Db2 Web Query for i Archives

IBM i PTF Guide, Volume 24, Number 16

April 20, 2022 Doug Bidwell

It is a new week, and there are two new security vulnerabilities in the IBM i platform. First, there is Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to spoofing and clickjacking attacks due to swagger-ui (CVE-2018-25031, CVE-2021-46708), which you can read more about here. The IBM i PTF numbers containing the fix for the CVEs:

IBM i Release      5770-SS1 PTF Number      PTF Download Link

7.4                          SI78971                                https://www.ibm.com/support/pages/ptf/SI78971

7.3                          SI78972                                https://www.ibm.com/support/pages/ptf/SI78972

7.2                          SI78973                                https://www.ibm.com/support/pages/ptf/SI78973

Then there is Security Bulletin: OpenSSL for IBM i is vulnerable to a denial of service due to a flaw in …
Read more
IBM i PTF Guide, Volume 24, Number 14

April 6, 2022 Doug Bidwell

Get your PTF patching fingers ready to roll across the keyboard because there are some new security vulnerabilities in the IBM i platform. First up, Security Bulletin: IBM Db2 Web Query for i is vulnerable to denial of service in Apache Commons Compress (CVE-2021-36090), arbitrary code execution in Apache Log4j (CVE-2021-44832), and cross-site scripting in TIBCO WebFOCUS (CVE-2021-35493), which you can learn about here.

Release 2.2.0 can be fixed by upgrading to release 2.2.1 or 2.3.0, depending on your IBM i release level:
- IBM i 7.4: Upgrade to Db2 Web Query for i 2.3.0
- IBM i 7.3: Upgrade to
…
Read more
Log4j Hits Heritage Version of Navigator for i – No Patch Coming

January 12, 2022 Alex Woodie

IBM i shops running the old version of the Navigator for i client should be aware that the software is vulnerable to the Log4j security vulnerability, and there will be no patch to fix it, IBM says in a new security bulletin. There will, however, be fixes coming to other vulnerable components, including IWS, IAS, and IBM i Access Client Solutions (ACS), IBM says.

Just before we hit the holiday break, the extremely severe Apache Log4j security vulnerability was disclosed to the world, resulting in a frantic effort to patch servers, desktops, refrigerators – just about anything with a …
Read more
IBM i PTF Guide, Volume 24, Number 1

January 10, 2022 Doug Bidwell

While we were away on holiday, the Log4J and Log4Shell vulnerabilities hit the enterprise systems of the world, including the IBM i platform. So right off the bat here with the first edition of The IBM i PTF Guide in 2022, we want to point you to Big Blue’s Log4j/Log4Shell on IBM i update, which will help you figure out if you are vulnerable. See more at this link.

Here are the Security Bulletins for this:

Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) affects Power HMC V9

Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) affects Power HMC V8

Security …
Read more
IBM i PTF Guide, Volume 23, Number 13

March 31, 2021 Doug Bidwell

There is a lot of stuff going on this week. First, there are patches for Db2 Web Query, but only for IBM i 7.3 and IBM i 7.4, and we have to wonder if this will eventually be backported to IBM i 7.2 and maybe even IBM i 7.1 given that release has been given extended extended support and is not available on Power9 in limited form in logical partitions.

There are also three security issues affecting the IBM i platform, as follows:
- Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i is affected by CVE-2020-14803 and
…
Read more
IBM Adds Deals And Tools To Cloudy Power Service

May 18, 2020 Timothy Prickett Morgan

In February last year, Big Blue surprised many of us by announcing that it was putting Power8 and Power9 systems onto the IBM Cloud and offering up true cloud capacity, with utility pricing, for the capacity on Power S922 entry and Power E880 high-end servers. We did a detailed analysis of the Power Systems Virtual Server for IBM Cloud offering here, and talked about the pricing for compute, storage, and networking for the service there. The offering was first available in June of last year, and subsequently the Power E980 has been added to the mix.

Now, we …
Read more
What’s New With Db2 Web Query?

May 11, 2020 Alex Woodie

Db2 Web Query, which is IBM’s strategic business intelligence tool for IBM i, doesn’t follow the same release cycle as the operating system itself. But as part of activity surrounding the latest round of Technology Refreshes (TR) for IBM i 7.3 and 7.4, IBM discussed the recent updates that it’s made to Db2 Web Query, along with new features that are due very soon.

To get the lowdown on the new Db2 Web Query features, we tuned into a recent presentation made by Doug Mack, IBM’s Db2 Web Query product manager. Mack presented a session with Db2 for i …
Read more

Content archive

Recent Posts

Subscribe

Pages

Search

IBM i PTF Guide, Volume 24, Number 16

IBM i PTF Guide, Volume 24, Number 14

Log4j Hits Heritage Version of Navigator for i – No Patch Coming

IBM i PTF Guide, Volume 24, Number 1

IBM i PTF Guide, Volume 23, Number 13

IBM Adds Deals And Tools To Cloudy Power Service

What’s New With Db2 Web Query?

Content archive

Recent Posts

Subscribe

Pages

Search