IBM i PTF Guide Archives - Page 4 of 24

IBM i PTF Guide, Volume 26, Number 30

August 7, 2024 Doug Bidwell

Sometimes, you have to work really hard to try to figure out if you are going to have to do a lot of patching on the systems this week – and then you find out, to your pleasant surprise, that the hardest work you had to do was to find out that you really didn’t have to worry about much. Such is this week.

Basically, there are just new defective PTFs this week and that is about it.

Here is the rundown of PTF Groups by IBM i release level since we last published:

PTF Groups 7.5:
- None
PTF Groups …
Read more
IBM i PTF Guide, Volume 26, Number 29

August 5, 2024 Doug Bidwell

We know that you were just getting comfortable with a relatively easy summer, CrowdStrike crash excepted if you are one of its customers, and so we have a few security vulnerabilities and PTF patches you need to cope with this week.

First, we have Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to HTTP response splitting attacks [CVE-2023-38709, CVE-2024-24795], which you can find out more about at this link. The fixes for this issue, by IBM i release, are as follows:
```
IBM i Release	5770-DG1	PTF Number
7.5			SJ01350
			SJ01401	
7.4			SJ01349
			SJ01400
7.3			
```
…
Read more
IBM i PTF Guide, Volume 26, Number 28

July 22, 2024 Doug Bidwell

Welcome to this week, which is a very, very quiet week, even for the IBM i PTF Guide. Like, hardly anything at all is happening. There are a few little things, which we will now point out.

Here is the rundown of PTF Groups by IBM i release level since we last published:

PTF Groups 7.5:
- Fix list for IBM WebSphere Application Server Liberty
- MustGather: How To Obtain and Install QMGTOOLS
PTF Groups 7.4:
- Fix list for IBM WebSphere Application Server Liberty
- MustGather: How To Obtain and Install QMGTOOLS
PTF Groups 7.3:
- Fix list for IBM WebSphere Application Server
…
Read more
Fans Revving Like Crazy On Your Power10? Check The Firmware

July 15, 2024 Timothy Prickett Morgan

It doesn’t happen very often, but sometimes a patch to firmware for Power Systems is defective, and when it does happen, we like to point it out.

Defective PTFs happen fairly regularly with IBM i, as defective patches happen for other operating systems. Sometimes the effects of defective PTF patches are dramatic, sometimes they are just weird. Sometimes they are in between.

Both IBM i 7.4 and IBM i 7.5 have a defective patch in the firmware for Power10 systems, and to be super precise it affects machine types 9105-22A (Power S1022), 9105-22B (Power S1022s), 9105-41B (Power S1014), 9105-42A (Power …
Read more
IBM i PTF Guide, Volume 26, Number 27

July 15, 2024 Doug Bidwell

Get your PTF patching fingers all cracked and stretched because you will be doing some typing this week. There are a three security issues you need to cope with and a slew of patches that run the gamut of subsystems on the platform. As usual, let’s start with the security vulnerabilities.

First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to a denial of service and bypassing security restrictions due to multiple vulnerabilities, which you can find out more about here. The patches for this issue, by IBM i release level, …
Read more
IBM i PTF Guide, Volume 26, Number 26

July 10, 2024 Doug Bidwell

After a pretty busy few weeks, you are getting a bit of a break, with only one security vulnerability this week. You can read about it in Security Bulletin: IBM Managed System Services for i and IBM System Management for i are vulnerable to a local user gaining elevated privilege due to unqualified library calls (CVE-2024-38330), with details at this link.

The IBM i PTF numbers for 5770-MG1 and 5770-SM1 contain the fixes for the vulnerability, as follows:
```
IBM i Release	5770-MG1	PTF Number
7.4			SJ01170
7.3			SJ01174
7.2			SJ01175
	5770-SM1	PTF Number
7.4			SJ01325
7.3			SJ01324
7.2			SJ01323
```
…
Read more
IBM i PTF Guide, Volume 26, Numbers 24 And 25

July 8, 2024 Doug Bidwell

It is Ketchup Week here at the IBM i PTF Guide, and not just because of all of the hot dogs, hamburgers, and French American fries being consumed for the Independence Day holiday here in the United States of America.

The Four Hundred has been publishing on a lighter schedule than usual, as sometimes happens during the summer months as people get some downtime, and we are catching you up on the PTFs for the IBM i stack, converging two issues of The Guide into a single one so we can get back to lock stepping it in Monday’s …
Read more
IBM i PTF Guide, Volume 26, Number 23

June 24, 2024 Doug Bidwell

This week, there is only one security vulnerability in the IBM i stack, but there are a slew of PTF updates for the currently supported releases of the IBM i operating system.

So to start with, there is Security Bulletin: IBM Rational Developer for i is vulnerable to leaked credentials due to a flaw in follow-redirects (CVE-2024-28849), which you can find out more about at this link. The issue affects IBM Rational Developer for i 9.8.0.0 through 9.8.0.1, and the issue can be fixed by installing fixpack 9.8.0.2.

Here is the rundown of PTF Groups by IBM i release …
Read more
IBM i PTF Guide, Volume 26, Number 21

June 10, 2024 Doug Bidwell

Once again, here is a reminder that a big change has come to patching IBM i systems. IBM i APAR and PTF records have migrated to Known Issues records and Fix Information records to be consistent with other IBM patching systems for other platforms and software. So read up on it at this link.

We also have one new security vulnerability that you need to be aware of since we last published the IBM i PTF Guide. The vulnerability is outlined in Security Bulletin: Denial of service vulnerabilities in Node.js affects IBM Rational Developer for i RPG and …
Read more
IBM i PTF Guide, Volume 26, Number 20

June 3, 2024 Doug Bidwell

Here is something you need to be aware of: IBM i APAR and PTF records have migrated to Known Issues records and Fix Information records to be consistent with other IBM patching systems for other platforms and software. So read up on it at this link here.

And, as often happens, we also have three new security vulnerabilities to cope with.

First, we have Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to an XML External Entity (XXE) injection vulnerability (CVE-2024-22354), which you can find out more about here. Here are the …
Read more

Previous Articles Next Articles

Content archive

Recent Posts

Subscribe

Pages

Search