• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • IBM i PTF Guide, Volume 27, Number 27

    July 14, 2025 Doug Bidwell

    If you are an ASNA shops, there is an important security update that the company wants you to be aware of. This is an important security notification regarding a vulnerability discovered in two ASNA Windows Services: ASNA Assist and ASNA Registrar. ASNA says that it has resolved this vulnerability with updated versions of all supported ASNA products. You can find out more about this issue at this link.

    Here is the rundown of PTF Groups by IBM i release level since we last published:

    PTF Groups 7.6:

    • None

    PTF Groups 7.5:

    • None

    PTF Groups 7.4:

    • None

    PTF Groups 7.3: …

    Read more
  • IBM i PTF Guide, Volume 27, Number 26

    July 8, 2025 Doug Bidwell

    Brace yourself because the IBM i platform has five security vulnerabilities that you have to analyze and cope with in this week’s issue of the IBM i PTF Guide.

    Let’s just jump right in and get to it.

    First, we have Security Bulletin: IBM WebSphere Application Server is affected by arbitrary code execution (CVE-2025-36038), about which you can find out more at this link. The affected software is IBM WebSphere Application Server 8.5 and 9.0.

    Second, there is Security Bulletin: IBM i is affected by a user gaining elevated privileges due to an unqualified library call vulnerability in …

    Read more
  • IBM i PTF Guide, Volume 27, Number 25

    June 23, 2025 Doug Bidwell

    Happy Monday, everyone. The IBM i stack is starting out your week with a security issue and two security vulnerabilities.

    First, we have PH65394, which is a notification that IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Apache CXF (CVE-2025-23184 CVSS 7.5). You can find out more about it at this link.

    Second, we have Security Bulletin: IBM i is affected by a user gaining elevated privileges due to an unqualified library call vulnerability in IBM Advanced Job Scheduler for i [CVE-2025-33122]. More information is available here. The PTF number to remediate …

    Read more
  • IBM i PTF Guide, Volume 27, Number 24

    June 16, 2025 Doug Bidwell

    The AS/400, under its many names, turns 37 this coming weekend, and let’s all raise a glass and celebrate this venerable and still relevant platform. Or, perhaps a cup of coffee or tea, depending on your mood.

    In the meantime, before you toast the IBM i, you have two security vulnerabilities to be aware of. First, there is Security Bulletin: This Power System update is being released to address CVE-2024-13176, which you can find out more about here. This affects the BMC’s HTTPS and SSH interfaces. The affected products and versions are as follows:

    • OPENBMC: FW1060.00 – FW1060.30
    • OPENBMC:
    …

    Read more
  • IBM i PTF Guide, Volume 27, Number 23

    June 9, 2025 Doug Bidwell

    It’s pretty quiet this week, which is good. We gave you a lot of stuff to do last week anyway, so now you can really get caught up.

    The important thing is a new security vulnerability, which is in Security Bulletin: IBM Rational Developer for i is affected by an unspecified Java runtime encryption vulnerability (CVE-2025-21587). You can find out more about this issue with RDi at this link. The affected releases include Rational Developer for i 9.8.0.0 through 9.8.0.4, and the recommended fix is to install the RDi 9.8.0.5 update.

    Here is the rundown of PTF Groups by …

    Read more
  • IBM i PTF Guide, Volume 27, Numbers 21 And 22

    June 2, 2025 Doug Bidwell

    It is once again “ketchup week” here at The Four Hundred thanks to the Memorial Day holiday last week in the United States, and that means you get two IBM i PTF Guides for the price of one this week.

    So let’s start with Volume 27 Number 21 dated May 24. There is a whole bunch of stuff to deal with.

    First, there is a flash alert: IBM i HTTP Server Validation List Authentication Suddenly Fails After IBM i HTTP Group PTF Apply. You can find out more about this here. IBM says: “If you have applied one of …

    Read more
  • IBM i PTF Guide, Volume 27, Number 20

    May 19, 2025 Doug Bidwell

    Brace yourselves, everyone. There are seven security vulnerabilities that you have to pay attention to this week for the IBM i platform. Remember, as security guru Carol Woodbury is fond of saying: the IBM i platform is not the most secure platform in the world, but the most securable platform in the world. You must be ever-vigilant and keep it secure by patching holes and killing bugs.

    So, without further fuss, let’s dive in and take them in order.

    One is Security Bulletin: IBM i is vulnerable to a machine-in-the-middle attack due to mishandling error codes when verifying the host …

    Read more
  • IBM i PTF Guide, Volume 27, Number 19

    May 12, 2025 Doug Bidwell

    Welcome to this week in IBM i Land. And we will start out by warning you to watch out for the defective PTFs listing this week.

    And now, to a security bulletin and a patches to fix it and a warning about a vulnerability that has not been patched.

    First the one that has been patched, which is in Security Bulletin: IBM i is vulnerable to an authentication and authorization attack due to incorrect validation processing in IBM i Netserver [CVE-2025-3218] and which you can see more about at this link. The IBM i PTF numbers for 5770-999 contain …

    Read more
  • IBM i PTF Guide, Volume 27, Number 18

    May 5, 2025 Doug Bidwell

    Welcome to May, and we start out with PH65941, a notice from Big Blue that IBM WebSphere Application Server is vulnerable to server-side request forgery (CVE-2025-27907 CVSS 4.1). You can check out this link for more details. IBM says that the fix for this APAR is set to be included with WebSphere Application Server 8.5.5.28 and 9.0.5.24. We are not sure when that will happen.

    Here is the rundown of PTF Groups by IBM i release level since we last published:

    PTF Groups 7.6:

    • HIPERs – High Impact Pervasive
    • Group Security
    • Performance Tools
    • IBM HTTP Server for i
    • Content
    …

    Read more
  • IBM i PTF Guide, Volume 27, Number 17

    April 28, 2025 Doug Bidwell

    Just a reminder that as part of the April 8 announcements, IBM Software Support content is changing to require entitlement check for software patches. See more at this link, but the gist of it is that IBM Software Support Troubleshooting, Question & Answer, and How To documents are changing to require entitlement. This means that you will be required to log on with an IBMid that has proper entitlement before viewing the entire document.

    Also this week, there is Security Bulletin: IBM WebSphere Application Server is vulnerable to server-side request forgery (CVE-2025-27907), which you can find out more about …

    Read more

Previous Articles

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • To Comfort The Afflicted And Afflict The Comfortable
  • How FalconStor Is Reinventing Itself, And Why IBM Noticed
  • Guru: When Procedure Driven RPG Really Works
  • Vendors Fill In The Gaps With IBM’s New MFA Solution
  • IBM i PTF Guide, Volume 27, Number 27
  • With Power11, Power Systems “Go To Eleven”
  • With Subscription Price, IBM i P20 And P30 Tiers Get Bigger Bundles
  • Izzi Buys CNX, Eyes Valence Port To System Z
  • IBM i Shops “Attacking” Security Concerns, Study Shows
  • IBM i PTF Guide, Volume 27, Number 26

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2025 IT Jungle