• IBM i PTF Guide, Volume 26, Number 20

  June 3, 2024 Doug Bidwell

  Here is something you need to be aware of: IBM i APAR and PTF records have migrated to Known Issues records and Fix Information records to be consistent with other IBM patching systems for other platforms and software. So read up on it at this link here.

  And, as often happens, we also have three new security vulnerabilities to cope with.

  First, we have Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to an XML External Entity (XXE) injection vulnerability (CVE-2024-22354), which you can find out more about here. Here are the …

  Read more

• IBM i PTF Guide, Volume 26, Number 19

  May 20, 2024 Doug Bidwell

  You will need a little time to deal with some security vulnerabilities this week, so set aside some time. There is also a warning about infrastructure changes for electronic fixes from IBM and, for those of you who care, a new release of the IBM MQ message queuing middleware.

  You can find out about the new MQ 9.4, which delivers improved cross-platform connectivity, observability, and modernization capabilities, at this link. And  as for preparing customer firewalls and proxies for the upcoming infrastructure changes – Call Home, Electronic Fix Distribution – check out this link.

  That leaves the three …

  Read more

• IBM i PTF Guide, Volume 26, Number 18

  May 13, 2024 Doug Bidwell

  Well, this week is a little bit lighter when it comes to new security vulnerabilities in the IBM i stack, so that is a good way to start out the next five business days plus the extra that system admins often have to do because weekends are when it is safe to tweak systems.

  On the vulnerability front, we have Security Bulletin: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to an XML External Entity (XXE) injection vulnerability (CVE-2024-22354), which you can find out more about at this link. Here is the list of affected …

  Read more

• IBM i PTF Guide, Volume 26, Number 17

  May 6, 2024 Doug Bidwell

  Some of the links in the IBM i PTF Guide appear to be broken, but don’t worry about them. IBM is in the process of changing the format of the Cover page for IBM i patches and a few of the links are stuck in the middle. We will attempt to get them back in synch by the next issue. This is the effect of the latest in IBM’s efforts to make the web information for IBM less verbose and more accessible. Any comments on such, please share!

  And now, some security vulnerabilities for IBM. Four, to be precise.

  First, …

  Read more

• IBM i PTF Guide, Volume 26, Number 16

  April 22, 2024 Doug Bidwell

  It is an interesting time out there in PTF Land, so brace yourself. There are four security bulletins and two security warnings about potential denial of service vulnerabilities. Let’s do the security bulletins first and then the denial of service issues.

  First, we have Security Bulletin: IBM i Access Client Solutions is vulnerable to an infinite loop or out of memory error due to vulnerabilities in Apache Commons Compress, which you can find out more about at this link. The affected product(s) include IBM i Access Family versions 1.1.2 – 1.1.4, and versions 1.1.4.3 – 1.1.9.4. The issue can …

  Read more

• IBM i PTF Guide, Volume 26, Number 15

  April 15, 2024 Doug Bidwell

  Hey, this is interesting. We have no security vulnerabilities to report on this week for the IBM i platform. And this is also interesting. There is a new version of Access Client Solutions, called V1.1.9.5. We will be putting together a news story to talk about this, but in the meantime, we thought you should know that it is out. There ain’t a lot else going on, as you will see.

  Here is the rundown of PTF Groups by IBM i release level since we last published:

  PTF Groups 7.5:

  • IBM i Access Client Solutions V1.1.9.5
  • QMGTOOLS

  PTF Groups 7.4: …

  Read more

• IBM i PTF Guide, Volume 26, Number 13

  April 8, 2024 Doug Bidwell

  Three is the magic number, as we all know. This week, there is another trio of vulnerabilities in parts of the IBM i software stack. And all three currently supported IBM i releases all have a slew of group patches as well. Let’s start with the vulnerabilities because these are always important to know about and deal with.

  First, we have Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to cross-site scripting (CVE-2024-27270), which you can find out more about at this link. The affected products include IBM WebSphere Application Server Liberty, versions 23.0.0.3 through 24.0.0.3 – who …

  Read more

• IBM i PTF Guide, Volume 26, Number 12

  March 25, 2024 Doug Bidwell

  It’s a pretty quiet week in IBM i PTF Land, which is just want you want as Spring has sprung and we are getting ready for the Easter holiday coming next weekend. So, no security vulnerabilities to report this week, which is a good thing. There are some group PTFs for the current releases and we have added some new links to the IBM i PTF Guide spreadsheet as well.

  Here is the rundown of PTF Groups by IBM i release level since we last published:

  PTF Groups 7.5:

  • DB2 for IBM i
  • SAP support required PTF list for IBM

  …

  Read more

• IBM i PTF Guide, Volume 26, Number 8

  February 26, 2024 Doug Bidwell

  It is a rare week when there is not some sort of security bulletin that affects all of the major operating systems, and this week is not one of those rare weeks. There are three security vulnerabilities affecting the current IBM i releases as well as a group of security patches for the vintage IBM i 7.2 release. Let’s get started with the security vulnerabilities, as is our common practice.

  First, we have Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to January 2024 CPU, which you can …

  Read more

• IBM i PTF Guide, Volume 26, Number 7

  February 19, 2024 Doug Bidwell

  Aside from two new security vulnerabilities, it has been a pretty quiet week in IBM i PTF Land. There are some updates for the current releases of IBM i – that would be IBM i 7.4 and IBM i 7.5 that are both on standard support and IBM i 7.3 that is on extended support – and of course there are some new defective PTFs that Big Blue needs to make you aware of, as often happens because all modern platforms are complex and all of them sometimes have patches that have unintended consequences.

  Let’s start with the security issues, …

  Read more

Previous Articles Next Articles