• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • IBM i PTF Guide, Volume 24, Number 16

    April 20, 2022 Doug Bidwell

    It is a new week, and there are two new security vulnerabilities in the IBM i platform. First, there is Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to spoofing and clickjacking attacks due to swagger-ui (CVE-2018-25031, CVE-2021-46708), which you can read more about here. The IBM i PTF numbers containing the fix for the CVEs:

    IBM i Release      5770-SS1 PTF Number      PTF Download Link

    7.4                          SI78971                                https://www.ibm.com/support/pages/ptf/SI78971

    7.3                          SI78972                                https://www.ibm.com/support/pages/ptf/SI78972

    7.2                          SI78973                                https://www.ibm.com/support/pages/ptf/SI78973

    Then there is Security Bulletin: OpenSSL for IBM i is vulnerable to a denial of service due to a flaw in …

    Read more
  • IBM i PTF Guide, Volume 24, Number 14

    April 6, 2022 Doug Bidwell

    Get your PTF patching fingers ready to roll across the keyboard because there are some new security vulnerabilities in the IBM i platform. First up, Security Bulletin: IBM Db2 Web Query for i is vulnerable to denial of service in Apache Commons Compress (CVE-2021-36090), arbitrary code execution in Apache Log4j (CVE-2021-44832), and cross-site scripting in TIBCO WebFOCUS (CVE-2021-35493), which you can learn about here.

    Release 2.2.0 can be fixed by upgrading to release 2.2.1 or 2.3.0, depending on your IBM i release level:

    • IBM i 7.4: Upgrade to Db2 Web Query for i 2.3.0
    • IBM i 7.3: Upgrade to
    …

    Read more
  • Log4j Hits Heritage Version of Navigator for i – No Patch Coming

    January 12, 2022 Alex Woodie

    IBM i shops running the old version of the Navigator for i client should be aware that the software is vulnerable to the Log4j security vulnerability, and there will be no patch to fix it, IBM says in a new security bulletin. There will, however, be fixes coming to other vulnerable components, including IWS, IAS, and IBM i Access Client Solutions (ACS), IBM says.

    Just before we hit the holiday break, the extremely severe Apache Log4j security vulnerability was disclosed to the world, resulting in a frantic effort to patch servers, desktops, refrigerators – just about anything with a …

    Read more
  • IBM i PTF Guide, Volume 24, Number 1

    January 10, 2022 Doug Bidwell

    While we were away on holiday, the Log4J and Log4Shell vulnerabilities hit the enterprise systems of the world, including the IBM i platform. So right off the bat here with the first edition of The IBM i PTF Guide in 2022, we want to point you to Big Blue’s Log4j/Log4Shell on IBM i update, which will help you figure out if you are vulnerable. See more at this link.

    Here are the Security Bulletins for this:

    Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) affects Power HMC V9

    Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) affects Power HMC V8

    Security …

    Read more
  • IBM i PTF Guide, Volume 23, Number 13

    March 31, 2021 Doug Bidwell

    There is a lot of stuff going on this week. First, there are patches for Db2 Web Query, but only for IBM i 7.3 and IBM i 7.4, and we have to wonder if this will eventually be backported to IBM i 7.2 and maybe even IBM i 7.1 given that release has been given extended extended support and is not available on Power9 in limited form in logical partitions.

    There are also three security issues affecting the IBM i platform, as follows:

    • Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i is affected by CVE-2020-14803 and
    …

    Read more
  • IBM Adds Deals And Tools To Cloudy Power Service

    May 18, 2020 Timothy Prickett Morgan

    In February last year, Big Blue surprised many of us by announcing that it was putting Power8 and Power9 systems onto the IBM Cloud and offering up true cloud capacity, with utility pricing, for the capacity on Power S922 entry and Power E880 high-end servers. We did a detailed analysis of the Power Systems Virtual Server for IBM Cloud offering here, and talked about the pricing for compute, storage, and networking for the service there. The offering was first available in June of last year, and subsequently the Power E980 has been added to the mix.

    Now, we …

    Read more
  • What’s New With Db2 Web Query?

    May 11, 2020 Alex Woodie

    Db2 Web Query, which is IBM’s strategic business intelligence tool for IBM i, doesn’t follow the same release cycle as the operating system itself. But as part of activity surrounding the latest round of Technology Refreshes (TR) for IBM i 7.3 and 7.4, IBM discussed the recent updates that it’s made to Db2 Web Query, along with new features that are due very soon.

    To get the lowdown on the new Db2 Web Query features, we tuned into a recent presentation made by Doug Mack, IBM’s Db2 Web Query product manager. Mack presented a session with Db2 for i …

    Read more

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • DRV Brings More Automation to IBM i Message Monitoring
  • Managed Cloud Saves Money By Cutting System And People Overprovisioning
  • Multiple Security Vulnerabilities Patched on IBM i
  • Four Hundred Monitor, June 22
  • IBM i PTF Guide, Volume 24, Number 25
  • Plotting A Middle Age Career Change To IBM i
  • What Is Code Transformation Even?
  • Guru: The CALL I’ve Been Waiting For
  • A Frank Solstice
  • The Inevitable Wave Of Power9 Withdrawals Begins

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2022 IT Jungle