Doug Bidwell

IBM i PTF Guide, Volume 27, Number 40

October 6, 2025 Doug Bidwell

Welcome to another edition of the IBM i PTF Guide. Let’s get right to it.

This week we start off with new microcode for Firmware 1050. . . specifically for 1050.52 and 1050.60 levels. These service packs include the following Security/HIPER issues: A security problem was fixed for CVE-2025-52497 and CVE-2025-49087 and a security problem was fixed for CVE-2025-38556. This applies to IBM Power S1022s (9105-22B), Power S1022 (9105-22A), and Power S1014 (9105-41B) machines.

There is also another security vulnerability in the integrated Apache Web server embedded in IBM i. See Security Bulletin: IBM WebSphere Application Server is affected …
Read more
IBM i PTF Guide, Volume 27, Number 39

September 29, 2025 Doug Bidwell

It is another quiet week in IBM i Land, where we once again have two security bulletins but also have a transition to end of support services for the Power S924.

On the security vulnerability front, we have Security Bulletin: IBM i is affected by denial of service vulnerabilities in IBM WebSphere Application Server Liberty [CVE-2025-36097, CVE-2025-36047, CVE-2025-48976], which you can find out more here. Here are the patches for this issue by release:
```
IBM i Release	5770-SS1 Option 3	PTF Number(s)
7.6				        SJ06595
7.5				        SJ06596
7.4				        SJ06597
7.3				        SJ06599	
7.2				        SJ06601
```
Second, we have Security Bulletin: IBM i …
Read more
IBM i PTF Guide, Volume 27, Number 38

September 22, 2025 Doug Bidwell

It’s another quiet week in Lake Security Vulnerabilities Be Gone, with the drought on the Eastern seaboard meeting a cold snap that is bringing autumn colors to the leaves a bit earlier than many had expected or liked. It is better than rain, mind you, except when it starts fires.

The good news is that there were no security vulnerabilities this week. So all secure there if you are up to date.

Here is the rundown of PTF Groups by IBM i release level since we last published:

PTF Groups 7.6:
- SAP support required PTF list for IBM i 7.6
…
Read more
IBM i PTF Guide, Volume 27, Number 37

September 15, 2025 Doug Bidwell

This week in IBM i Land, we have two security bulletins, and new System Planning Tool adding the Power11 machines, and a bunch of new microcode. Let’s start with the security vulnerabilities as we always do.

First, we have Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a denial of service due to Apache Commons FileUpload (CVE-2025-48976). The affected products are:
```
Affected Product(s)				Version(s)
IBM WebSphere Application Server		9.0
IBM WebSphere Application Server		8.5
IBM WebSphere Application Server Liberty		17.0.0.3 - 25.0.0.8
```
Second, we have Security Bulletin: IBM WebSphere Application Server Liberty could provide …
Read more
IBM i PTF Guide, Volume 27, Numbers 34, 35, And 36

September 8, 2025 Doug Bidwell

We are determined to get back in synch with the publication schedule of The Four Hundred and the IBM i PTF Guide, so this week you get three issues of the latter inside of one issue of the former, a necessity because PTFs never rest even if publications do take a breather every once in a while.

In Number 34, this was the rundown of PTF Groups by IBM i release level we did on August 23:

PTF Groups 7.6:
- HIPERs – High Impact Pervasive
- Group Security
PTF Groups 7.5:
- HIPERs (High Impact/Pervasive)
- Group Security
PTF Groups 7.4:
- HIPERs
…
Read more
IBM i PTF Guide, Volume 27, Number 33

August 25, 2025 Doug Bidwell

It might be a good and convenient thing that the WebSphere Application Server, the Web server embedded in the IBM i platform two and a half decades ago and making it part of the Internet, is based on the open source Apache Web server. But it sure does have a lot of patches. The good news is that because it is open source, it is patched regularly and problems do not fester in obscurity.

In this week’s IBM i PTF Guide, there are a slew of security vulnerabilities related to WebSphere, as there sometimes is. Let’s walk through them all. …
Read more
IBM i PTF Guide, Volume 27, Numbers 31 And 32

August 18, 2025 Doug Bidwell

We are finally getting back to the normal cadence for the IBM i PTF Guide by doubling up editions to get everything current. Our apologies for the asynchronous delays, which were caused by vacations that we actually took here at IT Jungle for once.

Number 30 of the Guide was put together on August 2. There were two security vulnerabilities to cope with.

First, we have Security Bulletin: IBM WebSphere Application Server is affected by arbitrary code execution (CVE-2025-36038), with more information at this link. Affected products include IBM WebSphere Application Server 8.5 and 9.0.

Second, we have Security …
Read more
IBM i PTF Guide, Volume 27, Number 30

August 11, 2025 Doug Bidwell

We are still a little bit out of phase with holidays and vacations and playing some catch up with the IBM i PTF Guide. In Number 30, which was put together on July 26, there were a slew of issues and things, starting with three security vulnerabilities.

First, we have Security Bulletin: IBM i is affected by errors in OpenSSL as part of IBM Portable Utilities for i due to multiple vulnerabilities, which you can find out more about here. The issues can be fixed by applying PTFs to IBM i. IBM i 7.6, 7.5, 7.4, 7.3, and …
Read more
IBM i PTF Guide, Volume 27, Number 29

July 28, 2025 Doug Bidwell

Welcome to the IBM i PTF Guide. This week, we start out with two security vulnerabilities having to do with the WebSphere application server and an issue with the Java programming runtime.

Let’s start with the security issues.

First, we have Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a security bypass vulnerability (CVE-2024-56339), which you can find out more about at this link. The affected products are IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 and IBM WebSphere Application Server 9.0.

Second, we have PH67183: IBM WebSphere Liberty is affected by …
Read more
IBM i PTF Guide, Volume 27, Number 28

July 21, 2025 Doug Bidwell

We are still playing a “game of ketchup” after the Independence Day holiday in the United States. This week, we learn that IBM i Java Development Kit 11 64-bit VMs Fail with UnsatisfiedLinkError After IBM i Java Group PTF Apply. You can find out more about this issue at this link. The affected IBM i Java Group PTF levels are as follows:
- IBM i 7.6: N/A – Java 11 64 bit not available.
- IBM i 7.5: SF99955 level 15
- IBM i 7.4: SF99665 level 28
- IBM i 7.3: Not affected
As of July 9, IBM i JDK development is …
Read more

Doug Bidwell

Content archive

Recent Posts

Subscribe

Pages

Search