2 (heritage version). This issue can be fixed by applying PTFs to IBM i. The IBM i PTF numbers containing the fix:
Affected Product(s) Version(s) IBM i Release 5770-SS1 PTF Number 7.4 SI79557 SI79558 7.3 SI79559 SI79560 7.2 SI79561 SI79562
It is strongly recommended that IBM Navigator for i – heritage version not be used due to other vulnerabilities as documented in this security bulletin: https://www.ibm.com/support/pages/node/6539162.
Statement of direction – IBM intends in the future to remove IBM Navigator for i heritage version by deleting all associated files from the system for IBM i 7.3 & 7.4 releases.
Important note: IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products.
And there is another Log4j mitigation sheet, which you can download here.
Here is the rundown of PTF Groups by IBM i release level since we last published:
PTF Groups 7.4:
PTF Groups 7.3:
- Nothing as well
PTF Groups 7.2:
- IBM HTTP Server for i
PTF Groups 7.1:
- And again nothing
New (or Updated) links added to the ‘Links’ tab in the guide this week:
- System V7R5 Memo to Users
New (or Updated) links added to the ‘QMGtools’ tab in the guide this week:
New (or Updated) links added to the ‘ACS_NAV’ tab in the guide this week:
- Enabling SSL/TLS for IBM Navigator for i 667835
Tips/Definitions: No time.
The Guide at a glance: There are no new defectives this week (05/07/22). Here is the defective PTF rundown, which is the last defective for each release:
Defect Defective APAR Fixing Date PTF PTF -------- -------- ------- ------- 7.5 No Entries 7.4 2/16/22 MF69373 MA49558 MF69650 (Read the link in the guide!) MF69241 7.3 2/16/22 SI78508 SE77164 SI78674 (Read the link in the guide!) 7.2 12/08/21 SI77634 SE73420 SI78039 (Read the link in the guide!) 7.1 07/29/19 SI69653 SE71807 SI70603 (5733SC1, OpenSSH, available!)
Be sure to access the link in the Guide for further details.
Below is the usual archive of the IBM i PTF Guide to help you work through the PTFs in chronological order: