Doug Bidwell
-
IBM i PTF Guide, Volume 24, Number 44
October 31, 2022 Doug Bidwell
Remember all of those quiet weeks in PTF Land when nothing much was going on? There is a whole bunch of stuff this week.
First, starting October 26, IBM has enabled multi-factor authentication (MFA) for all its websites using IBMid. As a user on the Entitled Systems Support website, you are using IBMid to login, so you are impacted by the change. When you first login after the change is implemented, you will be asked to add an additional authentication method – either a code sent to your email or a supported mobile authenticator app available on Google Play Store …
Read more -
IBM i PTF Guide, Volume 24, Number 43
October 24, 2022 Doug Bidwell
We are happy to report that there are no new security vulnerabilities in the IBM i stack and related open-source software this week – at least as far as we know. So, rejoice in that. There are a bunch of HIPER PTFs and fixes for Java that span the current IBM i releases on support and extended support, so be aware of those.
And just a reminder to keep checking out The Four Hundred in each issue as we drill down into new details related to the Tech Refreshes announced this month, and that are coming in December.
Now, here …
Read more -
IBM i PTF Guide, Volume 24, Number 42
October 17, 2022 Doug Bidwell
The hot news this week, which we have reported about previously and which we will be drilling down into more deeply, is that the Fall 2022 Tech Refresh updates for IBM i have been announced and will be generally available on December 2. The theme from IBM is “Let’s create a new level of integrated simplicity,” and you can see more about IBM i 7.5 Technology Refresh 1 at this link and more about IBM i 7.4 Technology Refresh 7 at that link.
Keep checking out The Four Hundred as we drill down into new details related to the …
Read more -
IBM i PTF Guide, Volume 24, Number 41
October 10, 2022 Doug Bidwell
Just a reminder in case you didn’t see it last week: End of Marketing for IBM i 7.3 is 4/28/23 and end of standard support for IBM i 7.3 is 9/30/23. You can read IBM’s support statement about it here and you can see our related coverage on it there.
Also: QMGTOOLS and FTP Credentials required for Enhanced Customer Data Repository (ECuRep), find out more at this link.
Now, here is the rundown of PTF Groups by IBM i release level since we last published:
PTF Groups 7.5:
- HIPERs (High Impact/Pervasive)
- Security
- MustGather: How To Obtain and Install
-
IBM i PTF Guide, Volume 24, Number 40
October 3, 2022 Doug Bidwell
It’s the fall now, and in the wake of the September IBM i announcements, upgrade season has begun. Now, we will see if companies are in a mood to upgrade before the end of the year or will push it out into 2023.
This week, we want to let you know that QMGTOOLS and FTP Credentials required for Enhanced Customer Data Repository (ECuRep), which you can find out more about here.
Now, here is the rundown of PTF Groups by IBM i release level since we last published:
PTF Groups 7.5:
- IBM MQ for IBM i – v9.2.0/v9.3.0
- TCP/IP
-
IBM i PTF Guide, Volume 24, Number 39
September 26, 2022 Doug Bidwell
Another week, another security vulnerability. This one could be a biggie, so pay attention. Security Bulletin: IBM Common Cryptographic Architecture (CCA) is vulnerable to denial of service (CVE-2022-22423), which you can find out more about here. The vulnerability can be fixed by applying a PTF to IBM i. Releases 7.5, 7.4, 7.3, and 7.2 of IBM i will be fixed. Each PTF bundles updates to CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769, bringing their respective firmware levels to 5.7.12 and 7.3.44 or later, respectively.
Here are the fixes for this particular vulnerability:
IBM i release
… Read more -
IBM i PTF Guide, Volume 24, Number 38
September 19, 2022 Doug Bidwell
It is a quiet week for PTFs, with two security vulnerabilities for the IBM i platform and not much else.
We will start with Security Bulletin: Samba for IBM i is vulnerable to attacker obtaining sensitive information due to a memory leak with SMB1 requests (CVE-2022-32742), which you can find out more about at this link. Here are the fixes:
IBM i Release 5770-SS1 PTF Number 7.4 SI80816 7.3 SI80815And then there is Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to identity spoofing with authenticated user and ability to bypass security restrictions due …
Read more -
IBM i PTF Guide, Volume 24, Number 37
September 14, 2022 Doug Bidwell
Some weeks are loud and noisy, like cats fighting, when it comes to IBM i PTFs, and some weeks are quiet, like mice trying to avoid the notice of the cats. This week is one of those quiet ones, albeit still with High Impact/Pervasive patches and Security patches for all four current IBM i releases.
Here is the rundown of PTF Groups by IBM i release level since we last published:
PTF Groups 7.5:
- HIPERs (High Impact/Pervasive)
- Security
- MustGather: How To Obtain and Install QMGTOOLS
PTF Groups 7.4:
- HIPERs (High Impact/Pervasive)
- Security
- MustGather: How To Obtain and Install QMGTOOLS
PTF …
Read more -
IBM i PTF Guide, Volume 24, Number 36
September 12, 2022 Doug Bidwell
Let’s get right into it. There are PDF transform issues with IBM i 7.5. This issue was encountered by our friends in San Diego: Thank you, Nancy, for sharing! They were receiving “Transformation task cancelled due to a print fidelity error” when converting from SCS to PDF. IBM issued the following PTFs to fix the issue:
PTF ID SI79773 5770SS1 SI79689 5770TS1 SI79684 5770TS1
Now, let’s turn to Security Bulletin: Vulnerability in IBM Java SDK affects IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to July 2022 CPU plus deferred CVE-2021-2163. You can see more at this …
Read more -
IBM i PTF Guide, Volume 24, Number 35
August 29, 2022 Doug Bidwell
Hello good people of IBM i Land. To start off, a reminder that the Memo To Users for supported releases were last updated April 2022. Clients should review the full “What’s New” details to understand recent changes and impact these may have. See the Links tab in the guide to access the Memo for your release, and, check periodically. these should be considered living documents, meaning, they evolve over time, and as such, read frequently!
Also, ADMIN2 is back at 7.5! IBM turned it off at earlier releases to mitigate the log4j vulnerability in those releases. At V7R5 GA, the …
Read more