Doug Bidwell
-
IBM i PTF Guide, Volume 25, Number 50
December 11, 2023 Doug Bidwell
Well, there are two new security vulnerabilities in the IBM i stack, as we report elsewhere in this issue of The Four Hundred. And there is also an update to the System Planning Tool. Let’s do the latter first and the former last.
The System Planning Tool, version 6.23.340, is now available for download at this link. The System Planning Tool is used by customers and business partners to build valid system configurations for Power Systems machines and their software stacks. You can look at the release notes for various SPT generations here.
Now on to the …
Read more -
IBM i PTF Guide, Volume 25, Number 49
December 6, 2023 Doug Bidwell
Welcome back to having to worry about security vulnerabilities and PTF patches. This week, there are two security vulnerabilities, a set of patches for IBM i 7.2, and HIPERS for IBM i 7.4 and IBM i 7.5 – among other things. Let’s do the vulnerabilities to start.
First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to a remote attacker causing integrity impacts due to the libraries component (CVE-2023-22049), which you can find out more about here. The IBM i PTF Group numbers contain the fix for the vulnerability. Future PTF …
Read more -
IBM i PTF Guide, Volume 25, Number 48
December 4, 2023 Doug Bidwell
It was the Thanksgiving holiday in the United States when we put together this issue of the IBM i PTF Guide, and you can be thankful that not much was going on. If we know one thing, we know that it will not stay that way. In the meantime, there are a few things to take a look at. We will see how the rest of the year plays out.
Here is the rundown of PTF Groups by IBM i release level since we last published:
PTF Groups 7.5:
- Nothing
PTF Groups 7.4:
- Nothing
PTF Groups 7.3:
- Nothing
Tip …
Read more -
IBM i PTF Guide, Volume 25, Number 47
November 27, 2023 Doug Bidwell
Happy Belated Thanksgiving, welcome back to work, and pass the turkey and cranberry sauce leftovers if you don’t mind.
Speaking of leftovers, there are some new patches for IBM i 7.2, which were updated on November 14. You can check out SF99719 720 Group HIPER – level 237 at this link and SF99718 720 Group Security – level 126 at that link.
There is also a security vulnerability you need to be aware of, specifically Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to the October 2023 …
Read more -
IBM i PTF Guide, Volume 25, Number 46
November 13, 2023 Doug Bidwell
There’s a bunch of stuff going on this week in IBM i PTF Land. So let’s just get to it.
First, we have a security vulnerability, which you can find out more about in Security Bulletin: IBM i is vulnerable due to a flaw in Samba which could allow an attacker to bypass security restrictions (CVE-2023-4091), located at this link. The issues can be fixed by applying a PTF to IBM i. IBM i releases 7.4, 7.3, and 7.2 will be fixed. The IBM i PTF number for 5770-SS1 contains the fix for the vulnerability.
IBM i Release 5770-SS1
… Read more -
IBM i PTF Guide, Volume 25, Number 45
November 6, 2023 Doug Bidwell
What is new this week, you ask? Well, in IBM i PTF Land, there is a PTF patch for IBM i 7.2 – yeah, you heard that right – that was released on Halloween day and that addresses a security vulnerability that was made public on October 6 (CVE-2023-40377) relating to IBM Backup, Recovery & Media Services for i. Because of this flaw, the IBM i stack is vulnerable to a local privilege escalation, which is not a good thing.
The security vulnerability patch is being made available even though IBM i 7.2 was taken off regular Software Maintenance on …
Read more -
IBM i PTF Guide, Volume 25, Number 44
October 30, 2023 Doug Bidwell
Last week was busy, and this week is quiet when it comes to PTFs. With the release of Technology Refreshes coming out starting to roll out next week, this stands to reason.
Now, a note about the ESS Outage. Due to extensive infrastructure upgrades, the ESS website and all of its components, including Base Composer and Cloud Management Console functions, will be fully unavailable from November 3, 2023, at 11 a.m. UTC until November 6, 2023, at 3 a.m. UTC.
Now, there is also a security vulnerability, which you can read about in Security Bulletin: IBM i is vulnerable to …
Read more -
IBM i PTF Guide, Volume 25, Number 43
October 23, 2023 Doug Bidwell
Busy, busy, busy. That is what the good people at IBM Rochester have been in the past week, with a slew of PTFs for the currently supported releases – that is IBM i 7.5 and IBM i 7.4 that are on standard support and IBM i 7.3 that just went into extended support at the end of September, a trio of security vulnerabilities in the IBM i stack, and two group PTFs for the IBM i 7.2 release that is supposed to be kaput.
Let’s start with the security vulnerabilities.
First, we have Security Bulletin: IBM i is vulnerable to …
Read more -
IBM i PTF Guide, Volume 25, Number 42
October 16, 2023 Doug Bidwell
Welcome back to work this week. IBM i 7.2 has two new PTF groups even though it has been in extended support from Big Blue since April 30, 2021. The IBM i 7.2 release is still on extended support until April 30, 2024, which is why the security and HIPER group PTFs have been updated for this release. Specifically, that is:
- SF99718 720 Group Security – level 124, which you can find out more about here.
- SF99719 720 Group HIPER – level 235, which you can find out more about there.
As we reported last week in The …
Read more -
IBM i PTF Guide, Volume 25, Number 41
October 9, 2023 Doug Bidwell
Here is something interesting. There is a new cume for IBM i 7.3, just after it goes out of standard support and is now on extended support. For years, we have been after IBM to put a cume out when it stops supporting a release, kind of a summation at end of life. This is the first time Big Blue has managed to do that.
It is likely a coincidence, but it should have always been policy. It is difficult to round up docs and PTFs for an end of life product two years after the fact. Having a stake …
Read more