• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • IBM i PTF Guide, Volume 25, Number 47

    November 27, 2023 Doug Bidwell

    Happy Belated Thanksgiving, welcome back to work, and pass the turkey and cranberry sauce leftovers if you don’t mind.

    Speaking of leftovers, there are some new patches for IBM i 7.2, which were updated on November 14. You can check out SF99719 720 Group HIPER – level 237 at this link and SF99718 720 Group Security – level 126 at that link.

    There is also a security vulnerability you need to be aware of, specifically Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to the October 2023 …

    Read more
  • IBM i PTF Guide, Volume 25, Number 35

    September 11, 2023 Doug Bidwell

    We have been on hiatus for a few weeks, and there is a lot of stuff to catch up on. There are a slew of security vulnerabilities and a whole bunch of PTFs for the current releases of IBM i that you need to deal with. Let’s start with the security issues.

    First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to denial of service, availability, integrity, and confidentiality impacts due to multiple vulnerabilities, which you can find out more about at this link. Here are the PTFs for this vulnerability: …

    Read more
  • IBM i PTF Guide, Volume 25, Number 34

    August 21, 2023 Doug Bidwell

    It is still summer, and the big news again this week in PTF Land is a security vulnerability. This time the hole is in the WebSphere Liberty middleware from Big Blue. See Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a denial of service (CVE-2023-38737), which you can find out more about at this link. IBM WebSphere Application Server Liberty versions 22.0.0.13 through 23.0.0.7 are affected.

    Here is the rundown of PTF Groups by IBM i release level since we last published:

    PTF Groups 7.5:

    • HIPERs (High Impact/Pervasive)
    • Security
    • Java
    • IBM HTTP Server for i
    • SAP support
    …

    Read more
  • IBM i PTF Guide, Volume 25, Number 30

    July 24, 2023 Doug Bidwell

    The security vulnerabilities in the IBM i software stack are coming in waves. This week, there are three more to report, two of which we detail separately in this issue.

    First, we have Security Bulletin: IBM Facsimile Support for i is vulnerable to local privilege escalation (CVE-2023-30988), which you can find out more about here. The issue can be fixed by applying a PTF to IBM i.  IBM i releases 7.5, 7.4, 7.3, and 7.2 installed with 5798-FAX version V5R8M0 will be fixed. IBM i Release, 5798-FAX,V5R8M0 PTF Number SI83583 for 7.5, 7.4, 7.3, 7.2 – read the cover …

    Read more
  • IBM i PTF Guide, Volume 25, Number 23

    June 7, 2023 Doug Bidwell

    It’s a little more quiet in this issue of the IBM i PTF Guide than it was last time, which is a good thing and which ran on Monday. We will start off with two more security vulnerabilities, one with Rational Developer for i and the other for the WebSphere Application Server Liberty edition.

    First, we have Security Bulletin: IBM Rational Developer for i is vulnerable to attacker obtaining sensitive information due to Java string processing in IBM Toolbox for Java (CVE-2022-43928), which you can find out more about here. Here are the affected releases:

    Affected Product(s)				Version(s)
    IBM 
    …

    Read more
  • IBM i PTF Guide, Volume 25, Number 19

    May 8, 2023 Doug Bidwell

    There are new cumulative updates this week, and a couple of security vulnerabilities that you need to be aware of, which we cover along with the normal PTF updates and defective PTF rundown that we do every week. Let’s start, as we often do, with the vulnerabilities.

    First, we have Security Bulletin: IBM WebSphere Application Server Liberty for IBM i. which is vulnerable to a server-side request forgery, a denial of service, an attacker obtaining sensitive information, and gaining elevated privileges due to multiple vulnerabilities. You can find out more about at this link. The issues can be fixed …

    Read more
  • IBM i PTF Guide, Volume 25, Number 17

    April 24, 2023 Doug Bidwell

    There are a lot of PTFs that you need to be aware of this week, but before we get into them, there are two security vulnerabilities, one affecting the IBM i platform’s integrated Apache Web server and the other affecting the combination of IBM i Access Client Solutions combined with the IBM Toolbox for Java. Let’s get into the security bulletins to start.

    First, we have Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to HTTP response splitting and denial of service attacks (CVE-2022-37436, CVE-2006-20001), which you can find out more about at this link …

    Read more
  • IBM i PTF Guide, Volume 25, Number 7

    February 13, 2023 Doug Bidwell

    This week brought more security vulnerabilities in the airspace above us, and also around the world with weird sightings in the United States, Canada, China, and Russia. Now we have security vulnerabilities in open source code that is part of the IBM i stack.

    First, we have a Security Bulletin. IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to bypassing security restrictions, denial of service attacks, and data integrity impacts due to multiple vulnerabilities, which you can find out more about at this link. There are fixes as shown below by IBM i release and …

    Read more
  • IBM i PTF Guide, Volume 24, Number 49

    December 7, 2022 Doug Bidwell

    It is another one of those weeks when there are a slew of security vulnerabilities to attend to. Four that we know of, to be precise.

    First, there is Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Google protobuf-java (CVE-2022-3171, CVE-2022-3509), which you can read more about at this link. This vulnerability affects IBM WebSphere Application Server Liberty versions 21.0.0.2 through 22.0.0.12.

    Second, there is Security Bulletin: ISC BIND on IBM i is vulnerable to denial of service due to memory leaks and a flaw in resolver code (CVE-2022-2795, CVE-2022-38177, CVE-2022-38178), …

    Read more
  • IBM i PTF Guide, Volume 24, Number 47

    November 28, 2022 Doug Bidwell

    It is a busy, busy week for the IBM i PTF Guide, folks. So get some coffee. There are a bunch of security vulnerabilities that you need to take a look at, and there are also some recommended fixes that are not included in either the PTF groups or the cumulative PTF updates.

    First, there is Security Bulletin: IBM Transform Services for IBM i is vulnerable to denial of service, buffer overflow, and allowing attacker to obtain sensitive information due to multiple vulnerabilities, which you can read more about at this link. The fixes for this vulnerability can …

    Read more

Previous Articles Next Articles

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • Public Preview For Watson Code Assistant for i Available Soon
  • COMMON Youth Movement Continues at POWERUp 2025
  • IBM Preserves Memory Investments Across Power10 And Power11
  • Eradani Uses AI For New EDI And API Service
  • Picking Apart IBM’s $150 Billion In US Manufacturing And R&D
  • FAX/400 And CICS For i Are Dead. What Will IBM Kill Next?
  • Fresche Overhauls X-Analysis With Web UI, AI Smarts
  • Is It Time To Add The Rust Programming Language To IBM i?
  • Is IBM Going To Raise Prices On Power10 Expert Care?
  • IBM i PTF Guide, Volume 27, Number 20

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2025 IT Jungle