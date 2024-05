IBM i PTF Guide, Volume 26, Number 17

Doug Bidwell

Some of the links in the IBM i PTF Guide appear to be broken, but don’t worry about them. IBM is in the process of changing the format of the Cover page for IBM i patches and a few of the links are stuck in the middle. We will attempt to get them back in synch by the next issue. This is the effect of the latest in IBM’s efforts to make the web information for IBM less verbose and more accessible. Any comments on such, please share!

And now, some security vulnerabilities for IBM. Four, to be precise.

First, we have Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a denial of service (CVE-2024-27268), which you can find out more about at this link. This affects IBM WebSphere Application Server Liberty releases 18.0.0.2 through 24.0.0.4.

Second, there is PH59146: IBM WebSphere Application Server Liberty is vulnerable to a denial of service (CVE-2024-22353 CVSS 5.9), for which you can get more information at this link.

Third, we have Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to a denial of service (CVE-2024-25026), with more information available here. The affected products are as follows:

Affected Product(s) Version(s) IBM WebSphere Application Server Liberty 17.0.0.3 - 24.0.0.4 IBM WebSphere Application Server 8.5 IBM WebSphere Application Server 9.0

Fourth, we have Security Bulletin: IBM Administration Runtime Expert for i is vulnerable to attacker executing arbitrary code on the system due to Dojo (CVE-2021-23450), with more details at this link. The IBM i PTF number for 5733-ARE contains the fix to resolve the vulnerability.

IBM i Release 5733-ARE PTF Number 7.5 SJ00250 7.4 SJ00250 7.3 SJ00250 7.2 SJ00250

Here is the rundown of PTF Groups by IBM i release level since we last published:

PTF Groups 7.5:

HIPERs (High Impact/Pervasive)

Security

IBM MQ for IBM i – v9.2.0/v9.3.0

Content Manager OnDemand for i – 5770-RD1 7.5

Fix list for IBM WebSphere Application Server Liberty

SAP support required PTF list for IBM i 7.5

Defective PTFs

MustGather: How To Obtain and Install QMGTOOLS

PTF Groups 7.4:

HIPERs (High Impact/Pervasive)

Security

TCP/IP

Backup Recovery Solutions

MQ for IBM i – v9.0.0/v9.1.0/v9.2.0/v9.3.0

Content Manager OnDemand for i – 5770-RD1

SAP support required PTF list for IBM i 7.4

Defective PTFs

MustGather: How To Obtain and Install QMGTOOLS

PTF Groups 7.3:

HIPERs (High Impact/Pervasive)

Security

MQ for IBM i – v7.1.0/v8.0.0/V9.0.0/V9.1/V9.2

MustGather: How To Obtain and Install QMGTOOLS

Tip O’ The Week: IBM Power Systems get an update and take it to the edge. Register for the webcast covering the announcement, which will be held on May 14, at https://ibm.webcasts.com/starthere.jsp?ei=1664204&tp_key=10fd9b4ab8.

New (or Updated) links added to the ‘Links’ tab in the guide this week:

Precisely: V7R5M0 Recommended PTFs

Content Manager: Available PTFs For Content Manager OnDemand For i V7.5 6555380

PTF: IBM i Group PTFs with level, 7025229

New (or Updated) links added to the ‘QMGtools’ tab in the guide this week:

None

New (or Updated) links added to the ‘ACS_NAV’ tab in the guide this week:

ACS: Getting started with Run SQL Scripts and IBM i Services

New (or Updated) links added to the ‘Prtr Links’ tab in the guide this week:

None

New (or Updated) links Redbooks added this week:

None

The Guide at a glance: There are new defectives this week (05/04/24). Here is the defective PTF rundown, which is the last defective for each release:

Defect Defective APAR Fixing Date PTF PTF -------- -------- -------- ----------------------- 7.5 04/23/24 SI85693 DT378886 SJ00269 (When available) SI84240 7.4 04/23/24 SI85692 DT378886 SJ00268 (When available) SI84239 7.3 01/10/24 SI85576 SE81023 SI85663 (When available)

Be sure to access the link in the Guide for further details.

