IBM Db2 Mirror for i Archives - IT Jungle

IBM i PTF Guide, Volume 25, Number 17

April 24, 2023 Doug Bidwell

There are a lot of PTFs that you need to be aware of this week, but before we get into them, there are two security vulnerabilities, one affecting the IBM i platform’s integrated Apache Web server and the other affecting the combination of IBM i Access Client Solutions combined with the IBM Toolbox for Java. Let’s get into the security bulletins to start.

First, we have Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to HTTP response splitting and denial of service attacks (CVE-2022-37436, CVE-2006-20001), which you can find out more about at this link …
Read more
IBM i PTF Guide, Volume 24, Number 24

June 15, 2022 Doug Bidwell

If it seems like just about every week there is a security vulnerability within the broad and deep expanse of the IBM i platform, well it isn’t just seeming like that. It is like that. And this week we start out with four news ones that you have to contend with in the IBM i PTF Guide.

First, we have Security Bulletin: Due to use of Spring Framework, IBM Db2 Web Query for i is vulnerable to unprotected fields (CVE-2022-22968), remote code execution (CVE-2022-22965), and denial of service (CVE-2022-22950). Find out more about that at this link. Here …
Read more