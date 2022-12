IBM i PTF Guide, Volume 24, Number 47

Doug Bidwell

It is a busy, busy week for the IBM i PTF Guide, folks. So get some coffee. There are a bunch of security vulnerabilities that you need to take a look at, and there are also some recommended fixes that are not included in either the PTF groups or the cumulative PTF updates.

First, there is Security Bulletin: IBM Transform Services for IBM i is vulnerable to denial of service, buffer overflow, and allowing attacker to obtain sensitive information due to multiple vulnerabilities, which you can read more about at this link. The fixes for this vulnerability can be found thus:

IBM i Release 5770-TS1 PTF Number 7.5 SI80776 7.4 SI80841 7.3 SI80909 7.2 SI80912

Second, there is Security Bulletin: IBM i Access Client Solutions is vulnerable to DLL hijacking when run on a Windows operating system (CVE-2022-40746), which you can find out more about at this link. Here is the rundown on this one. IBM i Access Client Solutions, 1.1.2 – 1.1.4, and 1.1.4.3 – 1.1.9.0: The issue can be fixed by upgrading to version 1.1.9.1 or later.

Third, Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to the October 2022 CPU, which you can find out more about here.

On a separate note, we have added to the IBM i PTF Guide information about cool tools from IBM i Technical Services relating to PowerHA Tools for IBM i – Full System FlashCopy. See link in the Guide by each release.

Finally, as we said above, there are recommended fixes for the IBM i platform that are not included in the cumes or groups – see the links in the Guide by each release. But here is an example called out so you know what we are talking about.

Now, here is the rundown of PTF Groups by IBM i release level since we last published:

PTF Groups 7.5:

HIPERs (High Impact/Pervasive)

Security

PowerHA Tools for IBM i – Full System FlashCopy (FSFC)

PTF Groups 7.4:

HIPERs (High Impact/Pervasive)

Security

PowerHA Tools for IBM i – Full System FlashCopy (FSFC)

IBM HTTP Server for i

PTF Groups 7.3:

HIPERs (High Impact/Pervasive)

Security

PowerHA Tools for IBM i – Full System FlashCopy (FSFC)

DB2 for IBM i

PTF Groups 7.2:

Nothing new here

New (or Updated) links added to the ‘Links’ tab in the guide this week:

Nothing

New (or Updated) links added to the ‘QMGtools’ tab in the guide this week:

None

New (or Updated) links added to the ‘ACS_NAV’ tab in the guide this week:

Restrict Functions in ACS, 645499

New (or Updated) links added to the ‘Prtr Links’ tab in the guide this week:

None

Tips/Definitions: How long has it been since you did a SAVE 21?

The Guide at a glance: There are no new defectives this week (11/19/22). Here is the defective PTF rundown, which is the last defective for each release:

Defective PTF rundown (The last defective for each release):

Defect Defective APAR Fixing Date PTF PTF -------- -------- ------- ------- 7.5 10/17/22 SI80935 SE78596 SI81306 (Latest TR required, read cover letter) 7.4 10/06/22 SI78850 SE78596 SI81304 (When available) 7.3 10/06/22 SI79965 SE78596 SI81305 (When available) 7.2 12/08/21 SI77634 SE73420 SI78039 (Read the link in the guide!)

Be sure to access the link in the Guide for further details.

