• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Samba Patch Caps Busy Year for IBM i Security

    December 4, 2019 Alex Woodie

    IBM last week patched a moderately severe security flaw in IBM i’s Samba implementation that could enable hackers to access data they really shouldn’t be able to access. The disclosure caps a rather busy second half of the year for security patches on IBM i that saw 26 emergency PTFs and Yum updates for Node.js, Python, the Apache HTTP Server, OpenSSL, ISC Bind, IBM Navigator, and even Db2 Mirror for IBM i.

    On November 26, IBM issued this security bulletin to let people know about the new flaw in the Samba client. The flaw could allow a hacker to not …

    Read more
  • Multiple Security Vulnerabilities Reported In IBM i

    April 30, 2018 Alex Woodie

    IBM this month revealed an array of security vulnerabilities across IBM i middleware components, including OpenSSL, DHCP, and Java products. Most of the flaws were given a “high severity” rating, and all of them have been patched.

    This week’s security fun starts with DHCP (Dynamic Host Configuration Protocol), which is used to automate the management and distribution of IP addresses within a network. According to the April 26 IBM security bulletin, IBM i 7.1, 7.2, and 7.3 are vulnerable to a pair of security vulnerabilities in the underlying DHCP protocol.

    The first DHCP flaw, which is identified as CVE-2018-5732 …

    Read more
  • IBM Patches ‘ROBOT’ Flaw in IBM i Crypto Library

    February 21, 2018 Alex Woodie

    IBM has issued patches to fix a serious security problem in the IBM Global Security Kit, or GSKit, a relatively obscure crypto package that implements SSL/TLS encryption algorithms across a variety of IBM products, including IBM i. An old flaw in the underlying RSA crypto algorithm that could let hackers decrypt data in a “side channel” attack has resurfaced under a new moniker: “ROBOT.”

    GSKit is an IBM toolkit that implements various encryption-related functions, including symmetric and asymmetric ciphers, random number generation, hashing algorithms, and encryption key management capabilities, for products that need over-the-wire encryption, including IBM i, Linux, and …

    Read more

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • POWERUp Brings IBM i Base Back Together in the Big Easy
  • New Nav for i Brings New Stuff to You
  • Why Infor’s IDF Is Important for Customer Innovation
  • Four Hundred Monitor, May 25
  • IBM i PTF Guide, Volume 24, Number 21
  • How Committed Is Big Blue To The IBM Cloud?
  • Immutable Copies Are Only As Good As Your Validation
  • Guru: IBM i *USRPRF Security
  • ERP Transitions Loom for SAP on IBM i Customers
  • Inflation Pumps Up Global IT Spending, Supply Chain Deflates It

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2022 IT Jungle